urlscan.io logo urlscan.io
SecurityTrails logo

ehsessentialsdemo.sandbox.hsiplatform.com Open in urlscan Pro
52.34.26.145  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ehsessentialsdemo.sandbox.hsiplatform.com/
Effective URL: https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
Submission: On April 13 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 19 HTTP transactions. The main IP is 52.34.26.145, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is ehsessentialsdemo.sandbox.hsiplatform.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 9th 2023. Valid for: 10 months.
This is the only time ehsessentialsdemo.sandbox.hsiplatform.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.191.58.101 16509 (AMAZON-02)
1 17 52.34.26.145 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.218.193.89 16509 (AMAZON-02)
19 4
1    54.191.58.101 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-191-58-101.us-west-2.compute.amazonaws.com
ehsessentialsdemo.sandbox.hsiplatform.com
17    52.34.26.145 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-26-145.us-west-2.compute.amazonaws.com
ehsessentialsdemo.sandbox.hsiplatform.com
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    52.218.193.89 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com
hsi-storage-production.s3.us-west-2.amazonaws.com
Domain Requested by
18 ehsessentialsdemo.sandbox.hsiplatform.com 2 redirects ehsessentialsdemo.sandbox.hsiplatform.com
2 fonts.googleapis.com ehsessentialsdemo.sandbox.hsiplatform.com
1 hsi-storage-production.s3.us-west-2.amazonaws.com ehsessentialsdemo.sandbox.hsiplatform.com
19 3

This site contains links to these domains. Also see Links.

Domain
donesafe.com
Subject Issuer Validity Valid
*.sandbox.hsiplatform.com
Amazon RSA 2048 M02		 2023-02-09 -
2023-12-21		 10 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
*.s3-us-west-2.amazonaws.com
Amazon		 2022-09-21 -
2023-08-24		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
Frame ID: AAE0F144E32A03FB2E9764525FE704D9
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

EHS Essentials DEMO

Page URL History Show full URLs

  1. http://ehsessentialsdemo.sandbox.hsiplatform.com/ HTTP 301
    https://ehsessentialsdemo.sandbox.hsiplatform.com/ HTTP 302
    https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in Page URL

