urlscan.io logo urlscan.io
SecurityTrails logo

exchange-taxpayer.safesendreturns.com Open in urlscan Pro
52.158.215.147  Public Scan

Go To Rescan Add Verdict Report
URL: https://exchange-taxpayer.safesendreturns.com/DropOff/6d20007930000
Submission: On April 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 63 HTTP transactions. The main IP is 52.158.215.147, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is exchange-taxpayer.safesendreturns.com. The Cisco Umbrella rank of the primary domain is 359997.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 3rd 2023. Valid for: a year.
This is the only time exchange-taxpayer.safesendreturns.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 52.158.215.147 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 27 2600:9000:211... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
15 23.67.138.249 16625 (AKAMAI-AS)
2 52.222.169.118 16509 (AMAZON-02)
2 20.50.88.238 8075 (MICROSOFT...)
2 35.201.109.167 396982 (GOOGLE-CL...)
63 9
13    52.158.215.147 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
exchange-taxpayer.safesendreturns.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
27    2600:9000:211e:1c00:4:8ff3:780:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.tiny.cloud
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
15    23.67.138.249 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-67-138-249.deploy.static.akamaitechnologies.com
cdn.walkme.com
2    52.222.169.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-169-118.cdg52.r.cloudfront.net
sp.tinymce.com
2    20.50.88.238 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
2    35.201.109.167 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 167.109.201.35.bc.googleusercontent.com
ec.walkme.com
Apex Domain
Subdomains		 Transfer
27 tiny.cloud
cdn.tiny.cloud — Cisco Umbrella Rank: 21003
494 KB
17 walkme.com
cdn.walkme.com — Cisco Umbrella Rank: 1450
ec.walkme.com — Cisco Umbrella Rank: 1686
633 KB
13 safesendreturns.com
exchange-taxpayer.safesendreturns.com — Cisco Umbrella Rank: 359997
2 MB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 730
200 B
2 tinymce.com
sp.tinymce.com — Cisco Umbrella Rank: 21883
756 B
2 gstatic.com
fonts.gstatic.com
62 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
1 KB
63 7
Domain Requested by
27 cdn.tiny.cloud 1 redirects exchange-taxpayer.safesendreturns.com
cdn.tiny.cloud
15 cdn.walkme.com exchange-taxpayer.safesendreturns.com
cdn.walkme.com
13 exchange-taxpayer.safesendreturns.com exchange-taxpayer.safesendreturns.com
2 ec.walkme.com exchange-taxpayer.safesendreturns.com
2 dc.services.visualstudio.com exchange-taxpayer.safesendreturns.com
2 sp.tinymce.com exchange-taxpayer.safesendreturns.com
2 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com exchange-taxpayer.safesendreturns.com
63 8

This site contains links to these domains. Also see Links.

Domain
safesend.com
Subject Issuer Validity Valid
*.safesendreturns.com
Go Daddy Secure Certificate Authority - G2		 2023-10-03 -
2024-11-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
walkme.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-04 -
2024-12-03		 a year crt.sh
tinymce.com
Amazon RSA 2048 M03		 2024-04-21 -
2025-05-19		 a year crt.sh
tiny.cloud
Amazon RSA 2048 M03		 2024-04-21 -
2025-05-19		 a year crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-04-10 -
2025-04-05		 a year crt.sh
*.walkme.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh

This page contains 2 frames:

Primary Page: https://exchange-taxpayer.safesendreturns.com/DropOff/6d20007930000
Frame ID: 6963B1B4A9E55C142620068F1428FCBC
Requests: 59 HTTP requests in this frame

Frame: https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/skins/ui/oxide/content.min.css
Frame ID: 2DBC5C0D6696ED8A40E644368C43F45A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SafeSend Exchange

Detected technologies

Overall confidence: 100%
Detected patterns
  • /tiny_?mce(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

63
Requests

98 %
HTTPS

38 %
IPv6

7
Domains

8
Subdomains

9
IPs

3
Countries

2775 kB
Transfer

5958 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5/tinymce.min.js HTTP 307
  • https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/tinymce.min.js

