urlscan.io logo urlscan.io
SecurityTrails logo

organizer-taxpayer.safesendreturns.com Open in urlscan Pro
52.158.215.147  Public Scan

Go To Rescan Add Verdict Report
URL: https://organizer-taxpayer.safesendreturns.com/coverpage/index/5hthzl4hph2m325gt7el491a1gjhp000
Submission: On February 22 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 5 countries across 7 domains to perform 41 HTTP transactions. The main IP is 52.158.215.147, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is organizer-taxpayer.safesendreturns.com. The Cisco Umbrella rank of the primary domain is 330195.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 5th 2022. Valid for: a year.
This is the only time organizer-taxpayer.safesendreturns.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 52.158.215.147 8075 (MICROSOFT...)
1 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
14 104.87.133.81 16625 (AKAMAI-AS)
4 2a00:1450:400... 15169 (GOOGLE)
1 20.38.122.100 8075 (MICROSOFT...)
2 52.236.186.218 8075 (MICROSOFT...)
4 35.244.138.243 15169 (GOOGLE)
41 8
14    52.158.215.147 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
organizer-taxpayer.safesendreturns.com
1    2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
14    104.87.133.81 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-87-133-81.deploy.static.akamaitechnologies.com
cdn.walkme.com
4    2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    20.38.122.100 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ssrcontentstore.blob.core.windows.net
2    52.236.186.218 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
4    35.244.138.243 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 243.138.244.35.bc.googleusercontent.com
ec.walkme.com
Apex Domain
Subdomains		 Transfer
18 walkme.com
cdn.walkme.com — Cisco Umbrella Rank: 1461
ec.walkme.com — Cisco Umbrella Rank: 1614
555 KB
14 safesendreturns.com
organizer-taxpayer.safesendreturns.com — Cisco Umbrella Rank: 330195
10 MB
4 gstatic.com
fonts.gstatic.com
32 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 781
350 B
1 windows.net
ssrcontentstore.blob.core.windows.net — Cisco Umbrella Rank: 159557
4 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
2 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 854
12 KB
41 7
Domain Requested by
14 cdn.walkme.com organizer-taxpayer.safesendreturns.com
cdn.walkme.com
14 organizer-taxpayer.safesendreturns.com organizer-taxpayer.safesendreturns.com
4 ec.walkme.com
4 fonts.gstatic.com fonts.googleapis.com
2 dc.services.visualstudio.com
1 ssrcontentstore.blob.core.windows.net
1 fonts.googleapis.com organizer-taxpayer.safesendreturns.com
1 use.fontawesome.com organizer-taxpayer.safesendreturns.com
41 8

This site contains no links.

Subject Issuer Validity Valid
*.safesendreturns.com
Go Daddy Secure Certificate Authority - G2		 2022-10-05 -
2023-11-06		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
walkme.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-29 -
2024-01-31		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2022-12-20 -
2023-12-20		 a year crt.sh
in.applicationinsights.azure.com
Microsoft Azure TLS Issuing CA 05		 2023-02-04 -
2024-01-30		 a year crt.sh
*.walkme.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-11 -
2024-01-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://organizer-taxpayer.safesendreturns.com/coverpage/index/5hthzl4hph2m325gt7el491a1gjhp000
Frame ID: 4310E671E94DB2F77BF67C6BBA7E06AC
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SafesendReturns

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

100 %
HTTPS

38 %
IPv6

7
Domains

8
Subdomains

8
IPs

5
Countries

10992 kB
Transfer

41494 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 5hthzl4hph2m325gt7el491a1gjhp000
organizer-taxpayer.safesendreturns.com/coverpage/index/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://organizer-taxpayer.safesendreturns.com/coverpage/index/5hthzl4hph2m325gt7el491a1gjhp000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c716884ead55c39601e1fde41cbeef3153f45d2c15e5c63eaa4b059d5aa64c83
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 22 Feb 2023 19:18:03 GMT
Pragma
no-cache
Request-Context
appId=cid-v1:11cb01b4-8c3d-4265-b7df-86c268694b97
Server
Kestrel
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
all.css
use.fontawesome.com/releases/v5.6.3/css/ 		52 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by
Host: organizer-taxpayer.safesendreturns.com
URL: https://organizer-taxpayer.safesendreturns.com/coverpage/index/5hthzl4hph2m325gt7el491a1gjhp000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Referer
https://organizer-taxpayer.safesendreturns.com/
Origin
https://organizer-taxpayer.safesendreturns.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 19:18:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
2A2TMK9GQXNTZ30F
age
1594745
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
b20KhBaU4yjv13fg9fzWzjTGvfgPzh8R2xBy6O7UjYTXZFnPTGwj/89Ur2X/urI+qKWgeIrxzb8=
last-modified
Wed, 30 Jun 2021 15:44:33 GMT
server
cloudflare
etag
W/"dc93d584e41f8417f6b7163320d34329"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFuyqJBaY1J3QoCB5vFzZl5w0Qa7ST6jPZuLnicc3XSnp2%2FK7p1KTsWUj00B8HaabAVXVwVaTmPfmpaTmw1BezwXHwZVqSSpl3qbnU55eweL1Tym5atkSA%2FjqICeB74ETcd%2BUt5WFWvFNn8Th4Wzn6kK"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
79da10c268c0bbe3-FRA
css2
fonts.googleapis.com/ 		25 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=IBM+Plex+Mono:wght@400;700&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto&display=swap
Requested by
Host: organizer-taxpayer.safesendreturns.com
URL: https://organizer-taxpayer.safesendreturns.com/coverpage/index/5hthzl4hph2m325gt7el491a1gjhp000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5ee0924ebeb3c05ff1e8376d92297e56f75b97316a9d5e4c52fce8a0c98820a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://organizer-taxpayer.safesendreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 22 Feb 2023 19:18:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 22 Feb 2023 19:18:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Feb 2023 19:18:03 GMT
pdfviewer.css
organizer-taxpayer.safesendreturns.com/dist/assets/css/ 		516 KB
99 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://organizer-taxpayer.safesendreturns.com/dist/assets/css/pdfviewer.css?v=EjiE2MRrJ09vL7DS7KZDWJ6WFC64rMDWbku0xwZDkYg
Requested by
Host: organizer-taxpayer.safesendreturns.com
URL: https://organizer-taxpayer.safesendreturns.com/coverpage/index/5hthzl4hph2m325gt7el491a1gjhp000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
123884d8c46b274f6f2fb0d2eca643589e96142eb8acc0d66e4bb4c706439188

