Submitted URL: http://osisoftus.gbtconnect.com/
Effective URL: https://login.gbtconnect.com/login/apps/init.do?_appid=Login&cookieDomain=.gbtconnect.com&relayMethod=GET&relayState=https%3A...
Submission: On December 14 via manual from IE — Scanned from DE

Summary

This website contacted 8 IPs in 4 countries across 4 domains to perform 33 HTTP transactions. The main IP is 208.94.220.182, located in United States and belongs to DEEM-INC, US. The main domain is login.gbtconnect.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on October 7th 2022. Valid for: a year.
This is the only time login.gbtconnect.com was scanned on urlscan.io!

urlscan.io Verdict: No classification


Live information

Domain & IP information

IP Address AS Autonomous System
4 5 208.94.220.182 13629 (DEEM-INC)
13 104.103.84.15 16625 (AKAMAI-AS)
14 104.64.114.149 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
1 34.120.203.98 396982 (GOOGLE-CL...)
1 35.244.138.243 15169 (GOOGLE)
33 8
Apex Domain
Subdomains
Transfer
17 walkme.com
cdn.walkme.com — Cisco Umbrella Rank: 1534
papi.walkme.com — Cisco Umbrella Rank: 2612
ec-playback.walkme.com — Cisco Umbrella Rank: 9082
ec.walkme.com — Cisco Umbrella Rank: 1682
705 KB
13 rcobjs.com
mt.rcobjs.com — Cisco Umbrella Rank: 383955
146 KB
5 gbtconnect.com
osisoftus.gbtconnect.com
login.gbtconnect.com
8 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
52 KB
33 4
Domain Requested by
14 cdn.walkme.com login.gbtconnect.com
cdn.walkme.com
13 mt.rcobjs.com login.gbtconnect.com
mt.rcobjs.com
4 osisoftus.gbtconnect.com 4 redirects
1 ec.walkme.com cdn.walkme.com
1 ec-playback.walkme.com cdn.walkme.com
1 papi.walkme.com cdn.walkme.com
1 www.googletagmanager.com login.gbtconnect.com
1 login.gbtconnect.com
33 8

This site contains links to these domains. Also see Links.

Domain
osisoftus.gbtconnect.com
www.deem.com
Subject Issuer Validity Valid
*.gbtconnect.com
Sectigo RSA Organization Validation Secure Server CA
2022-10-07 -
2023-10-07
a year crt.sh
www.deem.com
DigiCert TLS RSA SHA256 2020 CA1
2022-04-30 -
2023-05-03
a year crt.sh
walkme.com
DigiCert TLS RSA SHA256 2020 CA1
2022-10-16 -
2023-03-29
5 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-11-07 -
2023-01-30
3 months crt.sh
*.walkme.com
Sectigo RSA Domain Validation Secure Server CA
2021-12-20 -
2023-01-20
a year crt.sh

This page contains 1 frames:

Primary Page: https://login.gbtconnect.com/login/apps/init.do?_appid=Login&cookieDomain=.gbtconnect.com&relayMethod=GET&relayState=https%3A%2F%2Fosisoftus.gbtconnect.com%2Frc%2Flogin%2FpostLogin.do&appType=pa&reason=usrPwdLogin&paSiteUrlName=osisoftus&smb=false
Frame ID: 651723159CD7A6B680094FF9DB705A18
Requests: 33 HTTP requests in this frame

Screenshot

Page Title

American Express GBT - Sign in

Page URL History Show full URLs

  1. http://osisoftus.gbtconnect.com/ HTTP 302
    https://osisoftus.gbtconnect.com/ HTTP 302
    https://osisoftus.gbtconnect.com/rc/login/main.do HTTP 302
    https://osisoftus.gbtconnect.com/rc/login/main.do HTTP 302
    https://login.gbtconnect.com/login/apps/init.do?_appid=Login&cookieDomain=.gbtconnect.com&relayMethod=GET... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

97 %
HTTPS

29 %
IPv6

4
Domains

8
Subdomains

8
IPs

4
Countries

908 kB
Transfer

3941 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://osisoftus.gbtconnect.com/ HTTP 302
    https://osisoftus.gbtconnect.com/ HTTP 302
    https://osisoftus.gbtconnect.com/rc/login/main.do HTTP 302
    https://osisoftus.gbtconnect.com/rc/login/main.do HTTP 302
    https://login.gbtconnect.com/login/apps/init.do?_appid=Login&cookieDomain=.gbtconnect.com&relayMethod=GET&relayState=https%3A%2F%2Fosisoftus.gbtconnect.com%2Frc%2Flogin%2FpostLogin.do&appType=pa&reason=usrPwdLogin&paSiteUrlName=osisoftus&smb=false Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request init.do
login.gbtconnect.com/login/apps/
Redirect Chain
  • http://osisoftus.gbtconnect.com/
  • https://osisoftus.gbtconnect.com/
  • https://osisoftus.gbtconnect.com/rc/login/main.do
  • https://osisoftus.gbtconnect.com/rc/login/main.do
  • https://login.gbtconnect.com/login/apps/init.do?_appid=Login&cookieDomain=.gbtconnect.com&relayMethod=GET&relayState=https%3A%2F%2Fosisoftus.gbtconnect.com%2Frc%2Flogin%2FpostLogin.do&appType=pa&re...
11 KB
5 KB
Document
General
Full URL
https://login.gbtconnect.com/login/apps/init.do?_appid=Login&cookieDomain=.gbtconnect.com&relayMethod=GET&relayState=https%3A%2F%2Fosisoftus.gbtconnect.com%2Frc%2Flogin%2FpostLogin.do&appType=pa&reason=usrPwdLogin&paSiteUrlName=osisoftus&smb=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.94.220.182 , United States, ASN13629 (DEEM-INC, US),
Reverse DNS
Software
/
Resource Hash
7370cf853f9836247c19b67dda925448d4a3dcd246e4daa02e1c2031d3231a68
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors 'self'
Content-Type
text/html;charset=UTF-8
Date
Wed, 14 Dec 2022 17:02:03 GMT
Keep-Alive
timeout=30
Strict-Transport-Security
max-age=86400; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1