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 6d20007930000
exchange-taxpayer.safesendreturns.com/DropOff/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://exchange-taxpayer.safesendreturns.com/DropOff/6d20007930000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
0b23438aacf10d6899b2f83fc5b4f20b309d08f5c5f310da9e240f6a5799ffbd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
2672
Content-Type
text/html
Date
Wed, 24 Apr 2024 20:56:02 GMT
ETag
"1da81a554043c70"
Last-Modified
Fri, 29 Mar 2024 06:50:04 GMT
Request-Context
appId=cid-v1:882814f2-2042-49e8-a6e3-7a0ceec9e0b9
Server
Kestrel
Strict-Transport-Security
max-age=2592000
css2
fonts.googleapis.com/ 		28 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Mulish:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: exchange-taxpayer.safesendreturns.com
URL: https://exchange-taxpayer.safesendreturns.com/DropOff/6d20007930000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8f7c73fc33a164ebded38246bd119c604d319369766dac68f0ecc7548e106076
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 24 Apr 2024 20:56:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 24 Apr 2024 20:56:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Apr 2024 20:56:02 GMT
2.cce6d671.chunk.css
exchange-taxpayer.safesendreturns.com/static/css/ 		302 KB
302 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://exchange-taxpayer.safesendreturns.com/static/css/2.cce6d671.chunk.css
Requested by
Host: exchange-taxpayer.safesendreturns.com
URL: https://exchange-taxpayer.safesendreturns.com/DropOff/6d20007930000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
89a6de9c240c8b73eaa4c930cd61312206809ffbf3ee5a1cd878bbfbb8c89a35
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/DropOff/6d20007930000
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 24 Apr 2024 20:56:03 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Fri, 29 Mar 2024 06:50:04 GMT
Server
Kestrel
ETag
"1da81a554008e50"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
309328
Request-Context
appId=cid-v1:882814f2-2042-49e8-a6e3-7a0ceec9e0b9
main.025b4bcb.chunk.css
exchange-taxpayer.safesendreturns.com/static/css/ 		274 KB
274 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://exchange-taxpayer.safesendreturns.com/static/css/main.025b4bcb.chunk.css
Requested by
Host: exchange-taxpayer.safesendreturns.com
URL: https://exchange-taxpayer.safesendreturns.com/DropOff/6d20007930000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
14d5635f0a9f727963cb08745ea5d2a1e1a2b06fa5425036787e547dd560d0db
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/DropOff/6d20007930000
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 24 Apr 2024 20:56:03 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Fri, 29 Mar 2024 06:50:04 GMT
Server
Kestrel
ETag
"1da81a55400718e"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
280462
Request-Context
appId=cid-v1:882814f2-2042-49e8-a6e3-7a0ceec9e0b9
2.9c9b78d2.chunk.js
exchange-taxpayer.safesendreturns.com/static/js/ 		790 KB
790 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange-taxpayer.safesendreturns.com/static/js/2.9c9b78d2.chunk.js
Requested by
Host: exchange-taxpayer.safesendreturns.com
URL: https://exchange-taxpayer.safesendreturns.com/DropOff/6d20007930000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4921a62a006fcbc2c2b98768606b234770cbfd66469d90aa8e2815c49e3a89e4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/DropOff/6d20007930000
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 24 Apr 2024 20:56:03 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Fri, 29 Mar 2024 06:50:06 GMT
Server
Kestrel
ETag
"1da81a55539353e"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
808510
Request-Context
appId=cid-v1:882814f2-2042-49e8-a6e3-7a0ceec9e0b9
main.f6a86658.chunk.js
exchange-taxpayer.safesendreturns.com/static/js/ 		112 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange-taxpayer.safesendreturns.com/static/js/main.f6a86658.chunk.js
Requested by
Host: exchange-taxpayer.safesendreturns.com
URL: https://exchange-taxpayer.safesendreturns.com/DropOff/6d20007930000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8bbd037cb3479d6fcd732b851b70bf3cd79b874da64d61fb2a1633328204aa5f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/DropOff/6d20007930000
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 24 Apr 2024 20:56:03 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Fri, 29 Mar 2024 06:50:06 GMT
Server
Kestrel
ETag
"1da81a55534a226"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
114982
Request-Context
appId=cid-v1:882814f2-2042-49e8-a6e3-7a0ceec9e0b9
tinymce.min.js
cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/
Redirect Chain
  • https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5/tinymce.min.js
  • https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/tinymce.min.js
406 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/tinymce.min.js
Requested by
Host: exchange-taxpayer.safesendreturns.com
URL: https://exchange-taxpayer.safesendreturns.com/DropOff/6d20007930000
Protocol
H2
Server
2600:9000:211e:1c00:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
98d5e875cce29dc311261e6e73688277b720a4b8deba598ae510c5a81ec85bef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://exchange-taxpayer.safesendreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Apr 2024 20:56:04 GMT
content-encoding
gzip
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-C2
x-cache
RefreshHit from cloudfront
server
nginx/1.20.0
etag
W/"yAm5xWQifV2DyEf5JC9KbxvcQMdfQBHByvPymMwHk0k="
access-control-max-age
3600
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-if-error=3000, stale-while-revalidate=3000
access-control-allow-credentials
true
vary
Accept-Encoding,Origin
access-control-allow-headers
*
x-amz-cf-id
BsQFbdO_-_jCNSNNcFoqRpq9t6GqKkGDkW1qmgkpviwW2uo4R-dSNw==