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://organizer-taxpayer.safesendreturns.com/coverpage/index/5hthzl4hph2m325gt7el491a1gjhp000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 19:18:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 06:44:34 GMT
Server
Kestrel
ETag
"1d946891fa4642c"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Request-Context
appId=cid-v1:11cb01b4-8c3d-4265-b7df-86c268694b97
vendor.css
organizer-taxpayer.safesendreturns.com/dist/ 		202 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://organizer-taxpayer.safesendreturns.com/dist/vendor.css?v=_6AJ3pnDQdRGqHfGUTpXeLP5wJPyGxaMj4w7X7eg-iE
Requested by
Host: organizer-taxpayer.safesendreturns.com
URL: https://organizer-taxpayer.safesendreturns.com/coverpage/index/5hthzl4hph2m325gt7el491a1gjhp000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
ffa009de99c341d446a877c6513a5778b3f9c093f21b168c8f8c3b5fb7a0fa21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://organizer-taxpayer.safesendreturns.com/coverpage/index/5hthzl4hph2m325gt7el491a1gjhp000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 19:18:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 06:44:34 GMT
Server
Kestrel
ETag
"1d946891faf5dd1"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Request-Context
appId=cid-v1:11cb01b4-8c3d-4265-b7df-86c268694b97
site.css
organizer-taxpayer.safesendreturns.com/dist/assets/css/ 		71 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://organizer-taxpayer.safesendreturns.com/dist/assets/css/site.css
Requested by
Host: organizer-taxpayer.safesendreturns.com
URL: https://organizer-taxpayer.safesendreturns.com/coverpage/index/5hthzl4hph2m325gt7el491a1gjhp000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
a57202f55d61264accc1d0a98458e0d43c9c971a3cdb8d6902113797b10b9d42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://organizer-taxpayer.safesendreturns.com/coverpage/index/5hthzl4hph2m325gt7el491a1gjhp000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 19:18:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 06:44:34 GMT
Server
Kestrel
ETag
"1d946891fad68bf"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Request-Context
appId=cid-v1:11cb01b4-8c3d-4265-b7df-86c268694b97
custom.css
organizer-taxpayer.safesendreturns.com/dist/assets/css/ 		41 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://organizer-taxpayer.safesendreturns.com/dist/assets/css/custom.css
Requested by
Host: organizer-taxpayer.safesendreturns.com
URL: https://organizer-taxpayer.safesendreturns.com/coverpage/index/5hthzl4hph2m325gt7el491a1gjhp000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
d57bfd35391038078ad2f65eb8e2843565cdc2ce81099f04a81d113d77068581

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://organizer-taxpayer.safesendreturns.com/coverpage/index/5hthzl4hph2m325gt7el491a1gjhp000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 19:18:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 06:44:34 GMT
Server
Kestrel
ETag
"1d946891facd021"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Request-Context
appId=cid-v1:11cb01b4-8c3d-4265-b7df-86c268694b97
screen-small-common.css
organizer-taxpayer.safesendreturns.com/dist/assets/css/responsive/ 		1 KB
858 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://organizer-taxpayer.safesendreturns.com/dist/assets/css/responsive/screen-small-common.css?v=B_4f5wydzW7c7yGYY9nd-DwzLwRLOq5441cjUViN6cc
Requested by
Host: organizer-taxpayer.safesendreturns.com
URL: https://organizer-taxpayer.safesendreturns.com/coverpage/index/5hthzl4hph2m325gt7el491a1gjhp000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
6b7f6369f7c9c787865c67140bb607cea7d82f17d9bf148cc4adc6c561b70afe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://organizer-taxpayer.safesendreturns.com/coverpage/index/5hthzl4hph2m325gt7el491a1gjhp000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 19:18:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 06:44:36 GMT
Server
Kestrel
ETag
"1d9468920dda6f6"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Request-Context
appId=cid-v1:11cb01b4-8c3d-4265-b7df-86c268694b97
screen-320.css
organizer-taxpayer.safesendreturns.com/dist/assets/css/responsive/ 		166 B
527 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://organizer-taxpayer.safesendreturns.com/dist/assets/css/responsive/screen-320.css?v=JJZJbZFxoPQWGGwedxAsuX7srjaX4FVFeW1SJFE9aXY
Requested by
Host: organizer-taxpayer.safesendreturns.com
URL: https://organizer-taxpayer.safesendreturns.com/coverpage/index/5hthzl4hph2m325gt7el491a1gjhp000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
879ac1f3108e52797583dcc49fd99885024d6a601370b5d0b22e9a44e6497923