Redirect headers

Connection
keep-alive
Content-Language
en-US
Content-Length
0
Content-Security-Policy
frame-ancestors 'self'
Date
Wed, 14 Dec 2022 17:02:02 GMT
Keep-Alive
timeout=30
Location
https://login.gbtconnect.com/login/apps/init.do?_appid=Login&cookieDomain=.gbtconnect.com&relayMethod=GET&relayState=https%3A%2F%2Fosisoftus.gbtconnect.com%2Frc%2Flogin%2FpostLogin.do&appType=pa&reason=usrPwdLogin&paSiteUrlName=osisoftus&smb=false
Strict-Transport-Security
max-age=86400; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1
global_214887028-555.css
mt.rcobjs.com/static/core/css/
200 KB
37 KB
Stylesheet
General
Full URL
https://mt.rcobjs.com/static/core/css/global_214887028-555.css
Requested by
Host: login.gbtconnect.com
URL: https://login.gbtconnect.com/login/apps/init.do?_appid=Login&cookieDomain=.gbtconnect.com&relayMethod=GET&relayState=https%3A%2F%2Fosisoftus.gbtconnect.com%2Frc%2Flogin%2FpostLogin.do&appType=pa&reason=usrPwdLogin&paSiteUrlName=osisoftus&smb=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.84.15 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-84-15.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fcd2c08e1f9620ff8382106130c4e175c2c91708f361487d13faa3b30d8cf30b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.gbtconnect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Wed, 14 Dec 2022 17:02:03 GMT
Connection
keep-alive
Content-Length
37604
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Fri, 30 Sep 2022 12:16:28 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 14 Dec 2022 17:02:03 GMT
signin_new_3420184478-230.css
mt.rcobjs.com/static/core/css/service/
3 KB
2 KB
Stylesheet
General
Full URL
https://mt.rcobjs.com/static/core/css/service/signin_new_3420184478-230.css
Requested by
Host: login.gbtconnect.com
URL: https://login.gbtconnect.com/login/apps/init.do?_appid=Login&cookieDomain=.gbtconnect.com&relayMethod=GET&relayState=https%3A%2F%2Fosisoftus.gbtconnect.com%2Frc%2Flogin%2FpostLogin.do&appType=pa&reason=usrPwdLogin&paSiteUrlName=osisoftus&smb=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.84.15 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-84-15.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cb4334ae15f2c481265f458d0dca5c17cf0b9222474e8ec2227c45974973febf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.gbtconnect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Wed, 14 Dec 2022 17:02:03 GMT
Connection
keep-alive
Content-Length
996
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Fri, 30 Sep 2022 12:16:28 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 14 Dec 2022 17:02:03 GMT
partner.css
mt.rcobjs.com/static/rc/common/resources/css/partner/amex/
12 KB
4 KB
Stylesheet
General
Full URL
https://mt.rcobjs.com/static/rc/common/resources/css/partner/amex/partner.css
Requested by
Host: login.gbtconnect.com
URL: https://login.gbtconnect.com/login/apps/init.do?_appid=Login&cookieDomain=.gbtconnect.com&relayMethod=GET&relayState=https%3A%2F%2Fosisoftus.gbtconnect.com%2Frc%2Flogin%2FpostLogin.do&appType=pa&reason=usrPwdLogin&paSiteUrlName=osisoftus&smb=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.84.15 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-84-15.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6cb8a200051af8dccb4a819941604e1caad59cf46f975c6cd8ffb1f1bb1dc211
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.gbtconnect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Wed, 14 Dec 2022 17:02:03 GMT
Connection
keep-alive
Content-Length
2898
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Mon, 21 Nov 2022 18:16:50 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 14 Dec 2022 17:02:03 GMT
superdomain_main_amex_1571165941000.gif
mt.rcobjs.com/img/logos/
5 KB
6 KB
Image
General
Full URL
https://mt.rcobjs.com/img/logos/superdomain_main_amex_1571165941000.gif
Requested by
Host: login.gbtconnect.com
URL: https://login.gbtconnect.com/login/apps/init.do?_appid=Login&cookieDomain=.gbtconnect.com&relayMethod=GET&relayState=https%3A%2F%2Fosisoftus.gbtconnect.com%2Frc%2Flogin%2FpostLogin.do&appType=pa&reason=usrPwdLogin&paSiteUrlName=osisoftus&smb=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.84.15 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-84-15.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3c2e95418b372124a465368582d9b54ed02fc38347a646450cd978dd2e3fd1ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.gbtconnect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Wed, 14 Dec 2022 17:02:03 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
5581
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 15 Oct 2019 18:59:21 GMT
ETag
"15cd-594f795083cce"
X-Frame-Options
SAMEORIGIN
Access-Control-Max-Age
86400
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
main_logo_5978327_1342050777000.gif
mt.rcobjs.com/img/logos/
3 KB
4 KB
Image
General
Full URL
https://mt.rcobjs.com/img/logos/main_logo_5978327_1342050777000.gif
Requested by
Host: login.gbtconnect.com
URL: https://login.gbtconnect.com/login/apps/init.do?_appid=Login&cookieDomain=.gbtconnect.com&relayMethod=GET&relayState=https%3A%2F%2Fosisoftus.gbtconnect.com%2Frc%2Flogin%2FpostLogin.do&appType=pa&reason=usrPwdLogin&paSiteUrlName=osisoftus&smb=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.84.15 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-84-15.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f4591c0afa63ed06896faee76eb2a2f5d5872d0833373ec2900d91b91f964811
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.gbtconnect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Wed, 14 Dec 2022 17:02:04 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
3217
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 11 Jul 2012 23:52:57 GMT
ETag
"c91-4c4968bd56840"
X-Frame-Options
SAMEORIGIN
Access-Control-Max-Age
86400
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
powered_by_deem.png
mt.rcobjs.com/static/core/img/default/
1 KB
2 KB
Image
General
Full URL
https://mt.rcobjs.com/static/core/img/default/powered_by_deem.png
Requested by
Host: login.gbtconnect.com
URL: https://login.gbtconnect.com/login/apps/init.do?_appid=Login&cookieDomain=.gbtconnect.com&relayMethod=GET&relayState=https%3A%2F%2Fosisoftus.gbtconnect.com%2Frc%2Flogin%2FpostLogin.do&appType=pa&reason=usrPwdLogin&paSiteUrlName=osisoftus&smb=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.84.15 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-84-15.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4c156b531dd8a75204a1b4c3e59f479890514fe8979e4bd29aafea6a0aa1c908
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.gbtconnect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Wed, 14 Dec 2022 17:02:03 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
1467
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 30 Sep 2022 12:16:40 GMT
ETag
"5bb-5e9e3f755da00"
X-Frame-Options
SAMEORIGIN
Access-Control-Max-Age
86400
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
bundle-core_3248498338-1367.js
mt.rcobjs.com/static/core/js/
285 KB
77 KB
Script
General
Full URL
https://mt.rcobjs.com/static/core/js/bundle-core_3248498338-1367.js
Requested by
Host: login.gbtconnect.com
URL: https://login.gbtconnect.com/login/apps/init.do?_appid=Login&cookieDomain=.gbtconnect.com&relayMethod=GET&relayState=https%3A%2F%2Fosisoftus.gbtconnect.com%2Frc%2Flogin%2FpostLogin.do&appType=pa&reason=usrPwdLogin&paSiteUrlName=osisoftus&smb=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.84.15 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-84-15.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b611137494da13b2d4a460e44a3d92d30edb6171f17b6c32216f48d004dc9d25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.gbtconnect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Wed, 14 Dec 2022 17:02:03 GMT
Connection
keep-alive
Content-Length
78517