Page Statistics

19
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

4116 kB
Transfer

18946 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ehsessentialsdemo.sandbox.hsiplatform.com/ HTTP 301
    https://ehsessentialsdemo.sandbox.hsiplatform.com/ HTTP 302
    https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sign_in
ehsessentialsdemo.sandbox.hsiplatform.com/users/
Redirect Chain
  • http://ehsessentialsdemo.sandbox.hsiplatform.com/
  • https://ehsessentialsdemo.sandbox.hsiplatform.com/
  • https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
59 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.26.145 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-26-145.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e41d6eaab4d31097088faf7d414a8acac875421401d847aedf7c19c85b0f7506
Security Headers
Name Value
Content-Security-Policy connect-src 'self' blob: https://*.amazonaws.com https://*.delighted.com https://*.donesafe.com https://*.doneware.com https://*.google-analytics.com https://*.intercom.io https://*.sandbox.hsiplatform.com https://*.walkme.com https://api.rollbar.com https://maps.googleapis.com wss://*.donesafe.com wss://*.doneware.com wss://*.ds.hsiplatform.com wss://*.intercom.io wss://*.na.hsiplatform.com wss://*.pusher.com wss://*.sandbox.hsiplatform.com; default-src 'self' https:; font-src 'self' https: data: cdn.walkme.com fonts.googleapis.com; frame-ancestors 'self' *.domo.com *.donesafe.com *.doneware.com *.hsi.com *.hsiplatformdev.com *.hsiplatformdev.com:4200 *.hsiplatformval.com *.osmanager4.com *.wikipedia.org app.productplan.com donesafe.okta.com hsi.com *.cloudflare.com *.cloudfront.net *.google-analytics.com *.googleapis.com *.googletagmanager.com *.intercomcdn.com *.walkme.com *.youtube.com *.youtu.be *.ytimg.com player.vimeo.com trackcmp.net widget.intercom.io *.hsiplatform.com; frame-src 'self' *.domo.com *.donesafe.com *.doneware.com *.hsi.com *.hsiplatformdev.com *.hsiplatformdev.com:4200 *.hsiplatformval.com *.osmanager4.com *.wikipedia.org app.productplan.com donesafe.okta.com hsi.com *.cloudflare.com *.cloudfront.net *.google-analytics.com *.googleapis.com *.googletagmanager.com *.intercomcdn.com *.walkme.com *.youtube.com *.youtu.be *.ytimg.com player.vimeo.com trackcmp.net widget.intercom.io *.hsiplatform.com; img-src 'self' https: data: blob: *.s3.amazonaws.com *.walkmeusercontent.com cdn.walkme.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudflare.com *.cloudfront.net *.google-analytics.com *.googleapis.com *.googletagmanager.com *.intercomcdn.com *.walkme.com *.youtube.com *.youtu.be *.ytimg.com player.vimeo.com trackcmp.net widget.intercom.io *.hsiplatform.com; style-src 'self' https: 'unsafe-inline' 'unsafe-eval' *.bootstrapcdn.com *.googleapis.com cdn.walkme.com; worker-src 'self' blob:; report-uri /api/content_security_reports
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-security-policy
connect-src 'self' blob: https://*.amazonaws.com https://*.delighted.com https://*.donesafe.com https://*.doneware.com https://*.google-analytics.com https://*.intercom.io https://*.sandbox.hsiplatform.com https://*.walkme.com https://api.rollbar.com https://maps.googleapis.com wss://*.donesafe.com wss://*.doneware.com wss://*.ds.hsiplatform.com wss://*.intercom.io wss://*.na.hsiplatform.com wss://*.pusher.com wss://*.sandbox.hsiplatform.com; default-src 'self' https:; font-src 'self' https: data: cdn.walkme.com fonts.googleapis.com; frame-ancestors 'self' *.domo.com *.donesafe.com *.doneware.com *.hsi.com *.hsiplatformdev.com *.hsiplatformdev.com:4200 *.hsiplatformval.com *.osmanager4.com *.wikipedia.org app.productplan.com donesafe.okta.com hsi.com *.cloudflare.com *.cloudfront.net *.google-analytics.com *.googleapis.com *.googletagmanager.com *.intercomcdn.com *.walkme.com *.youtube.com *.youtu.be *.ytimg.com player.vimeo.com trackcmp.net widget.intercom.io *.hsiplatform.com; frame-src 'self' *.domo.com *.donesafe.com *.doneware.com *.hsi.com *.hsiplatformdev.com *.hsiplatformdev.com:4200 *.hsiplatformval.com *.osmanager4.com *.wikipedia.org app.productplan.com donesafe.okta.com hsi.com *.cloudflare.com *.cloudfront.net *.google-analytics.com *.googleapis.com *.googletagmanager.com *.intercomcdn.com *.walkme.com *.youtube.com *.youtu.be *.ytimg.com player.vimeo.com trackcmp.net widget.intercom.io *.hsiplatform.com; img-src 'self' https: data: blob: *.s3.amazonaws.com *.walkmeusercontent.com cdn.walkme.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudflare.com *.cloudfront.net *.google-analytics.com *.googleapis.com *.googletagmanager.com *.intercomcdn.com *.walkme.com *.youtube.com *.youtu.be *.ytimg.com player.vimeo.com trackcmp.net widget.intercom.io *.hsiplatform.com; style-src 'self' https: 'unsafe-inline' 'unsafe-eval' *.bootstrapcdn.com *.googleapis.com cdn.walkme.com; worker-src 'self' blob:; report-uri /api/content_security_reports
content-type
text/html; charset=utf-8
date
Thu, 13 Apr 2023 17:35:16 GMT
etag
W/"e41d6eaab4d31097088faf7d414a8aca"
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains;
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
7e3dfcd8-be24-406f-83cd-0c05868cef65
x-runtime
0.072036
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache
content-type
text/html; charset=utf-8
date
Thu, 13 Apr 2023 17:35:16 GMT