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://organizer-taxpayer.safesendreturns.com/coverpage/index/5hthzl4hph2m325gt7el491a1gjhp000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 19:18:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 06:44:36 GMT
Server
Kestrel
ETag
"1d9468920dda2a6"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Request-Context
appId=cid-v1:11cb01b4-8c3d-4265-b7df-86c268694b97
screen-480.css
organizer-taxpayer.safesendreturns.com/dist/assets/css/responsive/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://organizer-taxpayer.safesendreturns.com/dist/assets/css/responsive/screen-480.css?v=n7I9l4YX6D-tLwZ2mEawOGse06HcZ9PkFKtUhqzCEQI
Requested by
Host: organizer-taxpayer.safesendreturns.com
URL: https://organizer-taxpayer.safesendreturns.com/coverpage/index/5hthzl4hph2m325gt7el491a1gjhp000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b4a0ecdbcefe9eb2d04a4b533d92dddc8caebad5a5f0c869fe0739bdbc03a908

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://organizer-taxpayer.safesendreturns.com/coverpage/index/5hthzl4hph2m325gt7el491a1gjhp000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 19:18:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 06:44:36 GMT
Server
Kestrel
ETag
"1d9468920ddaa6c"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Request-Context
appId=cid-v1:11cb01b4-8c3d-4265-b7df-86c268694b97
screen-768.css
organizer-taxpayer.safesendreturns.com/dist/assets/css/responsive/ 		1 KB
679 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://organizer-taxpayer.safesendreturns.com/dist/assets/css/responsive/screen-768.css?v=Yohbvi4iJBq7vxzOm6wF-YizHyd3_PUANODC8jNiHgg
Requested by
Host: organizer-taxpayer.safesendreturns.com
URL: https://organizer-taxpayer.safesendreturns.com/coverpage/index/5hthzl4hph2m325gt7el491a1gjhp000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
829ac7df7d34d3c4d91b3454c52f87e172e31efa66617911ce51d42d59d5c9b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://organizer-taxpayer.safesendreturns.com/coverpage/index/5hthzl4hph2m325gt7el491a1gjhp000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 19:18:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 06:44:36 GMT
Server
Kestrel
ETag
"1d9468920dda628"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Request-Context
appId=cid-v1:11cb01b4-8c3d-4265-b7df-86c268694b97
main.js
organizer-taxpayer.safesendreturns.com/dist/ 		37 MB
10 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://organizer-taxpayer.safesendreturns.com/dist/main.js?v=oOhugX4Xes3In3DT8gPSD80iRjqf4kDpXghE6omIHDc
Requested by
Host: organizer-taxpayer.safesendreturns.com
URL: https://organizer-taxpayer.safesendreturns.com/coverpage/index/5hthzl4hph2m325gt7el491a1gjhp000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
a0e86e817e177acdc89f70d3f203d20fcd22463a9fe240e95e0844ea89881c37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://organizer-taxpayer.safesendreturns.com/coverpage/index/5hthzl4hph2m325gt7el491a1gjhp000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 19:18:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Feb 2023 06:44:36 GMT
Server
Kestrel
ETag
"1d94689228e33bd"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Request-Context
appId=cid-v1:11cb01b4-8c3d-4265-b7df-86c268694b97
walkme_148aadebe34448148ad4edd74737f760_https.js
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/walkme_148aadebe34448148ad4edd74737f760_https.js
Requested by
Host: organizer-taxpayer.safesendreturns.com
URL: https://organizer-taxpayer.safesendreturns.com/coverpage/index/5hthzl4hph2m325gt7el491a1gjhp000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.87.133.81 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-133-81.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d5a35523c6a5f29fb94a01404936c3457997018e2bddeec8b8e5703e0f39dee1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://organizer-taxpayer.safesendreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
A3fnSG.nxSK_abe_fuoWhDKWsKRq0qIK
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 22 Feb 2023 19:18:04 GMT
access-control-allow-private-network
true
x-amz-request-id
0HEVPJRGZ746APNV
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
8507
x-amz-id-2
Xjc81qs60bA76fARP8rNpc2sd0kYoa/73lVXDRgSs7hzYnAZXcMy9U9PwIAKQ1U+5FR6+yRfZCE=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 14 Feb 2023 13:42:06 GMT
etag
"52eacbcc9224344c945a5d5316e0d368"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=55323
accept-ranges
bytes
timing-allow-origin
*
settings.txt
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/settings.txt
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/walkme_148aadebe34448148ad4edd74737f760_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.87.133.81 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-133-81.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a07c19feb24a6dd69aae7971a9de15d44de8087620765c19c21e02ea524b1285
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://organizer-taxpayer.safesendreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
jU0shzLAlzSeOH7OMOr7B0IczOupj8KU
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 22 Feb 2023 19:18:04 GMT
access-control-allow-private-network
true
x-amz-request-id
FBCYJKZC8ZVWGEQQ
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
732
x-amz-id-2
2PSC5xueUHv3aEtdTs8K4ES4qVNE4OZjDN1APL01c0qSx4rJzEGwhUFNVJc4wHx1kbqJ7KGySr4=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 22 Feb 2023 11:56:27 GMT
etag
"9636efac08e7fda6df18179be43ac699"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
timing-allow-origin
*
wmjQuery33121.js
cdn.walkme.com/player/resources/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/resources/wmjQuery33121.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/walkme_148aadebe34448148ad4edd74737f760_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.87.133.81 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-133-81.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4c39cb66f7f70d491df03c9483665b7aa362d889daebc31d1d98305f34b7e3af
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://organizer-taxpayer.safesendreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
dpj4bAlfG6UlhFPdf_TGly9sgsSAJ5Ge
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 22 Feb 2023 19:18:04 GMT
access-control-allow-private-network
true
x-amz-request-id
XPM2ZCAEXTWS76AN
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
30035
x-amz-id-2
5z6TgSotzGQOoXOpdZE9S1aVmXfpCRa+Oksepl33/z/ETLrdH/iYQDBbqpqB3IeHgUFYbis0tj4=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 May 2022 06:44:33 GMT
etag
"b00eee8317d72ce865b995c31f1f95ff"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=28666136
accept-ranges
bytes
timing-allow-origin
*
prelib-plugin-9debded5-07c7-3178-a579-aafca06874a1.js
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/scripts/ 		164 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/scripts/prelib-plugin-9debded5-07c7-3178-a579-aafca06874a1.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/walkme_148aadebe34448148ad4edd74737f760_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.87.133.81 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-133-81.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a7c4d167c175c334e2330188fd74c1fc0ddb05253f145825b83e37bb092666f5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://organizer-taxpayer.safesendreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
_rBeDrE.VdI2ijD40QeMW7pQFl.Is2pr
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 22 Feb 2023 19:18:04 GMT
access-control-allow-private-network
true
x-amz-request-id
Q3DTT1T14ZERK5G8
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
48667
x-amz-id-2
1QjJO16V8aCJOgXr6M5a1xdy/pIVcGZUITXJ0KhxNPkZGa7zxBejRCjR+TK1raAShtgVr/ArdWk=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 17:26:54 GMT
etag
"2ab3062035454bd4ec0832790274cc96"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=27841891
accept-ranges
bytes
timing-allow-origin
*
walkme_lib_20230221-081537-5152e891-7d35bdac.br.js
cdn.walkme.com/player/lib/ 		2 MB
359 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/walkme_lib_20230221-081537-5152e891-7d35bdac.br.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/walkme_148aadebe34448148ad4edd74737f760_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.87.133.81 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-133-81.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
59b70903a72202c3d64c89219b735ec89937700d3930005075bd5128f5f2a35a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://organizer-taxpayer.safesendreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
tQrk2pUeqofSXcU68SbgbaBDoKOC2QnB
content-encoding
br
x-content-type-options
nosniff
date
Wed, 22 Feb 2023 19:18:04 GMT
access-control-allow-private-network
true
x-amz-request-id
1EB6R5TZQ12GS6TP
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
365813
x-amz-id-2
wd/oLU7WkcEHWOa9hIhVTLVHN/DTklphHef6GvShJIcdfhIX3O8GwMkI1juScAmUy7CiVMjJLfM=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 21 Feb 2023 08:34:51 GMT
etag
"5e60869f1ec8624ca8e1bd831935abdd"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31434830
accept-ranges
bytes
timing-allow-origin
*
walkme_config_a88f978a6d5549be8d7e8b56546f1c7e.js
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/walkme_config_a88f978a6d5549be8d7e8b56546f1c7e.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/walkme_148aadebe34448148ad4edd74737f760_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.87.133.81 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-133-81.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6410aa13159ffc5f769beeb20efb5dda3b7aea740c8f4a59ea15557156485210
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://organizer-taxpayer.safesendreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
KhoxqXxKsD9mYIE0aMSC0eW5gjDBd3Rm
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 22 Feb 2023 19:18:04 GMT
access-control-allow-private-network
true
x-amz-request-id
87ZQMMYSQGN3W4PG
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
1690
x-amz-id-2
N5lc0sPBRC66Byvs0IZQRarXrdmL/wO7mCa95EEnC01cVm5IUQEov9xD4AxPEtGcCwFuV4YLO3A=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 21 Feb 2023 14:26:34 GMT
etag
"e35359687417059daafdc7e19d9b92fa"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31432152
accept-ranges
bytes
timing-allow-origin
*
5hthzl4hph2m325gt7el491a1gjhp000
organizer-taxpayer.safesendreturns.com/api/ApplicationInsight/BasicDetails/ 		90 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://organizer-taxpayer.safesendreturns.com/api/ApplicationInsight/BasicDetails/5hthzl4hph2m325gt7el491a1gjhp000
Requested by
Host:
URL: webpack-internal:///1120
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f8358932752032968d9bbe5593dc0e03e8e4e135f14cda12897128dd191cbd15