Redirect headers

date
Wed, 24 Apr 2024 20:56:04 GMT
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-C2
age
17
x-cache
Miss from cloudfront
content-length
0
server
nginx/1.20.0
access-control-max-age
3600
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
location
https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/tinymce.min.js
access-control-allow-origin
*
cache-control
public, max-age=600, s-maxage=300, stale-if-error=300, stale-while-revalidate=300
access-control-allow-credentials
true
vary
Origin
access-control-allow-headers
*
x-amz-cf-id
_wvi3G9nYaeg_zsKAnYZUPNcEDBu1Uuu96rpvOOo641JJsjW83h0qg==
6d20007930000
exchange-taxpayer.safesendreturns.com/api/ApplicationInsight/BasicDetails/ 		255 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange-taxpayer.safesendreturns.com/api/ApplicationInsight/BasicDetails/6d20007930000?component=DropOff&tPLinkType=1
Requested by
Host: exchange-taxpayer.safesendreturns.com
URL: https://exchange-taxpayer.safesendreturns.com/static/js/2.9c9b78d2.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
43f19984e51388039314399af61394999cabdf6e33a1b8017d455dd6411f1b53
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
traceparent
00-d8a36b99b41c42b0b6aa431b3d758016-16a7dea17d4d40f7-01
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://exchange-taxpayer.safesendreturns.com/DropOff/6d20007930000
sec-ch-ua-platform
"Win32"

Response headers

Content-Type
application/json; charset=utf-8
Date
Wed, 24 Apr 2024 20:56:04 GMT
Strict-Transport-Security
max-age=2592000
Server
Kestrel
Connection
keep-alive
Content-Length
255
Request-Context
appId=cid-v1:882814f2-2042-49e8-a6e3-7a0ceec9e0b9
6d20007930000
exchange-taxpayer.safesendreturns.com/api/dropOff/ValidatedropOffLink/ 		4 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange-taxpayer.safesendreturns.com/api/dropOff/ValidatedropOffLink/6d20007930000
Requested by
Host: exchange-taxpayer.safesendreturns.com
URL: https://exchange-taxpayer.safesendreturns.com/static/js/2.9c9b78d2.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
traceparent
00-d8a36b99b41c42b0b6aa431b3d758016-3b55e0cbac334e04-01
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://exchange-taxpayer.safesendreturns.com/DropOff/6d20007930000
sec-ch-ua-platform
"Win32"