location
https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
strict-transport-security
max-age=31536000; includeSubDomains;
x-permitted-cross-domain-policies
none
x-request-id
ff1cb429-4be9-4e1e-b0a7-edc187348c97
x-runtime
0.026240
runtime-76d804d0b7097ec963a8.js
ehsessentialsdemo.sandbox.hsiplatform.com/assets/packs/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ehsessentialsdemo.sandbox.hsiplatform.com/assets/packs/js/runtime-76d804d0b7097ec963a8.js
Requested by
Host: ehsessentialsdemo.sandbox.hsiplatform.com
URL: https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.26.145 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-26-145.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
8ca1078c4d6a941108dc1cb87681696e122af34d157dc4d5b3f5cd251b40a3df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 17:35:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains;
last-modified
Thu, 13 Apr 2023 03:18:19 GMT
etag
"6437747b-a36"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000, public
content-length
2614
expires
Thu, 31 Dec 2037 23:55:55 GMT
177-195bc7c9fa905f5f74dd.js
ehsessentialsdemo.sandbox.hsiplatform.com/assets/packs/js/ 		6 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://ehsessentialsdemo.sandbox.hsiplatform.com/assets/packs/js/177-195bc7c9fa905f5f74dd.js
Requested by
Host: ehsessentialsdemo.sandbox.hsiplatform.com
URL: https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.26.145 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-26-145.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
c13cab5359e8da4ac0dec9771cbb395a487ffd18f849424878993d7be65b611c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 17:35:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains;
last-modified
Thu, 06 Apr 2023 23:34:23 GMT
etag
"642f56ff-1a1b24"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000, public
content-length
1710884
expires
Thu, 31 Dec 2037 23:55:55 GMT
394-22ed7625e156ae70b862.js
ehsessentialsdemo.sandbox.hsiplatform.com/assets/packs/js/ 		3 MB
672 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ehsessentialsdemo.sandbox.hsiplatform.com/assets/packs/js/394-22ed7625e156ae70b862.js
Requested by
Host: ehsessentialsdemo.sandbox.hsiplatform.com
URL: https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.26.145 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-26-145.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
731691e97315ad22f3b43aa0292057cbf7bfad44107c13f93ea97b6741053016
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 17:35:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains;
last-modified
Wed, 22 Mar 2023 02:38:56 GMT
etag
"641a6a40-a7a1e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000, public
content-length
686622
expires
Thu, 31 Dec 2037 23:55:55 GMT
533-dd04a694b2c421b93049.js
ehsessentialsdemo.sandbox.hsiplatform.com/assets/packs/js/ 		3 MB
723 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ehsessentialsdemo.sandbox.hsiplatform.com/assets/packs/js/533-dd04a694b2c421b93049.js
Requested by
Host: ehsessentialsdemo.sandbox.hsiplatform.com
URL: https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.26.145 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-26-145.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
1c73a843194cfdfc31ceb22953d3996c044cc640137e2f91da8688068816bd6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 17:35:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains;
last-modified
Wed, 22 Mar 2023 02:38:56 GMT
etag
"641a6a40-b468d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000, public
content-length
738957
expires
Thu, 31 Dec 2037 23:55:55 GMT
849-c581a6fe5dc1d50c8678.js
ehsessentialsdemo.sandbox.hsiplatform.com/assets/packs/js/ 		53 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ehsessentialsdemo.sandbox.hsiplatform.com/assets/packs/js/849-c581a6fe5dc1d50c8678.js
Requested by
Host: ehsessentialsdemo.sandbox.hsiplatform.com
URL: https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.26.145 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-26-145.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2c1813769ed7c716df14e29172252526f8481c7480f92ae41198df7ead60196c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 17:35:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains;
last-modified
Thu, 06 Apr 2023 23:34:23 GMT
etag
"642f56ff-1ee0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000, public
content-length
7904
expires
Thu, 31 Dec 2037 23:55:55 GMT
331-f0019b9bd1886a719d16.js
ehsessentialsdemo.sandbox.hsiplatform.com/assets/packs/js/ 		855 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ehsessentialsdemo.sandbox.hsiplatform.com/assets/packs/js/331-f0019b9bd1886a719d16.js
Requested by
Host: ehsessentialsdemo.sandbox.hsiplatform.com
URL: https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.26.145 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-26-145.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a564ed4ef0fdd83d1577b62d12280acb15d9eeb18b372a8b5fbbf6d9375cb089
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 17:35:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains;
last-modified
Thu, 06 Apr 2023 23:34:23 GMT
etag
"642f56ff-219f7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000, public
content-length
137719
expires