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Fri, 30 Sep 2022 12:17:00 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 14 Dec 2022 17:02:03 GMT
submit.js
mt.rcobjs.com/static/rc/common/resources/js/util/
910 B
963 B
Script
General
Full URL
https://mt.rcobjs.com/static/rc/common/resources/js/util/submit.js
Requested by
Host: login.gbtconnect.com
URL: https://login.gbtconnect.com/login/apps/init.do?_appid=Login&cookieDomain=.gbtconnect.com&relayMethod=GET&relayState=https%3A%2F%2Fosisoftus.gbtconnect.com%2Frc%2Flogin%2FpostLogin.do&appType=pa&reason=usrPwdLogin&paSiteUrlName=osisoftus&smb=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.84.15 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-84-15.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
86354f847336003320a805c58ad63ef379e25ebe3cb91dbecd4faa4b76744306
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.gbtconnect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Wed, 14 Dec 2022 17:02:03 GMT
Connection
keep-alive
Content-Length
263
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Mon, 21 Nov 2022 18:16:50 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 14 Dec 2022 17:02:03 GMT
messagebox.js
mt.rcobjs.com/static/rc/common/resources/js/widget/
10 KB
3 KB
Script
General
Full URL
https://mt.rcobjs.com/static/rc/common/resources/js/widget/messagebox.js
Requested by
Host: login.gbtconnect.com
URL: https://login.gbtconnect.com/login/apps/init.do?_appid=Login&cookieDomain=.gbtconnect.com&relayMethod=GET&relayState=https%3A%2F%2Fosisoftus.gbtconnect.com%2Frc%2Flogin%2FpostLogin.do&appType=pa&reason=usrPwdLogin&paSiteUrlName=osisoftus&smb=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.84.15 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-84-15.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
462defbe6c8e1773b6f2fe5ec7595c0be4d58d0f31b7adc7ade42d85156411cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.gbtconnect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Wed, 14 Dec 2022 17:02:03 GMT
Connection
keep-alive
Content-Length
2408
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Mon, 21 Nov 2022 18:16:49 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 14 Dec 2022 17:02:03 GMT
login.js
mt.rcobjs.com/static/rc/apps/login/js/
2 KB
1 KB
Script
General
Full URL
https://mt.rcobjs.com/static/rc/apps/login/js/login.js
Requested by
Host: login.gbtconnect.com
URL: https://login.gbtconnect.com/login/apps/init.do?_appid=Login&cookieDomain=.gbtconnect.com&relayMethod=GET&relayState=https%3A%2F%2Fosisoftus.gbtconnect.com%2Frc%2Flogin%2FpostLogin.do&appType=pa&reason=usrPwdLogin&paSiteUrlName=osisoftus&smb=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.84.15 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-84-15.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
608fdf8dadd0848bb3f7b1039880ffe09ce5f1beea1a334e8a46577c9816e11f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.gbtconnect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Wed, 14 Dec 2022 17:02:03 GMT
Connection
keep-alive
Content-Length
589
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Mon, 21 Nov 2022 18:16:53 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 14 Dec 2022 17:02:03 GMT
tooltipmanager.js
mt.rcobjs.com/static/rc/common/resources/js/widget/
6 KB
2 KB
Script
General
Full URL
https://mt.rcobjs.com/static/rc/common/resources/js/widget/tooltipmanager.js
Requested by
Host: login.gbtconnect.com
URL: https://login.gbtconnect.com/login/apps/init.do?_appid=Login&cookieDomain=.gbtconnect.com&relayMethod=GET&relayState=https%3A%2F%2Fosisoftus.gbtconnect.com%2Frc%2Flogin%2FpostLogin.do&appType=pa&reason=usrPwdLogin&paSiteUrlName=osisoftus&smb=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.84.15 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-84-15.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e31558eac417502fdf72af19ba489415b4980f62ca3dad97ac205815ab1664d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.gbtconnect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Date
Wed, 14 Dec 2022 17:02:03 GMT
Connection
keep-alive
Content-Length
1570
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Mon, 21 Nov 2022 18:16:49 GMT
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Wed, 14 Dec 2022 17:02:03 GMT
body_nonav_bkgd.png
mt.rcobjs.com/static/core/img/deemsmb/
939 B
1 KB
Image
General
Full URL
https://mt.rcobjs.com/static/core/img/deemsmb/body_nonav_bkgd.png
Requested by
Host: mt.rcobjs.com
URL: https://mt.rcobjs.com/static/rc/common/resources/css/partner/amex/partner.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.84.15 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-84-15.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8af4accc15341cc32e360dbc863ceb29e93dd4983ddc2fce13bd9b78422c4426
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mt.rcobjs.com/static/rc/common/resources/css/partner/amex/partner.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Wed, 14 Dec 2022 17:02:03 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
939
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 30 Sep 2022 12:16:38 GMT
ETag
"3ab-5e9e3f7375580"
X-Frame-Options
SAMEORIGIN
Access-Control-Max-Age
86400
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
buttons2.gif
mt.rcobjs.com/static/core/img/deemsmb/btn/
5 KB
6 KB
Image
General
Full URL
https://mt.rcobjs.com/static/core/img/deemsmb/btn/buttons2.gif
Requested by
Host: mt.rcobjs.com
URL: https://mt.rcobjs.com/static/rc/common/resources/css/partner/amex/partner.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.84.15 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-84-15.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0f02e11bdf7696c1d80237a6dc15f70cb7b50718833e564a3f1010d6c9a90281
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mt.rcobjs.com/static/rc/common/resources/css/partner/amex/partner.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Wed, 14 Dec 2022 17:02:03 GMT
X-Content-Type-Options
nosniff
Connection
keep-alive
Content-Length
5400
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 30 Sep 2022 12:16:38 GMT
ETag
"1518-5e9e3f7375580"
X-Frame-Options
SAMEORIGIN
Access-Control-Max-Age
86400
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
walkme_7a86eb1e39c34ae7b533f92ba8b713e1_https.js
cdn.walkme.com/users/7a86eb1e39c34ae7b533f92ba8b713e1/
24 KB
9 KB
Script
General
Full URL
https://cdn.walkme.com/users/7a86eb1e39c34ae7b533f92ba8b713e1/walkme_7a86eb1e39c34ae7b533f92ba8b713e1_https.js
Requested by
Host: login.gbtconnect.com
URL: https://login.gbtconnect.com/login/apps/init.do?_appid=Login&cookieDomain=.gbtconnect.com&relayMethod=GET&relayState=https%3A%2F%2Fosisoftus.gbtconnect.com%2Frc%2Flogin%2FpostLogin.do&appType=pa&reason=usrPwdLogin&paSiteUrlName=osisoftus&smb=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.64.114.149 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-114-149.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
21a1981ff64fdb577ecf9d33d01e03aec0f9e3550d58b04512581e5be7eb99e7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.gbtconnect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
KGJBBBKyAYujnf.z7bLRfXsP7TqwiLSt
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 14 Dec 2022 17:02:03 GMT
access-control-allow-private-network
true
x-amz-request-id
V41SWJKJ87NPFDBA
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
8476
x-amz-id-2
WQHNOo+c/n+Pehohv9ymAX/kRpqJ0hVjlb1xUPwj6U0eDmjLVb+OrlRNMuPLb+EYYdsCl+w/IyI=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 07 Dec 2022 15:18:29 GMT
etag
"52ab608768abf32775ab0b9695df6fd1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=67983
accept-ranges
bytes
timing-allow-origin
*
gtm.js
www.googletagmanager.com/
144 KB
52 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TXXJDG8
Requested by
Host: login.gbtconnect.com