Request headers

Accept
application/json, text/plain, */*
Referer
https://organizer-taxpayer.safesendreturns.com/coverpage/index/5hthzl4hph2m325gt7el491a1gjhp000
traceparent
00-fc48587d88a74c399a4520936f48b933-6c33d0ee01a7431a-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 19:18:08 GMT
Content-Encoding
gzip
Server
Kestrel
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Cache-Control
no-store
Connection
keep-alive
Request-Context
appId=cid-v1:11cb01b4-8c3d-4265-b7df-86c268694b97
5hthzl4hph2m325gt7el491a1gjhp000
organizer-taxpayer.safesendreturns.com/api/Coverpage/GetHeaderInfoAsync/ 		639 B
785 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://organizer-taxpayer.safesendreturns.com/api/Coverpage/GetHeaderInfoAsync/5hthzl4hph2m325gt7el491a1gjhp000
Requested by
Host:
URL: webpack-internal:///1120
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f946467bd04afaf468bb14a16bd87c6f3ed90e490dbacb890d455ea71cf6fb2e

Request headers

Accept
application/json, text/plain, */*
Referer
https://organizer-taxpayer.safesendreturns.com/coverpage/index/5hthzl4hph2m325gt7el491a1gjhp000
traceparent
00-fc48587d88a74c399a4520936f48b933-82b193d7c98a46ec-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 19:18:08 GMT
Content-Encoding
gzip
Server
Kestrel
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Cache-Control
no-store
Connection
keep-alive
Request-Context
appId=cid-v1:11cb01b4-8c3d-4265-b7df-86c268694b97
5hthzl4hph2m325gt7el491a1gjhp000
organizer-taxpayer.safesendreturns.com/api/Helper/GetAllTaxingAuthorityAsync/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://organizer-taxpayer.safesendreturns.com/api/Helper/GetAllTaxingAuthorityAsync/5hthzl4hph2m325gt7el491a1gjhp000
Requested by
Host:
URL: webpack-internal:///1120
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
23f9b65c9ce77da94d6a95ba9837431f0dc76a166ff41e40a9cc796a9976750b