Response headers

Content-Type
application/json; charset=utf-8
Date
Wed, 24 Apr 2024 20:56:04 GMT
Strict-Transport-Security
max-age=2592000
Server
Kestrel
Connection
keep-alive
Content-Length
4
Request-Context
appId=cid-v1:882814f2-2042-49e8-a6e3-7a0ceec9e0b9
6d20007930000
exchange-taxpayer.safesendreturns.com/api/dropOff/GetDropOffPageInfo/ 		83 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange-taxpayer.safesendreturns.com/api/dropOff/GetDropOffPageInfo/6d20007930000
Requested by
Host: exchange-taxpayer.safesendreturns.com
URL: https://exchange-taxpayer.safesendreturns.com/static/js/2.9c9b78d2.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8a13047db01fe99120e82e3872d8afe858e156fa54a158445e50a9cebd01fbc6
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
traceparent
00-d8a36b99b41c42b0b6aa431b3d758016-14953bdf9c4a435b-01
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://exchange-taxpayer.safesendreturns.com/DropOff/6d20007930000
sec-ch-ua-platform
"Win32"

Response headers

Content-Type
application/json; charset=utf-8
Date
Wed, 24 Apr 2024 20:56:04 GMT
Strict-Transport-Security
max-age=2592000
Server
Kestrel
Connection
keep-alive
Content-Length
83
Request-Context
appId=cid-v1:882814f2-2042-49e8-a6e3-7a0ceec9e0b9
6d20007930000
exchange-taxpayer.safesendreturns.com/api/dropOff/GetWalkMeScript/ 		382 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange-taxpayer.safesendreturns.com/api/dropOff/GetWalkMeScript/6d20007930000
Requested by
Host: exchange-taxpayer.safesendreturns.com
URL: https://exchange-taxpayer.safesendreturns.com/static/js/2.9c9b78d2.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e110410022758787739a0a075f24d51228bc714560e50343a05cef4450e1744c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
traceparent
00-d8a36b99b41c42b0b6aa431b3d758016-ca26899b57e94238-01
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://exchange-taxpayer.safesendreturns.com/DropOff/6d20007930000
sec-ch-ua-platform
"Win32"

Response headers

Content-Type
text/plain; charset=utf-8
Date
Wed, 24 Apr 2024 20:56:04 GMT
Strict-Transport-Security
max-age=2592000
Server
Kestrel
Connection
keep-alive
Transfer-Encoding
chunked
Request-Context
appId=cid-v1:882814f2-2042-49e8-a6e3-7a0ceec9e0b9
6d20007930000
exchange-taxpayer.safesendreturns.com/api/dropOff/GetHeaderInfo/ 		211 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange-taxpayer.safesendreturns.com/api/dropOff/GetHeaderInfo/6d20007930000
Requested by
Host: exchange-taxpayer.safesendreturns.com
URL: https://exchange-taxpayer.safesendreturns.com/static/js/2.9c9b78d2.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
932eefffda6f1507914cc9f8cf54e99cbdf0a32ab51b00a6037b533de50d4edc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
traceparent
00-d8a36b99b41c42b0b6aa431b3d758016-7e9e82c14485400e-01
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://exchange-taxpayer.safesendreturns.com/DropOff/6d20007930000
sec-ch-ua-platform
"Win32"