URL: https://login.gbtconnect.com/login/apps/init.do?_appid=Login&cookieDomain=.gbtconnect.com&relayMethod=GET&relayState=https%3A%2F%2Fosisoftus.gbtconnect.com%2Frc%2Flogin%2FpostLogin.do&appType=pa&reason=usrPwdLogin&paSiteUrlName=osisoftus&smb=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9cfbdb070afc3b0c444f67f118015fb50a2ff55cfcd1c28128a2f142b7962e01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.gbtconnect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 17:02:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52713
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 14 Dec 2022 17:02:03 GMT
settings.js
cdn.walkme.com/users/7a86eb1e39c34ae7b533f92ba8b713e1/
2 KB
1 KB
Script
General
Full URL
https://cdn.walkme.com/users/7a86eb1e39c34ae7b533f92ba8b713e1/settings.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/7a86eb1e39c34ae7b533f92ba8b713e1/walkme_7a86eb1e39c34ae7b533f92ba8b713e1_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.64.114.149 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-114-149.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a4d98a6c7435f54c89b5daed3ab2e78931942ffdf1af7c4dd565bf03ed3334bd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.gbtconnect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
oZ06R.WSda249mrGwntRcEVOhSz78oBb
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 14 Dec 2022 17:02:03 GMT
access-control-allow-private-network
true
x-amz-request-id
5NF4PCEKYFKDB5NZ
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
758
x-amz-id-2
+0yTAahZW5Qj9zpu2aebsgh7jHFtoForbUU1GwhC4Bf6DROc8ftfI32xAW90ATbUgG9lJYz1EVw=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 14 Dec 2022 17:01:07 GMT
etag
"4375f60baa7bd9328caff8a3fc68d96c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
timing-allow-origin
*
wmjQuery33121.js
cdn.walkme.com/player/resources/
87 KB
30 KB
Script
General
Full URL
https://cdn.walkme.com/player/resources/wmjQuery33121.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/7a86eb1e39c34ae7b533f92ba8b713e1/walkme_7a86eb1e39c34ae7b533f92ba8b713e1_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.64.114.149 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-114-149.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4c39cb66f7f70d491df03c9483665b7aa362d889daebc31d1d98305f34b7e3af
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.gbtconnect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
dpj4bAlfG6UlhFPdf_TGly9sgsSAJ5Ge
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 14 Dec 2022 17:02:03 GMT
access-control-allow-private-network
true
x-amz-request-id
Q7J9J36GB98PHZFW
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
30035
x-amz-id-2
piFWEgqOFJW1SPxWishEeqKYvGlXdGaiJRJhMk9EjVHPKa+bOyLdyGtkqvJVZeBXYShQeUlwYOU=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 May 2022 06:44:33 GMT
etag
"b00eee8317d72ce865b995c31f1f95ff"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=21726736
accept-ranges
bytes
timing-allow-origin
*
prelib-plugin-acce7091-c6cc-3328-bfea-f1a476f0dcaa.js
cdn.walkme.com/users/7a86eb1e39c34ae7b533f92ba8b713e1/scripts/
351 KB
103 KB
Script
General
Full URL
https://cdn.walkme.com/users/7a86eb1e39c34ae7b533f92ba8b713e1/scripts/prelib-plugin-acce7091-c6cc-3328-bfea-f1a476f0dcaa.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/7a86eb1e39c34ae7b533f92ba8b713e1/walkme_7a86eb1e39c34ae7b533f92ba8b713e1_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.64.114.149 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-114-149.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2463e427fd42df2e9abee67b329e48c763e84b36a97d6272f2ee55fc171881e2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.gbtconnect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
GnL8W6zeDwLYCSVOwjURx20cJjyt83L7
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 14 Dec 2022 17:02:03 GMT
access-control-allow-private-network
true
x-amz-request-id
FV7NGJG8WCQMSGG4
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
104200
x-amz-id-2
B1wFPEIbB+RuwmDGM8qlMTswopJIFhbDM/JtJgzIYrC3S9GHid8aMEKlznsPC7DzrvK6qccE1ts=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 01 Aug 2022 11:52:45 GMT
etag
"5f6253c8ea1b6bfe6c7068ace6f2d09f"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=19871477
accept-ranges
bytes
timing-allow-origin
*
walkme_lib_20221208-115045-8ba9ed62-871adcb6.br.js
cdn.walkme.com/player/lib/
2 MB
355 KB
Script
General
Full URL
https://cdn.walkme.com/player/lib/walkme_lib_20221208-115045-8ba9ed62-871adcb6.br.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/7a86eb1e39c34ae7b533f92ba8b713e1/walkme_7a86eb1e39c34ae7b533f92ba8b713e1_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.64.114.149 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-114-149.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d3104822d0a1b117bdb573b8e35393f8852433047fc00535f948d44555897e36
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.gbtconnect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
klxo._XboI_kihvvhmBzsd.G6IBwITKs
content-encoding
br
x-content-type-options
nosniff
date
Wed, 14 Dec 2022 17:02:03 GMT
access-control-allow-private-network
true
x-amz-request-id
9TCHQF0XS5EMQ1RD
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
362131
x-amz-id-2
a3i1iY0VGQjqN+p0UiH2gfSyygHAvaObXpLbfv63gbGLhF/8Kx4mXu4oSvatleXZETnoJL+1nOo=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 08 Dec 2022 12:42:57 GMT
etag
"78a9709506c7dd5487a372c80b683456"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31272877
accept-ranges
bytes
timing-allow-origin
*
walkme_config_68bd5ccba2ae4e41885fa7cb6b4eb86f.js
cdn.walkme.com/users/7a86eb1e39c34ae7b533f92ba8b713e1/
4 KB
2 KB
Script
General
Full URL
https://cdn.walkme.com/users/7a86eb1e39c34ae7b533f92ba8b713e1/walkme_config_68bd5ccba2ae4e41885fa7cb6b4eb86f.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/7a86eb1e39c34ae7b533f92ba8b713e1/walkme_7a86eb1e39c34ae7b533f92ba8b713e1_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.64.114.149 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-114-149.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
207f94fc532b4e23f5ed8a09675d1155362baa97c993c7b3044bbb183269b52b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.gbtconnect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
QlHG0XKk6bYsb9K0WvkyHo3UlDnDVDBL
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 14 Dec 2022 17:02:04 GMT
access-control-allow-private-network
true
x-amz-request-id
FJXDCDYPDDM15XS2
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
1811
x-amz-id-2
eRwJ7BTCDdu6VU+SmrS/sRUrpPLRIA7WHY/FIjSsYdDNxN3Sl6afQL69bxonyctk3RE9p6VTggk=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 14 Dec 2022 17:01:00 GMT
etag
"89319e74e188cbb42a7121e7a287a908"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31535983
accept-ranges
bytes
timing-allow-origin
*
insights_configuration_9e1ed4601520448681c111d1a4f7c169.json
cdn.walkme.com/users/7a86eb1e39c34ae7b533f92ba8b713e1/external-data/insights-configuration/
2 B
570 B
XHR
General
Full URL
https://cdn.walkme.com/users/7a86eb1e39c34ae7b533f92ba8b713e1/external-data/insights-configuration/insights_configuration_9e1ed4601520448681c111d1a4f7c169.json
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/resources/wmjQuery33121.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.64.114.149 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-114-149.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://login.gbtconnect.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
lhn4IPd747ObEHUDtYrBb.aT.SjgVfL_
date
Wed, 14 Dec 2022 17:02:04 GMT
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
access-control-allow-private-network
true
x-amz-request-id
QA6V0DK55YRMDNZH
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
2
x-amz-id-2
/7EOTUuK9OOAlpoM9O/NNDO7Egsp7aEMZ9UxpSe3FhGOvXKvfDIebkMBTTaLoYqlunlrK98EdaM=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 15 Aug 2022 14:39:33 GMT
etag
"99914b932bd37a50b983c5e7c90ae93b"
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