Request headers

Accept
application/json, text/plain, */*
Referer
https://organizer-taxpayer.safesendreturns.com/coverpage/index/5hthzl4hph2m325gt7el491a1gjhp000
traceparent
00-fc48587d88a74c399a4520936f48b933-6ce4170ab5714eab-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Feb 2023 19:18:08 GMT
Content-Encoding
gzip
Server
Kestrel
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Cache-Control
no-store
Connection
keep-alive
Request-Context
appId=cid-v1:11cb01b4-8c3d-4265-b7df-86c268694b97
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Mono:wght@400;700&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://organizer-taxpayer.safesendreturns.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 21:17:40 GMT
x-content-type-options
nosniff
age
511228
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Feb 2024 21:17:40 GMT
MyCompanyLogo
ssrcontentstore.blob.core.windows.net/ssr00003043/library/logo/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssrcontentstore.blob.core.windows.net/ssr00003043/library/logo/MyCompanyLogo?sv=2018-03-28&sr=b&sig=m2odWC1kQLREb73MpUuDYwaPEKMWRyZaXPBmEsPeFgM%3D&se=2025-02-21T19%3A18%3A08Z&sp=r&rscc=no-store&rsct=image%2Fjpeg&rscd=inline%3Bfilename%3D%22Boulay_logo-Very%20Small%20%28002%29.jpg%22
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.38.122.100 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
38f8ec3fd337a4b9f2e4510ddcc429ae4de26e9aacd1581ca40c54c965de57ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://organizer-taxpayer.safesendreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Wed, 22 Feb 2023 19:18:09 GMT
x-ms-server-encrypted
true
Content-Disposition
inline;filename="Boulay_logo-Very Small (002).jpg"
Content-Length
3116
x-ms-lease-state
available
x-ms-lease-status
unlocked
x-ms-creation-time
Wed, 29 Jul 2020 14:55:53 GMT
Last-Modified
Wed, 29 Jul 2020 19:28:54 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-meta-filetype
image/jpeg
ETag
"0x8D833F5A17731FB"
Vary
Origin
x-ms-meta-filename
Boulay_logo-Very Small (002).jpg
Content-Type
image/jpeg
x-ms-request-id
bbe3906b-e01e-0038-11f2-46e954000000
Cache-Control
no-store
x-ms-version
2018-03-28
Accept-Ranges
bytes
envelope.svg
organizer-taxpayer.safesendreturns.com/dist/assets/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://organizer-taxpayer.safesendreturns.com/dist/assets/images/envelope.svg
Requested by
Host: organizer-taxpayer.safesendreturns.com
URL: https://organizer-taxpayer.safesendreturns.com/dist/assets/css/site.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
6fb581606ee4020bf2a7fb20fbf288999607fb3c7b14905255a78ffbb29b76a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://organizer-taxpayer.safesendreturns.com/dist/assets/css/site.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 19:18:09 GMT
Last-Modified
Wed, 22 Feb 2023 06:44:34 GMT
Server
Kestrel
ETag
"1d946891fac6d66"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6246
Request-Context
appId=cid-v1:11cb01b4-8c3d-4265-b7df-86c268694b97
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Mono:wght@400;700&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://organizer-taxpayer.safesendreturns.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 16:42:33 GMT
x-content-type-options
nosniff
age
527736
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Feb 2024 16:42:33 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Mono:wght@400;700&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://organizer-taxpayer.safesendreturns.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 22:20:50 GMT
x-content-type-options
nosniff
age
507439
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Feb 2024 22:20:50 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=IBM+Plex+Mono:wght@400;700&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://organizer-taxpayer.safesendreturns.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 12:40:54 GMT
x-content-type-options
nosniff
age
542235
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Feb 2024 12:40:54 GMT
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.236.186.218 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://organizer-taxpayer.safesendreturns.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Wed, 22 Feb 2023 19:18:09 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ 		164 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host:
URL: webpack-internal:///1120
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.236.186.218 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d68f81abad2f081820d3ad0a6c3349c3f4d1ce50d76c899876d9c4cfd08443d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://organizer-taxpayer.safesendreturns.com/
accept-language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
9A5BED6C-BB9F-411C-9739-9676EC12B079
strict-transport-security
max-age=31536000
date
Wed, 22 Feb 2023 19:18:09 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
164
insights_configuration_cb9634e2e66a474ab5c47bdcb29f6dc0.js
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/external-data/insights-configuration/ 		72 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/external-data/insights-configuration/insights_configuration_cb9634e2e66a474ab5c47bdcb29f6dc0.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20230221-081537-5152e891-7d35bdac.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.87.133.81 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-133-81.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fb153402ba70c0a381b1e9924b3d90fb40729735c3e9c1372b6cdc9594a329fe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://organizer-taxpayer.safesendreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
Ju1m0_0Uf8fqoEKb8CsN2bVYZc7bpSUG
date
Wed, 22 Feb 2023 19:18:09 GMT
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
access-control-allow-private-network
true
x-amz-request-id
5HWV8Y4XQKK80ADH
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
72
x-amz-id-2
LNVb3OYxFxqAIhv7S6B5UlfL1xFu5av9jG3K9rEYfXwkywPeOCKlhlJ4M1gRsyl+4aAsr5IPWag=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 06 Dec 2022 19:45:52 GMT
etag
"847a33f7659cea7dfc9792ee7dae9ce0"
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
custom_css_c9033b3aee62455e8f5fe5e937c39b40.css
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/ 		26 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/custom_css_c9033b3aee62455e8f5fe5e937c39b40.css
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20230221-081537-5152e891-7d35bdac.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.87.133.81 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-133-81.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
eb6a949cf1b1c9a076c713370171b264a0f85944be537ce749a9aa551937e96c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://organizer-taxpayer.safesendreturns.com/
Origin
https://organizer-taxpayer.safesendreturns.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
OW5V6MoHurlJxwZNefU58RhstIIZLJE1
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 22 Feb 2023 19:18:09 GMT
access-control-allow-private-network
true
x-amz-request-id
5Q7W5FGRPXJE5R4B
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
1649
x-amz-id-2
oBk4UjbkJ0pl5taoC2BsehrHrICwFTa6oK0zDHU1uoN1O2UA5OvPTmzICF8OSpQUDNOVsGLLSQs=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 22 Feb 2023 11:56:25 GMT
etag
"0d81071393756124fbe4464cd37fb15b"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31526200
accept-ranges
bytes
timing-allow-origin
*
data_c9033b3aee62455e8f5fe5e937c39b40.br.js
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/ 		321 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/data_c9033b3aee62455e8f5fe5e937c39b40.br.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20230221-081537-5152e891-7d35bdac.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.87.133.81 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-133-81.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a0f12523c69422f0bf51874ee230155776ec9bb70f099d90f5220ae8097f23e1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://organizer-taxpayer.safesendreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