Response headers

Content-Type
application/json; charset=utf-8
Date
Wed, 24 Apr 2024 20:56:04 GMT
Strict-Transport-Security
max-age=2592000
Server
Kestrel
Connection
keep-alive
Content-Length
211
Request-Context
appId=cid-v1:882814f2-2042-49e8-a6e3-7a0ceec9e0b9
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mulish:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://exchange-taxpayer.safesendreturns.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 20:54:32 GMT
x-content-type-options
nosniff
age
172892
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30096
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:18:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Apr 2025 20:54:32 GMT
1Pttg83HX_SGhgqk2jovaqQ.woff2
fonts.gstatic.com/s/mulish/v13/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mulish/v13/1Pttg83HX_SGhgqk2jovaqQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mulish:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://exchange-taxpayer.safesendreturns.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 15:53:15 GMT
x-content-type-options
nosniff
age
363769
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32492
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:20:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 20 Apr 2025 15:53:15 GMT
fa-solid-900.1551f4f6.woff2
exchange-taxpayer.safesendreturns.com/static/media/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://exchange-taxpayer.safesendreturns.com/static/media/fa-solid-900.1551f4f6.woff2
Requested by
Host: exchange-taxpayer.safesendreturns.com
URL: https://exchange-taxpayer.safesendreturns.com/static/css/2.cce6d671.chunk.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/static/css/2.cce6d671.chunk.css
Origin
https://exchange-taxpayer.safesendreturns.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 24 Apr 2024 20:56:04 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Fri, 29 Mar 2024 06:50:06 GMT
Server
Kestrel
ETag
"1da81a5553452bc"
Content-Type
font/woff2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
78268
Request-Context
appId=cid-v1:882814f2-2042-49e8-a6e3-7a0ceec9e0b9
walkme_148aadebe34448148ad4edd74737f760_https.js
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/walkme_148aadebe34448148ad4edd74737f760_https.js
Requested by
Host: exchange-taxpayer.safesendreturns.com
URL: https://exchange-taxpayer.safesendreturns.com/DropOff/6d20007930000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.138.249 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-138-249.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d348d009ca0186d1b6301411dfa97810af122a791b580c4112b634fc048a0741
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
68yEuhUYh_Ji7MwqobaZWKUmMoYxvKhG
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 Apr 2024 20:56:04 GMT
access-control-allow-private-network
true
x-amz-request-id
3T97PKC03N52Z27H
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
8674
x-amz-id-2
wHKD3WVslLvyHx00LB6P+VuSiNF1iofexTlJIvoMXU3RGpRbeeXfm5cnGxe/p+QyBQQuWWSweZg=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 20 Mar 2024 18:28:43 GMT
etag
"2f9f750205a2cb5f856332fb2e2aa902"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=26025
accept-ranges
bytes
timing-allow-origin
*
6d20007930000
exchange-taxpayer.safesendreturns.com/api/dropOff/GetDropOffSettings/ 		8 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange-taxpayer.safesendreturns.com/api/dropOff/GetDropOffSettings/6d20007930000
Requested by
Host: exchange-taxpayer.safesendreturns.com
URL: https://exchange-taxpayer.safesendreturns.com/static/js/2.9c9b78d2.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
766f149e0b1f7d81945055c7cdf13f0dba78af9181b9ddb492ada264308c4a10
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
traceparent
00-d8a36b99b41c42b0b6aa431b3d758016-979387fb56734ff1-01
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://exchange-taxpayer.safesendreturns.com/DropOff/6d20007930000
sec-ch-ua-platform
"Win32"