8.4594c329.walkme_lib.js
cdn.walkme.com/player/lib/20221208-115045-8ba9ed62-871adcb6.br/
9 KB
3 KB
Script
General
Full URL
https://cdn.walkme.com/player/lib/20221208-115045-8ba9ed62-871adcb6.br/8.4594c329.walkme_lib.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20221208-115045-8ba9ed62-871adcb6.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.64.114.149 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-114-149.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f11a042872bd67e139d9e558e1a654ab52fd4db7efd2f96b205ae11ac65142a8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.gbtconnect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
Oq3F9iOcEiWy5XQvh.F3ywVPD9RRD08W
content-encoding
br
x-content-type-options
nosniff
date
Wed, 14 Dec 2022 17:02:04 GMT
access-control-allow-private-network
true
x-amz-request-id
XTY2TSS7C4ZFZH6E
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
2877
x-amz-id-2
9VW7oMJI7/HY491PmmcITE+bSRuDjxt+YAvnxUhP1Zv57Otc4ZvwUwdbjcfxrlUAr5qrcH56HMk=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 08 Dec 2022 12:42:48 GMT
etag
"48cd1a15a656c199ff3551fc2d10b054"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31280930
accept-ranges
bytes
timing-allow-origin
*
custom_css_68bd5ccba2ae4e41885fa7cb6b4eb86f.css
cdn.walkme.com/users/7a86eb1e39c34ae7b533f92ba8b713e1/
162 KB
12 KB
Stylesheet
General
Full URL
https://cdn.walkme.com/users/7a86eb1e39c34ae7b533f92ba8b713e1/custom_css_68bd5ccba2ae4e41885fa7cb6b4eb86f.css
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20221208-115045-8ba9ed62-871adcb6.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.64.114.149 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-114-149.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
51e6ac3dc202c481f74a0a692ae714b1f019e15a6b0ae028f6ed2eb26a19ea2c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.gbtconnect.com/
Origin
https://login.gbtconnect.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
HX3.p9bn_76VTG5aIRXoOlaSY8GYf2hx
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 14 Dec 2022 17:02:05 GMT
access-control-allow-private-network
true
x-amz-request-id
2QYMTDNT8G8YV5RA
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
11682
x-amz-id-2
EzSmBQzyy2GaI3H0fD5KSHpLiBbf65OW0xFS5tHpGqA+EQ63K7800ZfWED37ZIgn7qcWvGC3Glo=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 14 Dec 2022 17:01:05 GMT
etag
"b1ea3f4912fee1f1438487158ed23f8d"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31535996
accept-ranges
bytes
timing-allow-origin
*
data_68bd5ccba2ae4e41885fa7cb6b4eb86f.json
cdn.walkme.com/users/7a86eb1e39c34ae7b533f92ba8b713e1/
786 KB
93 KB
Fetch
General
Full URL
https://cdn.walkme.com/users/7a86eb1e39c34ae7b533f92ba8b713e1/data_68bd5ccba2ae4e41885fa7cb6b4eb86f.json
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20221208-115045-8ba9ed62-871adcb6.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.64.114.149 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-114-149.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
78eb561367698a28c00a08d87b61a4ad44614468795b365e01c7596c50e7f1bc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.gbtconnect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
hcZZGO6asdbOPashXXxTlr7eaOEqu5H_
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 14 Dec 2022 17:02:05 GMT
access-control-allow-private-network
true
x-amz-request-id
2QYT3Z9CDM18HM5K
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
94327
x-amz-id-2
oQZcRyoE84BVlv2o2PcIzenU3DS4ZpC/co2fJwE2Fa8eervSqQlq0m6QsrTFt3VIy0VkoBidTG4=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 14 Dec 2022 17:01:05 GMT
etag
"742cc30da96b09a592087e6f8eb7608c"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
28.d267598d.walkme_lib.js
cdn.walkme.com/player/lib/20221208-115045-8ba9ed62-871adcb6.br/
112 KB
30 KB
Script
General
Full URL
https://cdn.walkme.com/player/lib/20221208-115045-8ba9ed62-871adcb6.br/28.d267598d.walkme_lib.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20221208-115045-8ba9ed62-871adcb6.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.64.114.149 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-114-149.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5ccf44b26fc3334df50e8e1511706e69b3824a569743486e8ced069f88d0b432
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.gbtconnect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
.xmrFsKFDxOpkIlVt4.9IOnBKGF9ho58
content-encoding
br
x-content-type-options
nosniff
date
Wed, 14 Dec 2022 17:02:05 GMT
access-control-allow-private-network
true
x-amz-request-id
RVSJWNDBS808FH7H
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
30371
x-amz-id-2
f6TsJTcmQ8fUA2dHu8pTHcvdPDrCxOQavxpWVMCVmT1SJR54PFhchNYfM3olGxNcjwQRN9Rqemo=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 08 Dec 2022 12:42:47 GMT
etag
"70d4df31285e2ea81591d0fbc4044b68"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31274661
accept-ranges
bytes
timing-allow-origin
*
15.167786a8.walkme_lib.js
cdn.walkme.com/player/lib/20221208-115045-8ba9ed62-871adcb6.br/
2 KB
1 KB
Script
General
Full URL
https://cdn.walkme.com/player/lib/20221208-115045-8ba9ed62-871adcb6.br/15.167786a8.walkme_lib.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20221208-115045-8ba9ed62-871adcb6.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.64.114.149 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-114-149.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d26a6ee5ed857321480b4a566199fb47a86b60abcff0cbf5ec19185d7f7bfb29
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.gbtconnect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
eLZ.s_84HvwMiJE_dfuHET9TXBpVGW16
content-encoding
br
x-content-type-options
nosniff
date
Wed, 14 Dec 2022 17:02:05 GMT
access-control-allow-private-network
true
x-amz-request-id
ACE1FZBB1AHX9FEQ
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
939
x-amz-id-2
zbyeIa0oXu0HfYHnrgS3j3b/0nWk95IInzncmSJxdpg2F0ZtrExevpSRZ5Qzv8nRjQkwXQmt1CI=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 08 Dec 2022 12:42:47 GMT
etag
"e26c241902c92bd9817eb4ad9fc1f41c"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31354525
accept-ranges
bytes
timing-allow-origin
*
43.e27ab561.walkme_lib.js
cdn.walkme.com/player/lib/20221208-115045-8ba9ed62-871adcb6.br/
25 KB
13 KB
Script
General
Full URL
https://cdn.walkme.com/player/lib/20221208-115045-8ba9ed62-871adcb6.br/43.e27ab561.walkme_lib.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20221208-115045-8ba9ed62-871adcb6.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.64.114.149 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-114-149.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
42aefcd6c9ef26f34e1c5dfbb47f9f50ecde9f25c3f0e3e1ebc4250b19cd2a66
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.gbtconnect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
O7pL8iWWMovMEwTop1XzdI4r.VmatOxu
content-encoding
br
x-content-type-options
nosniff
date
Wed, 14 Dec 2022 17:02:05 GMT
access-control-allow-private-network
true
x-amz-request-id
8T362F7QFRKZCBS8
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
12279
x-amz-id-2
5pmq77GHnMZ3/rfdv0tWlgwTJA7u+p+hEUJH+eilAOL3xEA40/0QH4sEQZvjScgiUKZ6EXIa1BA=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 08 Dec 2022 12:42:47 GMT
etag
"cdbfc79d465d48ea9226a9428dfcf20b"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31376150
accept-ranges
bytes
timing-allow-origin
*
evaluatedConditions
papi.walkme.com/conditions/
37 B
247 B
XHR
General
Full URL
https://papi.walkme.com/conditions/evaluatedConditions?accountGuid=7a86eb1e39c34ae7b533f92ba8b713e1&endUserId=walkme_no_customer%40example.com&environment=0
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/resources/wmjQuery33121.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:4b1::327b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/ Express
Resource Hash
4367ad6157067c51e40f99277ad29c60b8f4ef4066a9d35eea4e07d9a0f08184