uI83p_VjcrDxozpyLblrv9BBFDcGigE7
content-encoding
br
x-content-type-options
nosniff
date
Wed, 22 Feb 2023 19:18:09 GMT
access-control-allow-private-network
true
x-amz-request-id
H7RV3KXR33H66D3P
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
32377
x-amz-id-2
bA7vyAKc5Znf5GD/gJVnAhSDFK/eva4jVzSpgtiFQS+a1l7LmISpwbGbO/sJ/Q5V5sHpcty0rig=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 22 Feb 2023 11:56:27 GMT
etag
"904b1faecf83b76088786ab53086f669"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31511210
accept-ranges
bytes
timing-allow-origin
*
log
ec.walkme.com/event/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ec.walkme.com/event/log
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.138.243 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.138.244.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; block-all-mixed-content; default-src 'none'; frame-ancestors: 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
traceparent
Access-Control-Request-Method
POST
Origin
https://organizer-taxpayer.safesendreturns.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-headers
traceparent
access-control-allow-methods
POST,GET
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=600
content-length
0
content-security-policy
upgrade-insecure-requests; block-all-mixed-content; default-src 'none'; frame-ancestors: 'none'
date
Wed, 22 Feb 2023 19:18:09 GMT
referrer-policy
strict-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Access-Control-Request-Headers
via
1.1 google
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
log
ec.walkme.com/event/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ec.walkme.com/event/log
Requested by
Host:
URL: webpack-internal:///1120
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.138.243 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.138.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; block-all-mixed-content; default-src 'none'; frame-ancestors: 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://organizer-taxpayer.safesendreturns.com/
traceparent
00-fc48587d88a74c399a4520936f48b933-5478def805054f94-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests; block-all-mixed-content; default-src 'none'; frame-ancestors: 'none'
x-content-type-options
nosniff
referrer-policy
strict-origin
via
1.1 google
date
Wed, 22 Feb 2023 19:18:10 GMT
x-frame-options
DENY
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
28.9089a7dc.walkme_lib.js
cdn.walkme.com/player/lib/20230221-081537-5152e891-7d35bdac.br/ 		113 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20230221-081537-5152e891-7d35bdac.br/28.9089a7dc.walkme_lib.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20230221-081537-5152e891-7d35bdac.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.87.133.81 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-133-81.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6380a5dcefd53a8c332873959ab9de0c46d193110499642f657ecf47afbf3527
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://organizer-taxpayer.safesendreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
99usF42hlqQsI86rarmRjZK1SfI4VxU_
content-encoding
br
x-content-type-options
nosniff
date
Wed, 22 Feb 2023 19:18:09 GMT
access-control-allow-private-network
true
x-amz-request-id
88NVJWQHVGWN8F4M
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
30591
x-amz-id-2
hpG5Qr2hzMHW6ZNyWyjXf5XRKj7qkldmSHjrT5GCDFd3KtOjfL4Nt15JR3BjLw6QOLwA6psz0C4=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 21 Feb 2023 08:34:41 GMT
etag
"fa339e658b1ae1a1103b8404a4c8a88d"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31434602
accept-ranges
bytes
timing-allow-origin
*
23.33843696.walkme_lib.js
cdn.walkme.com/player/lib/20230221-081537-5152e891-7d35bdac.br/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20230221-081537-5152e891-7d35bdac.br/23.33843696.walkme_lib.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20230221-081537-5152e891-7d35bdac.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.87.133.81 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-133-81.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ce4326dcd1886ff9f45ed59e33a1aecdc9dfd54d680b17def406a32b1443ea94
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://organizer-taxpayer.safesendreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
zvTfpyyl0HjZHC5wEoyyocUuYB6bl6Rf
content-encoding
br
x-content-type-options
nosniff
date
Wed, 22 Feb 2023 19:18:09 GMT
access-control-allow-private-network
true
x-amz-request-id
88NKS2T2H5N389AB
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
7710
x-amz-id-2
MjTbjuks+iEsjWaSi4KbQFJakJVbQ19NnixhYw/2ZERBx80Vclm/s8qLMWzBCA4uF8TpH38UijE=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 21 Feb 2023 08:34:41 GMT
etag
"3b6252dcc1b22ea2fc989fc8ab59535b"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31434646
accept-ranges
bytes
timing-allow-origin
*
11.ec08f466.walkme_lib.js
cdn.walkme.com/player/lib/20230221-081537-5152e891-7d35bdac.br/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20230221-081537-5152e891-7d35bdac.br/11.ec08f466.walkme_lib.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20230221-081537-5152e891-7d35bdac.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.87.133.81 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-133-81.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
150f7419ca5aa832032e08c60a733649655a887bb2cb8db7b389c1e1d27ab56c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://organizer-taxpayer.safesendreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
LdhOt_wSUWG_LtRu0dbqgwFVkoU..RxX
content-encoding
br
x-content-type-options
nosniff
date
Wed, 22 Feb 2023 19:18:09 GMT
access-control-allow-private-network
true
x-amz-request-id
7EGYC4KBBPE6T5XE
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
8111
x-amz-id-2
mJ1oEDxZe6ufrvFHiBFdvP83aoE4KGXCMwZqlp9iUuAzsbV8uNTzsLZWm8k7AJ2hZUnpjL7FTyw=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 21 Feb 2023 08:34:41 GMT
etag
"9c13f086a39fac5940dd7e73a2c8529e"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31434842
accept-ranges
bytes
timing-allow-origin
*
49.5c596b38.walkme_lib.js
cdn.walkme.com/player/lib/20230221-081537-5152e891-7d35bdac.br/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20230221-081537-5152e891-7d35bdac.br/49.5c596b38.walkme_lib.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20230221-081537-5152e891-7d35bdac.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.87.133.81 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-133-81.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
911240749eda9c0b736910cde563c4ec7eee873586eed661a1a1913614c65965
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://organizer-taxpayer.safesendreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
w_FLBddwlFk8ss.i1WwXjtgIYluC1GYT
content-encoding
br
x-content-type-options
nosniff
date
Wed, 22 Feb 2023 19:18:09 GMT
access-control-allow-private-network
true
x-amz-request-id
EEWBFBHTXJZC9AJJ
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
445
x-amz-id-2
WylAxIA0slmEBxEQcXWbZyaSWHPVgUEqqi2YlajMfp4UVOIkr6SG4aZledMYZ+xIAScgWhKlCIw=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 21 Feb 2023 08:34:42 GMT
etag
"1e10f36380b10a06bbfbbed24e10bad8"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31438406
accept-ranges
bytes
timing-allow-origin
*
notosans.js
cdn.walkme.com/player/resources/fonts/ 		28 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/resources/fonts/notosans.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20230221-081537-5152e891-7d35bdac.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.87.133.81 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-87-133-81.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
04492dc91f7b11414946c67dda4b85fba53e4ad6e76237095b73b30d1c6bbe5d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://organizer-taxpayer.safesendreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