Response headers

Content-Type
application/json; charset=utf-8
Date
Wed, 24 Apr 2024 20:56:04 GMT
Strict-Transport-Security
max-age=2592000
Server
Kestrel
Connection
keep-alive
Content-Length
8553
Request-Context
appId=cid-v1:882814f2-2042-49e8-a6e3-7a0ceec9e0b9
settings.txt
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/settings.txt
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/walkme_148aadebe34448148ad4edd74737f760_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.138.249 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-138-249.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b369aee749c20ebe62cb8331c1a1190d68eafec31851453feb3dd0403a11e1a8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
kYHK8BjUtF5fQU5UU7yVfe1JDNIXHzno
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 Apr 2024 20:56:04 GMT
access-control-allow-private-network
true
x-amz-request-id
7CGA5D1VVJP6EABA
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
717
x-amz-id-2
jcrdKwxg6isa4+GCvdFrKJ98a2zt+XamuhE6LTkMqK+BKK542rJPsdAVXvpwR55wZvMrSFT69iE=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 20 Mar 2024 18:28:43 GMT
etag
"80d97c1c2be01b543f0bde2ff1a029e4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
timing-allow-origin
*
wmjQuery33121.js
cdn.walkme.com/player/resources/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/resources/wmjQuery33121.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/walkme_148aadebe34448148ad4edd74737f760_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.138.249 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-138-249.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4c39cb66f7f70d491df03c9483665b7aa362d889daebc31d1d98305f34b7e3af
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
dpj4bAlfG6UlhFPdf_TGly9sgsSAJ5Ge
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 Apr 2024 20:56:04 GMT
access-control-allow-private-network
true
x-amz-request-id
CQFN9DQ71FQHZ5FZ
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
30035
x-amz-id-2
S7Ojfq7iOWkz21XYz9zb6LhVY6AAcZPIM27D5CJs5orEqwBxyqN/ISZaPsmXP4H0sCZmV7oDoeE=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 May 2022 06:44:33 GMT
etag
"b00eee8317d72ce865b995c31f1f95ff"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=28901350
accept-ranges
bytes
timing-allow-origin
*
prelib-plugin-cbc917dd-5980-37ca-b6da-4deed694d54a.js
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/scripts/ 		233 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/scripts/prelib-plugin-cbc917dd-5980-37ca-b6da-4deed694d54a.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/walkme_148aadebe34448148ad4edd74737f760_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.138.249 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-138-249.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
92b4412e075cf1a55411f5da2c3bf54360fac70163d0e353db60f642e2bb0a7a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
_mTVfKQI9NAGDkTLCKVCIb0Yhc2FcwGA
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 Apr 2024 20:56:04 GMT
access-control-allow-private-network
true
x-amz-request-id
SNN7JSJWX7S2TVVY
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
70036
x-amz-id-2
haObtxmUe1kSbQ+FVF5W0lCnIQirvKYlPpuGY9imkWRSHaevUUBTDoQc3XvQYudIiTFGtGqsT4Q=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 08 Mar 2023 20:00:20 GMT
etag
"879614d97d2c9a0168c0494a2a42059f"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=24270967
accept-ranges
bytes
timing-allow-origin
*
walkme_lib_20240313-141814-ce2a5bee-abc79d15.br.js
cdn.walkme.com/player/lib/ 		2 MB
385 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/walkme_lib_20240313-141814-ce2a5bee-abc79d15.br.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/walkme_148aadebe34448148ad4edd74737f760_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.138.249 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-138-249.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d5e06e57d31f840d307c3c458bae936cc370ffbdb17aafd179d1291babe0f8c7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
yeOBmowwVfgQ6ct0eaIll4lT3D9WiOi1
content-encoding
br
x-content-type-options
nosniff
date
Wed, 24 Apr 2024 20:56:04 GMT
access-control-allow-private-network
true
x-amz-request-id
JGFNE7AVA0J8MT0Q
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
393004
x-amz-id-2
7n/IAWifSZ0+jo/SGvYU+XinjINkoJukpHnY+CKirHk/ZGDKJ9/5mbx6pgdYaOWLvaCLSmVrRSc=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 13 Mar 2024 14:32:09 GMT
etag
"8e1004a8246697039de7be20abeb287a"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=28236020
accept-ranges
bytes
timing-allow-origin
*
walkme_config_31e899e2fbbb4644a79fd52d1f048522.js
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/walkme_config_31e899e2fbbb4644a79fd52d1f048522.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/walkme_148aadebe34448148ad4edd74737f760_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.138.249 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-138-249.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6330a0cd0ff8ff93ac0d1cb76f8eba9dc1f3fad223fe9ae7055e6a37fca45e57
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
fSl03Hk.Kv8gJQoYoh8BSaghMXUq_xsb