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://login.gbtconnect.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 17:02:05 GMT
x-correlation-id
81c13d10-7120-423a-9986-d8ef1bbf0bb5
x-powered-by
Express
etag
W/"25-NdoezegPEoOLuQWvhhJoKjRURE8"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-datadog-trace-id
6397609072646850337
content-length
37
opensans.js
cdn.walkme.com/player/resources/fonts/
66 KB
51 KB
Script
General
Full URL
https://cdn.walkme.com/player/resources/fonts/opensans.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20221208-115045-8ba9ed62-871adcb6.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.64.114.149 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-114-149.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
db6b25bb6ccabdbd425d7b1c871c5d0b3588cc5c51936d4f6ecaa8f92c6e7b03
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.gbtconnect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id
QXlbtIm0pVowpuV2dMEQfP3LYsJHdvK5
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 14 Dec 2022 17:02:05 GMT
access-control-allow-private-network
true
x-amz-request-id
0NKKEJ4YMJRJD2HH
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
x-amz-id-2
3/OZEzz+o4WRsMzcTvLvS0CmwFpLmvpeoLSFJbp3NZdL34SbaJFFY0zFvcQ7WfFacaB+9hxEXdw=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 31 Oct 2018 15:50:43 GMT
etag
"f0929eacd329b25f2c32b513ae2bb075"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=27333439
accept-ranges
bytes
timing-allow-origin
*
init
ec-playback.walkme.com/session/
58 B
247 B
XHR
General
Full URL
https://ec-playback.walkme.com/session/init
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/7a86eb1e39c34ae7b533f92ba8b713e1/scripts/prelib-plugin-acce7091-c6cc-3328-bfea-f1a476f0dcaa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.203.98 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.203.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
6b4572fed6b48ba91298f94bcb2c116693827167c23461150deff760dcef0493