Thu, 31 Dec 2037 23:55:55 GMT
449-df8a61ea0824c2d01b47.js
ehsessentialsdemo.sandbox.hsiplatform.com/assets/packs/js/ 		272 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ehsessentialsdemo.sandbox.hsiplatform.com/assets/packs/js/449-df8a61ea0824c2d01b47.js
Requested by
Host: ehsessentialsdemo.sandbox.hsiplatform.com
URL: https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.26.145 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-26-145.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
16367d1da957e5b3a8ab1f42d974c04f997250270473dfc66f3f8a7534024714
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 17:35:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains;
last-modified
Thu, 13 Apr 2023 03:18:19 GMT
etag
"6437747b-c07d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000, public
content-length
49277
expires
Thu, 31 Dec 2037 23:55:55 GMT
938-4675b0dccb8a594b7275.js
ehsessentialsdemo.sandbox.hsiplatform.com/assets/packs/js/ 		66 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ehsessentialsdemo.sandbox.hsiplatform.com/assets/packs/js/938-4675b0dccb8a594b7275.js
Requested by
Host: ehsessentialsdemo.sandbox.hsiplatform.com
URL: https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.26.145 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-26-145.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7483f2bec0f2491a0bbf2c64c0f1904b4cd9512c33294ba400cacb3ef7bd9aff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 17:35:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains;
last-modified
Tue, 28 Mar 2023 06:53:30 GMT
etag
"64228eea-343f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000, public
content-length
13375
expires
Thu, 31 Dec 2037 23:55:55 GMT
application-cb878b51c313123be763.js
ehsessentialsdemo.sandbox.hsiplatform.com/assets/packs/js/ 		4 MB
542 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ehsessentialsdemo.sandbox.hsiplatform.com/assets/packs/js/application-cb878b51c313123be763.js
Requested by
Host: ehsessentialsdemo.sandbox.hsiplatform.com
URL: https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.26.145 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-26-145.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
0cec9995ffa7e7b63c9cf70257a01ffb6c727ba6dec7155d3f06dfe16be60973
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 17:35:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains;
last-modified
Thu, 13 Apr 2023 03:18:19 GMT
etag
"6437747b-8745c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000, public
content-length
554076
expires
Thu, 31 Dec 2037 23:55:55 GMT
application-2b23dca1136640edf42f4cece884b5dab9630d2ab6448973664397d57b2698a0.js
ehsessentialsdemo.sandbox.hsiplatform.com/assets/ 		364 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ehsessentialsdemo.sandbox.hsiplatform.com/assets/application-2b23dca1136640edf42f4cece884b5dab9630d2ab6448973664397d57b2698a0.js
Requested by
Host: ehsessentialsdemo.sandbox.hsiplatform.com
URL: https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.26.145 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-26-145.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2b23dca1136640edf42f4cece884b5dab9630d2ab6448973664397d57b2698a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 17:35:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains;
last-modified
Thu, 13 Apr 2023 16:16:12 GMT
etag
"64382acc-188f7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000, public
content-length
100599
expires
Thu, 31 Dec 2037 23:55:55 GMT
application-2be0231f44da649e1bd5e885d6481ef728a996b9f3f4fa25954e4a924f94ee07.css
ehsessentialsdemo.sandbox.hsiplatform.com/assets/ 		116 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ehsessentialsdemo.sandbox.hsiplatform.com/assets/application-2be0231f44da649e1bd5e885d6481ef728a996b9f3f4fa25954e4a924f94ee07.css
Requested by
Host: ehsessentialsdemo.sandbox.hsiplatform.com
URL: https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.26.145 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-26-145.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
00585fa1a3f2e81aca579387d5d73cbbba1e7d3e6626c7f82a790a2203ecc03f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 17:35:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains;
last-modified
Thu, 13 Apr 2023 16:16:12 GMT
etag
"64382acc-5fc5"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000, public
content-length
24517
expires
Thu, 31 Dec 2037 23:55:55 GMT
177-ba9dcf5d.css
ehsessentialsdemo.sandbox.hsiplatform.com/assets/packs/css/ 		33 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ehsessentialsdemo.sandbox.hsiplatform.com/assets/packs/css/177-ba9dcf5d.css
Requested by
Host: ehsessentialsdemo.sandbox.hsiplatform.com
URL: https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.26.145 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-26-145.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
c61e1d79b5591cc3c65879a98eabe19fddcbb684443ee868e223f666ea493aa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 17:35:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains;
last-modified
Wed, 22 Mar 2023 02:38:56 GMT
etag
"641a6a40-1d2a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000, public
content-length
7466
expires
Thu, 31 Dec 2037 23:55:55 GMT
394-c2318bbe.css