unused62
8096267
x-amz-version-id
WjEbTtapEYtXvse9Ooq2w1BlT1_OhZB3
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 22 Feb 2023 19:18:09 GMT
access-control-allow-private-network
true
x-amz-request-id
F19B140B303B25CE
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
21880
x-amz-id-2
gzDSglVKOJhqFZASNg8LnuzZTPLTne2AG8KLaNnW7j2R8A+yAE2pR3atYIyEzB7lhTGVllmQc4M=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 12 Jun 2019 21:50:11 GMT
etag
"7e9b968dcc783627e445ad04f4dab310"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
timing-allow-origin
*
postEvent
ec.walkme.com/event/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ec.walkme.com/event/postEvent
Requested by
Host:
URL: webpack-internal:///1120
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.138.243 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.138.244.35.bc.googleusercontent.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; block-all-mixed-content; default-src 'none'; frame-ancestors: 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Content-Type
text/plain
Accept
text/html, */*; q=0.01
Referer
https://organizer-taxpayer.safesendreturns.com/
traceparent
00-fc48587d88a74c399a4520936f48b933-3132a4b1b423413b-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Request-Context
appId=cid-v1:11cb01b4-8c3d-4265-b7df-86c268694b97

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests; block-all-mixed-content; default-src 'none'; frame-ancestors: 'none'
x-content-type-options
nosniff
referrer-policy
strict-origin
via
1.1 google
date
Wed, 22 Feb 2023 19:18:10 GMT
x-frame-options
DENY
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-xss-protection
1; mode=block
postEvent
ec.walkme.com/event/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ec.walkme.com/event/postEvent
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.138.243 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.138.244.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; block-all-mixed-content; default-src 'none'; frame-ancestors: 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
request-context,traceparent
Access-Control-Request-Method
POST
Origin
https://organizer-taxpayer.safesendreturns.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-headers
request-context,traceparent
access-control-allow-methods
POST,GET
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=600
content-length
0
content-security-policy
upgrade-insecure-requests; block-all-mixed-content; default-src 'none'; frame-ancestors: 'none'
date
Wed, 22 Feb 2023 19:18:10 GMT
referrer-policy
strict-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Access-Control-Request-Headers
via
1.1 google
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| oncontentvisibilityautostatechange object| Variables object| _walkmeConfig object| _walkmeInternals object| wmSnippet undefined| fixedCallback function| mtjQuery function| wmjQuery object| webpackJsonp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| _ boolean| _pdfjsCompatibilityChecked object| pdfjsWorker function| DataStream function| __assign function| __extends function| walkme_pre_lib_loaded object| _walkmeWebpackJP object| _makeTutorialEv undefined| WalkMeConfigCallback object| _makeTutorial object| _walkMe undefined| InsightsConfigurationCallback object| WalkMeAPI object| WalkMeDataAPI object| WalkMeInsightsAPI object| wmContext function| WalkMeDataClass object| WalkMePlayerAPI object| valuePerEvent