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 Apr 2024 20:56:04 GMT
access-control-allow-private-network
true
x-amz-request-id
HK4XPY08XSZ4WFCE
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
2288
x-amz-id-2
m1v6Sa11RkqfdZgU4Uh29Hsiy0PqhNnBot0FeaFQLhLP11pIAmdxU1ZVIfsSoY4PCgJaQeJn0S8=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 20 Mar 2024 18:28:43 GMT
etag
"cf5a0c03abd104cde51b7b5b9e31a536"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=28503180
accept-ranges
bytes
timing-allow-origin
*
insights_configuration_6b988278c2d2488da3861ca986bd97dd.js
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/external-data/insights-configuration/ 		72 B
649 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/external-data/insights-configuration/insights_configuration_6b988278c2d2488da3861ca986bd97dd.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20240313-141814-ce2a5bee-abc79d15.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.138.249 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-138-249.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fb153402ba70c0a381b1e9924b3d90fb40729735c3e9c1372b6cdc9594a329fe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
AxJRdw0S4AkFC_xJ4j9Jyt6gQe9twYQf
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 Apr 2024 20:56:04 GMT
access-control-allow-private-network
true
x-amz-request-id
GEGFRX999XX86W2C
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
65
x-amz-id-2
elzJuQo3ZprG+fKO7buj6VevjV/L3M7HxksGBfMvx2s7IKKyjHSeS0cZF/qMc3FvRe5ZqgH3zMI=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 02 Nov 2022 14:24:50 GMT
etag
"847a33f7659cea7dfc9792ee7dae9ce0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
custom_css_31e899e2fbbb4644a79fd52d1f048522.css
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/ 		33 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/custom_css_31e899e2fbbb4644a79fd52d1f048522.css
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20240313-141814-ce2a5bee-abc79d15.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.138.249 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-138-249.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6da0319cc447f687bb9f8b33b8ef4b0c9e319bc3dc3cc1b27826c51d2a96deaa
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Origin
https://exchange-taxpayer.safesendreturns.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Oq4kLwRhzG7aywJbloCDLHk_ljHTyaTG
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 Apr 2024 20:56:04 GMT
access-control-allow-private-network
true
x-amz-request-id
XKV15RKQWV5G0XN0
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
1981
x-amz-id-2
FVE4oUHQbCAPkeEtzliYwSJDTAeFTbBxokAtuz6sEj6WSklBVBKQegNV6QYl84WmA3BMXx9FGNA=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 20 Mar 2024 18:28:43 GMT
etag
"6949111aebe20a9385dacb9789cb3ef0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=30896481
accept-ranges
bytes
timing-allow-origin
*
data_31e899e2fbbb4644a79fd52d1f048522.br.js
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/ 		707 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/data_31e899e2fbbb4644a79fd52d1f048522.br.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20240313-141814-ce2a5bee-abc79d15.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.138.249 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-138-249.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1fd61595631e54e75249cfe35188528f2efc4341ce51f4e4efa580a8d0265cc1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
SF_xHycTMk2KkxZIMb_jF.QLWSTpA1qe
content-encoding
br
x-content-type-options
nosniff
date
Wed, 24 Apr 2024 20:56:04 GMT
access-control-allow-private-network
true
x-amz-request-id
H7HJVJ1DPRXWSK86
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
55846
x-amz-id-2
j5ZhDxv40JNhNM6of+BW0XCkC6DCzeI0y11PVpibBoOP3Bmkpfea7d6j9ZhYYe3fA+2VP+zE0Ec=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 20 Mar 2024 18:28:45 GMT
etag
"fb027bc4ea1bd8adb5e6977d8a4f9d4e"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=30027779
accept-ranges
bytes
timing-allow-origin
*
i
sp.tinymce.com/ 		43 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.tinymce.com/i?aid=ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo&tna=tinymce_cloud&p=web&dtm=1713992164736&stm=1713992164736&tz=Europe%2FBerlin&e=se&se_ca=script_load
Requested by
Host: exchange-taxpayer.safesendreturns.com
URL: https://exchange-taxpayer.safesendreturns.com/DropOff/6d20007930000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.169.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-169-118.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 02:05:56 GMT
via
1.1 d0229dbe69f77738f3ccab386a045ad8.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2017 05:55:26 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P2
age
67809
etag
"fb02f374b8f73825415db1bccd4bd76d"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
no-store
accept-ranges
bytes
content-length
43
x-amz-cf-id
49sL7pLOwiEBJZxb7PFwXfZetQXP10d6L_YVhyczLU5fxObCGgJu7Q==
theme.min.js
cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/themes/silver/ 		414 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/themes/silver/theme.min.js
Requested by
Host: cdn.tiny.cloud