ehsessentialsdemo.sandbox.hsiplatform.com/assets/packs/css/ 		46 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ehsessentialsdemo.sandbox.hsiplatform.com/assets/packs/css/394-c2318bbe.css
Requested by
Host: ehsessentialsdemo.sandbox.hsiplatform.com
URL: https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.26.145 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-26-145.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e221b599142b7d3f901a7bef82d3b8abeacc8fe2d84924104d1b1d425d12f5bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 17:35:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains;
last-modified
Wed, 22 Mar 2023 02:38:56 GMT
etag
"641a6a40-29ef"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000, public
content-length
10735
expires
Thu, 31 Dec 2037 23:55:55 GMT
449-ce50b4ca.css
ehsessentialsdemo.sandbox.hsiplatform.com/assets/packs/css/ 		441 KB
87 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ehsessentialsdemo.sandbox.hsiplatform.com/assets/packs/css/449-ce50b4ca.css
Requested by
Host: ehsessentialsdemo.sandbox.hsiplatform.com
URL: https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.26.145 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-26-145.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
153d3bc3571d7956166254693655fd9f862c8604516db5bf92fd78d368ccd6aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 17:35:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains;
last-modified
Thu, 06 Apr 2023 23:34:23 GMT
etag
"642f56ff-1595c"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000, public
content-length
88412
expires
Thu, 31 Dec 2037 23:55:55 GMT
application-1666b1af.css
ehsessentialsdemo.sandbox.hsiplatform.com/assets/packs/css/ 		91 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ehsessentialsdemo.sandbox.hsiplatform.com/assets/packs/css/application-1666b1af.css
Requested by
Host: ehsessentialsdemo.sandbox.hsiplatform.com
URL: https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.26.145 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-26-145.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
730bb139f4a0c7a90d029ccc04b8fcae1986e47bcaad418791916e1744f482bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 17:35:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains;
last-modified
Thu, 13 Apr 2023 03:18:19 GMT
etag
"6437747b-44b5"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000, public
content-length
17589
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon
fonts.googleapis.com/ 		569 B
775 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: ehsessentialsdemo.sandbox.hsiplatform.com
URL: https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ehsessentialsdemo.sandbox.hsiplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 13 Apr 2023 17:35:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 13 Apr 2023 17:35:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Apr 2023 17:35:17 GMT
css
fonts.googleapis.com/ 		4 KB
690 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,600
Requested by
Host: ehsessentialsdemo.sandbox.hsiplatform.com
URL: https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fd9c6162ab7d07de4cd15935b5f3cf36db8be7ef0686d98b25a483aef839f6f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ehsessentialsdemo.sandbox.hsiplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 13 Apr 2023 17:35:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 13 Apr 2023 16:14:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Apr 2023 17:35:17 GMT
yvsrb9qwcdax6moyq352q6jskn02
hsi-storage-production.s3.us-west-2.amazonaws.com/8a00ecd3-b065-4113-9c4a-8d7527ba4992/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hsi-storage-production.s3.us-west-2.amazonaws.com/8a00ecd3-b065-4113-9c4a-8d7527ba4992/yvsrb9qwcdax6moyq352q6jskn02?response-content-disposition=inline%3B%20filename%3D%22New%20HSI%20logo-medium.png%22%3B%20filename%2A%3DUTF-8%27%27New%2520HSI%2520logo-medium.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIARFCRO5NDDXL3QVF4%2F20230413%2Fus-west-2%2Fs3%2Faws4_request&X-Amz-Date=20230413T173516Z&X-Amz-Expires=10&X-Amz-SignedHeaders=host&X-Amz-Signature=2c3cf7b5c02c4008ee0b8b3fedfb7745b2c8cff66f3e8c0da4ed649b19cfb4e2
Requested by
Host: ehsessentialsdemo.sandbox.hsiplatform.com
URL: https://ehsessentialsdemo.sandbox.hsiplatform.com/users/sign_in
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.193.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
ec6f9fdf4e7bd1b2b865a2444694883fa7b307d1a3252ad80a4ca33dd003f15c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ehsessentialsdemo.sandbox.hsiplatform.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Thu, 13 Apr 2023 17:35:20 GMT
x-amz-version-id
ZYKncTbdDHNWlcrlqxdfeMZk_D8RszxK
Last-Modified
Wed, 08 Feb 2023 01:02:36 GMT
Server
AmazonS3
x-amz-request-id
8M6VA463KDD406H4
ETag
"059a4c8cd42713d1c651144dc26ed4d0"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Content-Disposition
inline; filename="New HSI logo-medium.png"; filename*=UTF-8''New%20HSI%20logo-medium.png
Accept-Ranges
bytes
Content-Length
28126
x-amz-id-2
JS8B1mR6L7SR+jSoSVL8eUfoXE1Zhuk19QZjJ+rtOo+BqegcjPpWgYX3DAodjoWVI/02t3ZIbso=
truncated
/ 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7f8f7d85735ab4fba7b9f9f63650f2e2d7b8e33801633f48319bdc7a2a46785