Request headers

Referer
https://login.gbtconnect.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 14 Dec 2022 17:02:05 GMT
via
1.1 google
x-powered-by
Express
etag
W/"3a-QeWAwrIQTdvHpO0cVHl4UtG/+Hs"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58
030154ca-42e1-488d-a873-572d8ac913f1
https://login.gbtconnect.com/
46 KB
0
Other
General
Full URL
blob:https://login.gbtconnect.com/030154ca-42e1-488d-a873-572d8ac913f1
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
760fa86e84048130ffd3d074fea152b7fd1135bb4c70e116a3c687d89b20bf5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length
47594
Content-Type
text/javascript
postEvent
ec.walkme.com/event/
2 B
367 B
XHR
General
Full URL
https://ec.walkme.com/event/postEvent
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/resources/wmjQuery33121.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.138.243 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
243.138.244.35.bc.googleusercontent.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; block-all-mixed-content; default-src 'none'; frame-ancestors: 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
text/html, */*; q=0.01
Referer
https://login.gbtconnect.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests; block-all-mixed-content; default-src 'none'; frame-ancestors: 'none'
x-content-type-options
nosniff
referrer-policy
strict-origin
via
1.1 google
date
Wed, 14 Dec 2022 17:02:06 GMT
x-frame-options
DENY
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

190 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontentvisibilityautostatechange object| _walkmeConfig string| walkme_segment_id string| walkme_customer string| walkme_company string| walkme_siteId object| dataLayer function| getStaticContentURL function| specialCharEscape boolean| submitCount object| validators function| isSubmitted function| contactChooser function| safeActionSubmit function| safeConfirmSubmit function| safeSubmit function| safeSubmitWithWait function| safeSubmitWithWaitAndDelay function| makePleaseWaitLayer function| generateLoadingImgMask function| getSiblingObject function| getObject function| submitAction function| submitAjaxForm function| validateAndSubmitAction function| safeGoto function| validateAndSafeGoto function| safeReplace function| nextPageSubmit function| doBack function| statusSortSubmit function| sortSubmit function| next function| save function| safeCancel function| startOver function| startOverSearch function| startOverTemplateSearch function| startOverFromHeader function| procure function| modify function| gotoService function| gotoPersonalAccounts function| submitUsingEnter function| consumeEnter function| disableSubmitUsingEnter function| gotoURL function| replaceURL function| forward function| gotoMonth function| gotoMonthOnly function| getParamValue function| getSelectedOptValue function| setSelectedOptValue function| getSelectedRadioValue function| getSelectedRadioIndex function| setSelectedRadioValue function| isFormElemDefined function| isTextBox function| isSelectBox function| totalSelectedOptions function| simplifiedSelection function| clearOptions function| deleteAllOptions function| numSelectValues function| setCheckboxState function| doSafelySetCheckbox function| changeCheckboxState function| dateSelected function| dateSelectedLongFormat function| doesFFExist function| setFF function| setObjFF function| getFF function| getObjFF function| getFFObj function| getFormField function| setFocus function| pickAirport function| makeRecursive function| makeNonRecursive function| onTop function| openPopup function| openScrollingPopup function| openScrollingPopupWithOptions function| openScrollingPopupUnsizable function| centerWindow function| computeScreenLoc function| showDateChooser function| showDateChooserLongFormat function| closeInviteePickerWindow function| changeAuthorizer function| closeAccountPickerWindow function| closeAddressPickerWindow function| closeWindow function| framePrint function| printPage function| findFormNamed function| findFieldNamed function| changeCountry function| doChangeCountry function| tablePrepareSort function| getCurrentHour12Format function| trim function| PAD function| selectAll function| toggleLayer function| displayObject function| displayStyleIf function| toggleImage function| displayLayer function| toggleCheckBox function| toggleCheckBoxOnCheck function| changeSelection function| updateNotificationMessageBox function| makeToolTip function| empty function| getFileName function| SelectOnFocusIn function| SelectOnFocus function| hideImage function| highlightField function| toQueryObject function| toQueryStringObject object| Prototype object| Class object| Abstract object| Try function| PeriodicalExecuter function| Template object| $break object| $continue object| Enumerable function| $A function| $w function| Hash function| $H function| $R object| Ajax function| $ object| Toggle object| Insertion function| Selector function| $$ object| Form object| Field function| $F object| Position object| YAHOO object| RC function| $I object| SiteAnalysisConstants object| SiteAnalysisUtil object| offerTrackingData object| OfferAnalyticsConstants object| OfferAnalyticsUtil function| ObjectRange object| JSON2 object| ajaxRequestComplete function| confirmSubmit function| setup function| submitOnKeyEnter function| showPwdFieldOnClick function| switchDelegateLogin function| on_ps_signInButton1_click object| toolTipManager object| google_tag_manager function| dmEventTracker function| genericTrackEvent object| _walkmeInternals object| wmSnippet undefined| fixedCallback function| mtjQuery function| wmjQuery function| walkme_pre_lib_loaded object| JacoRecorder object| WalkMeInsightsAPI object| _walkmeWebpackJP object| _makeTutorialEv undefined| WalkMeConfigCallback object| _makeTutorial object| _walkMe object| WalkMeAPI object| WalkMeDataAPI object| wmContext object| WalkMePlayerAPI object| valuePerEvent object| observer