4 Cookies

Domain/Path Name / Value
organizer-taxpayer.safesendreturns.com/ Name: .AspNetCore.Antiforgery.CLkofR_OlOQ
Value: CfDJ8GTuTK7sE_VGk-VoNwqb-U3_VWJrnAxACRROZ1XdtSLAAH7zFUrtzoqLbnjqMpvhzmFUJtmOK-Xvll0boMWEVKm0w5MFmf61G1mtSnhuvMJGTYVMZtwN87xP1Eb1dlyMtgc3DdXfqyecBstgxJNsOx4
organizer-taxpayer.safesendreturns.com/ Name: ai_user
Value: kMFOGxgXSZFbZJHCZxhZQm|2023-02-22T19:18:08.474Z
organizer-taxpayer.safesendreturns.com/ Name: ai_session
Value: wZMCXKM5J65Sf6PamDrt2T|1677093489448|1677093489448
organizer-taxpayer.safesendreturns.com/ Name: appinsightCookie
Value: {"companyId":0,"instrumentationKey":"9af4b5fd-02e7-44d3-88df-8ef6bfa379f0","documentId":0}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.walkme.com
dc.services.visualstudio.com
ec.walkme.com
fonts.googleapis.com
fonts.gstatic.com
organizer-taxpayer.safesendreturns.com
ssrcontentstore.blob.core.windows.net
use.fontawesome.com
104.87.133.81
20.38.122.100
2606:4700:e2::ac40:840f
2a00:1450:4001:828::200a
2a00:1450:400d:80a::2003
35.244.138.243
52.158.215.147
52.236.186.218
04492dc91f7b11414946c67dda4b85fba53e4ad6e76237095b73b30d1c6bbe5d
123884d8c46b274f6f2fb0d2eca643589e96142eb8acc0d66e4bb4c706439188
150f7419ca5aa832032e08c60a733649655a887bb2cb8db7b389c1e1d27ab56c
23f9b65c9ce77da94d6a95ba9837431f0dc76a166ff41e40a9cc796a9976750b
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
38f8ec3fd337a4b9f2e4510ddcc429ae4de26e9aacd1581ca40c54c965de57ed
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
4c39cb66f7f70d491df03c9483665b7aa362d889daebc31d1d98305f34b7e3af
59b70903a72202c3d64c89219b735ec89937700d3930005075bd5128f5f2a35a
5ee0924ebeb3c05ff1e8376d92297e56f75b97316a9d5e4c52fce8a0c98820a6
6380a5dcefd53a8c332873959ab9de0c46d193110499642f657ecf47afbf3527
6410aa13159ffc5f769beeb20efb5dda3b7aea740c8f4a59ea15557156485210
6b7f6369f7c9c787865c67140bb607cea7d82f17d9bf148cc4adc6c561b70afe
6fb581606ee4020bf2a7fb20fbf288999607fb3c7b14905255a78ffbb29b76a3
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
829ac7df7d34d3c4d91b3454c52f87e172e31efa66617911ce51d42d59d5c9b8
879ac1f3108e52797583dcc49fd99885024d6a601370b5d0b22e9a44e6497923
911240749eda9c0b736910cde563c4ec7eee873586eed661a1a1913614c65965
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
a07c19feb24a6dd69aae7971a9de15d44de8087620765c19c21e02ea524b1285
a0e86e817e177acdc89f70d3f203d20fcd22463a9fe240e95e0844ea89881c37
a0f12523c69422f0bf51874ee230155776ec9bb70f099d90f5220ae8097f23e1
a57202f55d61264accc1d0a98458e0d43c9c971a3cdb8d6902113797b10b9d42
a7c4d167c175c334e2330188fd74c1fc0ddb05253f145825b83e37bb092666f5
b4a0ecdbcefe9eb2d04a4b533d92dddc8caebad5a5f0c869fe0739bdbc03a908
c716884ead55c39601e1fde41cbeef3153f45d2c15e5c63eaa4b059d5aa64c83
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
ce4326dcd1886ff9f45ed59e33a1aecdc9dfd54d680b17def406a32b1443ea94
d57bfd35391038078ad2f65eb8e2843565cdc2ce81099f04a81d113d77068581
d5a35523c6a5f29fb94a01404936c3457997018e2bddeec8b8e5703e0f39dee1
d68f81abad2f081820d3ad0a6c3349c3f4d1ce50d76c899876d9c4cfd08443d8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb6a949cf1b1c9a076c713370171b264a0f85944be537ce749a9aa551937e96c
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f8358932752032968d9bbe5593dc0e03e8e4e135f14cda12897128dd191cbd15
f946467bd04afaf468bb14a16bd87c6f3ed90e490dbacb890d455ea71cf6fb2e
fb153402ba70c0a381b1e9924b3d90fb40729735c3e9c1372b6cdc9594a329fe
ffa009de99c341d446a877c6513a5778b3f9c093f21b168c8f8c3b5fb7a0fa21