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/jpg

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| DONESAFE object| webpackChunkdonesafe function| clearImmediate function| setImmediate object| regeneratorRuntime number| _rollbarStartTime function| rollbar boolean| _rollbarDidLoad function| _rollbarURH object| Rollbar function| $ function| jQuery function| Big function| QS function| _ object| Modernizr object| Chartkick function| openModalOrGoToLink function| injectSelect2Plugin function| getCsrfToken function| select2ResponseTemplate function| select2IconResponseTemplate function| startForm function| startEnhancedForm function| updateField function| submitDraftForm function| submitForm function| prevPanel function| nextPanel function| toggleSectionGroup function| getCompleted function| initSubForm function| finalFormData function| arrayify function| wizardInitializers function| fillValueAttribute function| initDatePicker function| initDatetimePicker function| initScroll function| checkDiff function| toggleSubmitButtonDisable function| triggerDsAjaxStart function| triggerDsAjaxStop function| initAjaxCounter function| getCompletion function| initFormObservers function| updateFields function| destroyVueComponent function| normalizedWorkflowOperators object| doT object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| parsley object| __framePainter boolean| VimeoPlayerResizeEmbeds_ boolean| VimeoSeoMetadataAppended boolean| VimeoCheckedUrlTimeParam function| P object| gantt object| core object| ace number| FLASH_ALERT_DURATION function| SignaturePad object| I18n object| consumer function| FroalaEditor function| CaretCoordinates function| Panzoom function| ClipboardJS object| bootbox function| convertToDatabaseValue function| roundDecimalPlaces function| convertToDisplayValue function| setup_fields_for function| duplicate_fields_for function| hideClassificationRemoveAttr function| showClassificationAddAttr function| hideClassificationDetailsRemoveAttr function| showClassificationDetailsAddAttr function| setupIncidentParticipantForm function| isDateField function| isSelectField function| removeExistingValue function| lockComparisonToIn function| convertFieldType function| convertFieldToSelect function| convertFieldToDate function| convertDateFormatToDatePickerSyntax function| convertFieldToText function| initializeSelect2WithData function| resizeTable function| applySelect2Config function| select2ConfigGenerator function| attachSortable function| numberIsInteger

1 Cookies

Domain/Path Name / Value
ehsessentialsdemo.sandbox.hsiplatform.com/ Name: _donesafe_session
Value: a757934714562121278005f4bc68df45