10 Cookies

Domain/Path Name / Value
login.gbtconnect.com/login Name: JSESSIONID
Value: 1CF62A26CE02770806A4DBDB7DFBCC09.dc3-trvl-prod-vserv-lgn01.dc3.deem.zone
login.gbtconnect.com/login Name: TS01179511
Value: 01068140d1804d77f9e62630110be43f872d2298ffae0251237eecd8cb6ec07d0cdc170bec793521fdc79c391376aeb615346bf1f8
osisoftus.gbtconnect.com/rc Name: TS01e40ad4
Value: 01068140d1a216c43a3528dd654e843705ab8ca75eae56146d7c5d973a017a5491345cc76058575f79a9bd3b38675c1d3b604d06eb
osisoftus.gbtconnect.com/rc Name: JSESSIONID
Value: 22D493999AA59BC939634FC6D117992A.dc3-trvl-prod-vserv-uapcc01.dc3.deem.zone
osisoftus.gbtconnect.com/ Name: JSESSIONID
Value: 2D35B4FF3B1EF405313841165874C949.dc3-trvl-prod-vserv-uapcc05.dc3.deem.zone
osisoftus.gbtconnect.com/ Name: TS01907f6a
Value: 01068140d1a216c43a3528dd654e843705ab8ca75eae56146d7c5d973a017a5491345cc76058575f79a9bd3b38675c1d3b604d06eb
.osisoftus.gbtconnect.com/ Name: rcRoutingCookie
Value: origin.clusterc.gbtconnect.com
.osisoftus.gbtconnect.com/ Name: TS01c4e197
Value: 01068140d1a216c43a3528dd654e843705ab8ca75eae56146d7c5d973a017a5491345cc76058575f79a9bd3b38675c1d3b604d06eb
osisoftus.gbtconnect.com/ Name: deem-unirule
Value: 21671037322547280
login.gbtconnect.com/ Name: TS01907f6a
Value: 01068140d1804d77f9e62630110be43f872d2298ffae0251237eecd8cb6ec07d0cdc170bec793521fdc79c391376aeb615346bf1f8

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.walkme.com
ec-playback.walkme.com
ec.walkme.com
login.gbtconnect.com
mt.rcobjs.com
osisoftus.gbtconnect.com
papi.walkme.com
www.googletagmanager.com
104.103.84.15
104.64.114.149
208.94.220.182
2a00:1450:4001:806::2008
2a02:26f0:11a:4b1::327b
34.120.203.98
35.244.138.243
0f02e11bdf7696c1d80237a6dc15f70cb7b50718833e564a3f1010d6c9a90281
207f94fc532b4e23f5ed8a09675d1155362baa97c993c7b3044bbb183269b52b
21a1981ff64fdb577ecf9d33d01e03aec0f9e3550d58b04512581e5be7eb99e7
2463e427fd42df2e9abee67b329e48c763e84b36a97d6272f2ee55fc171881e2
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3c2e95418b372124a465368582d9b54ed02fc38347a646450cd978dd2e3fd1ca
42aefcd6c9ef26f34e1c5dfbb47f9f50ecde9f25c3f0e3e1ebc4250b19cd2a66
4367ad6157067c51e40f99277ad29c60b8f4ef4066a9d35eea4e07d9a0f08184
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
462defbe6c8e1773b6f2fe5ec7595c0be4d58d0f31b7adc7ade42d85156411cb
4c156b531dd8a75204a1b4c3e59f479890514fe8979e4bd29aafea6a0aa1c908
4c39cb66f7f70d491df03c9483665b7aa362d889daebc31d1d98305f34b7e3af
51e6ac3dc202c481f74a0a692ae714b1f019e15a6b0ae028f6ed2eb26a19ea2c
5ccf44b26fc3334df50e8e1511706e69b3824a569743486e8ced069f88d0b432
608fdf8dadd0848bb3f7b1039880ffe09ce5f1beea1a334e8a46577c9816e11f
6b4572fed6b48ba91298f94bcb2c116693827167c23461150deff760dcef0493
6cb8a200051af8dccb4a819941604e1caad59cf46f975c6cd8ffb1f1bb1dc211
7370cf853f9836247c19b67dda925448d4a3dcd246e4daa02e1c2031d3231a68
760fa86e84048130ffd3d074fea152b7fd1135bb4c70e116a3c687d89b20bf5d
78eb561367698a28c00a08d87b61a4ad44614468795b365e01c7596c50e7f1bc
86354f847336003320a805c58ad63ef379e25ebe3cb91dbecd4faa4b76744306
8af4accc15341cc32e360dbc863ceb29e93dd4983ddc2fce13bd9b78422c4426
9cfbdb070afc3b0c444f67f118015fb50a2ff55cfcd1c28128a2f142b7962e01
a4d98a6c7435f54c89b5daed3ab2e78931942ffdf1af7c4dd565bf03ed3334bd
b611137494da13b2d4a460e44a3d92d30edb6171f17b6c32216f48d004dc9d25
cb4334ae15f2c481265f458d0dca5c17cf0b9222474e8ec2227c45974973febf
d26a6ee5ed857321480b4a566199fb47a86b60abcff0cbf5ec19185d7f7bfb29
d3104822d0a1b117bdb573b8e35393f8852433047fc00535f948d44555897e36
db6b25bb6ccabdbd425d7b1c871c5d0b3588cc5c51936d4f6ecaa8f92c6e7b03
e31558eac417502fdf72af19ba489415b4980f62ca3dad97ac205815ab1664d0
f11a042872bd67e139d9e558e1a654ab52fd4db7efd2f96b205ae11ac65142a8
f4591c0afa63ed06896faee76eb2a2f5d5872d0833373ec2900d91b91f964811
fcd2c08e1f9620ff8382106130c4e175c2c91708f361487d13faa3b30d8cf30b