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy connect-src 'self' blob: https://*.amazonaws.com https://*.delighted.com https://*.donesafe.com https://*.doneware.com https://*.google-analytics.com https://*.intercom.io https://*.sandbox.hsiplatform.com https://*.walkme.com https://api.rollbar.com https://maps.googleapis.com wss://*.donesafe.com wss://*.doneware.com wss://*.ds.hsiplatform.com wss://*.intercom.io wss://*.na.hsiplatform.com wss://*.pusher.com wss://*.sandbox.hsiplatform.com; default-src 'self' https:; font-src 'self' https: data: cdn.walkme.com fonts.googleapis.com; frame-ancestors 'self' *.domo.com *.donesafe.com *.doneware.com *.hsi.com *.hsiplatformdev.com *.hsiplatformdev.com:4200 *.hsiplatformval.com *.osmanager4.com *.wikipedia.org app.productplan.com donesafe.okta.com hsi.com *.cloudflare.com *.cloudfront.net *.google-analytics.com *.googleapis.com *.googletagmanager.com *.intercomcdn.com *.walkme.com *.youtube.com *.youtu.be *.ytimg.com player.vimeo.com trackcmp.net widget.intercom.io *.hsiplatform.com; frame-src 'self' *.domo.com *.donesafe.com *.doneware.com *.hsi.com *.hsiplatformdev.com *.hsiplatformdev.com:4200 *.hsiplatformval.com *.osmanager4.com *.wikipedia.org app.productplan.com donesafe.okta.com hsi.com *.cloudflare.com *.cloudfront.net *.google-analytics.com *.googleapis.com *.googletagmanager.com *.intercomcdn.com *.walkme.com *.youtube.com *.youtu.be *.ytimg.com player.vimeo.com trackcmp.net widget.intercom.io *.hsiplatform.com; img-src 'self' https: data: blob: *.s3.amazonaws.com *.walkmeusercontent.com cdn.walkme.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.cloudflare.com *.cloudfront.net *.google-analytics.com *.googleapis.com *.googletagmanager.com *.intercomcdn.com *.walkme.com *.youtube.com *.youtu.be *.ytimg.com player.vimeo.com trackcmp.net widget.intercom.io *.hsiplatform.com; style-src 'self' https: 'unsafe-inline' 'unsafe-eval' *.bootstrapcdn.com *.googleapis.com cdn.walkme.com; worker-src 'self' blob:; report-uri /api/content_security_reports
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ehsessentialsdemo.sandbox.hsiplatform.com
fonts.googleapis.com
hsi-storage-production.s3.us-west-2.amazonaws.com
2a00:1450:4001:830::200a
52.218.193.89
52.34.26.145
54.191.58.101
00585fa1a3f2e81aca579387d5d73cbbba1e7d3e6626c7f82a790a2203ecc03f
0cec9995ffa7e7b63c9cf70257a01ffb6c727ba6dec7155d3f06dfe16be60973
153d3bc3571d7956166254693655fd9f862c8604516db5bf92fd78d368ccd6aa
16367d1da957e5b3a8ab1f42d974c04f997250270473dfc66f3f8a7534024714
1c73a843194cfdfc31ceb22953d3996c044cc640137e2f91da8688068816bd6d
2b23dca1136640edf42f4cece884b5dab9630d2ab6448973664397d57b2698a0
2c1813769ed7c716df14e29172252526f8481c7480f92ae41198df7ead60196c
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
730bb139f4a0c7a90d029ccc04b8fcae1986e47bcaad418791916e1744f482bd
731691e97315ad22f3b43aa0292057cbf7bfad44107c13f93ea97b6741053016
7483f2bec0f2491a0bbf2c64c0f1904b4cd9512c33294ba400cacb3ef7bd9aff
8ca1078c4d6a941108dc1cb87681696e122af34d157dc4d5b3f5cd251b40a3df
a564ed4ef0fdd83d1577b62d12280acb15d9eeb18b372a8b5fbbf6d9375cb089
c13cab5359e8da4ac0dec9771cbb395a487ffd18f849424878993d7be65b611c
c61e1d79b5591cc3c65879a98eabe19fddcbb684443ee868e223f666ea493aa1
e221b599142b7d3f901a7bef82d3b8abeacc8fe2d84924104d1b1d425d12f5bf
e41d6eaab4d31097088faf7d414a8acac875421401d847aedf7c19c85b0f7506
ec6f9fdf4e7bd1b2b865a2444694883fa7b307d1a3252ad80a4ca33dd003f15c
f7f8f7d85735ab4fba7b9f9f63650f2e2d7b8e33801633f48319bdc7a2a46785
fd9c6162ab7d07de4cd15935b5f3cf36db8be7ef0686d98b25a483aef839f6f3