URL: https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:1c00:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
92d1345f084b8b23b338dd3fc6dfb93f4d604a7ddb4e832f8c3866891422d1fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 17:50:56 GMT
content-encoding
gzip
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-C2
age
97508
x-cache
RefreshHit from cloudfront
server
nginx/1.20.0
etag
W/"3650ee0fef2e88ff27670f9679e6d164"
access-control-max-age
3600
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-if-error=518400, stale-while-revalidate=518400
access-control-allow-credentials
true
vary
Accept-Encoding,Origin
access-control-allow-headers
*
x-amz-cf-id
TOCRvrCXQ5hT_zFQvXYxEY_f_crBiyQeO33bcm32Mb6cq_1sBTAhgQ==
runtime_data.json
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/runtime_data.json
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20240313-141814-ce2a5bee-abc79d15.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.138.249 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-138-249.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a009e2763e36e97a8e6e97adcbced400b68f6c407b53846a92f812d2022b6f4c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
PqXXC6h7wjKcZubEt1RFLhgk2CRoNZUA
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 Apr 2024 20:56:04 GMT
access-control-allow-private-network
true
x-amz-request-id
JGE33XQHJZDDQVNS
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
929
x-amz-id-2
kpCKnMVKV6gTmc+20riKAvQhbXKIZTwlV5TgEV2mgYAFwSSAgHNjWRFLuq59Kl+e7klJqsL0nh4=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Apr 2024 06:07:20 GMT
etag
"73b3907a3f4e3e953f4eb046b6e97c18"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=42519
accept-ranges
bytes
timing-allow-origin
*
12.272519dd.walkme_lib.js
cdn.walkme.com/player/lib/20240313-141814-ce2a5bee-abc79d15.br/ 		31 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20240313-141814-ce2a5bee-abc79d15.br/12.272519dd.walkme_lib.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20240313-141814-ce2a5bee-abc79d15.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.138.249 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-138-249.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c8fbc4be1760c3034d84446382ccf69a1e9f8dde8a859264f722043785b6da2f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
k6Ys064XJkaYhXaIoKqUeuVr.6yw54m5
content-encoding
br
x-content-type-options
nosniff
date
Wed, 24 Apr 2024 20:56:04 GMT
access-control-allow-private-network
true
x-amz-request-id
FRWZA4JG42RJSC7S
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
8099
x-amz-id-2
PvSJIGKjMEHhx+BOw3nqS8OamJmx6wnGaMRo6vhcLyUjVEudiCm+fncN5iIcYE7F4pkeAezZysc=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 13 Mar 2024 14:31:55 GMT
etag
"63733efe6e5b9ab313207df674c89421"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=28058409
accept-ranges
bytes
timing-allow-origin
*
30.848a197d.walkme_lib.js
cdn.walkme.com/player/lib/20240313-141814-ce2a5bee-abc79d15.br/ 		114 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20240313-141814-ce2a5bee-abc79d15.br/30.848a197d.walkme_lib.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20240313-141814-ce2a5bee-abc79d15.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.138.249 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-138-249.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4074393be40b75dbe46d2e3c48aa452936f9aa84466bf0cf6171500a7fb5c639
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
ntRUBtf2PfZI_ZB8FLy9C.t9NgztqyZW
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 Apr 2024 20:56:04 GMT
access-control-allow-private-network
true
x-amz-request-id
3VYBVBSYJH9EDVYJ
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
36542
x-amz-id-2
kjN6WMJWUsT+FJmmJv7pXxEekqoROnYopZ/Ac+OkjdiiL613fMFb5cD2LYUdhrit+iql3MHzwMA=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 13 Mar 2024 14:31:56 GMT
etag
"77134c77a52b7407388564bed307eb80"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=28260872
timing-allow-origin
*
24.928b1e66.walkme_lib.js
cdn.walkme.com/player/lib/20240313-141814-ce2a5bee-abc79d15.br/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20240313-141814-ce2a5bee-abc79d15.br/24.928b1e66.walkme_lib.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20240313-141814-ce2a5bee-abc79d15.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.138.249 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-138-249.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
817aa150086d6162c78e8ae5dca7d06aca10f9bd9dc6eff20935d7303a1f4cd2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
ej_Nh7HxTCbCSzdMZSMN2k1VzroFyF96
content-encoding
br
x-content-type-options
nosniff
date
Wed, 24 Apr 2024 20:56:04 GMT
access-control-allow-private-network
true
x-amz-request-id
FRWQBBCAV7CKGBC2
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
8258
x-amz-id-2
KxpXlda0m/BqoOsZVbZLe4TSnPpbZjw6xdjfLBN1PZNg2iBfE7Hn6ExDvp9yGH7xdc7Xj6RJkm4=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 13 Mar 2024 14:31:56 GMT
etag
"62cabd608ab1ba188e12ad352863db74"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=28058432
accept-ranges
bytes
timing-allow-origin
*
53.8ef06099.walkme_lib.js
cdn.walkme.com/player/lib/20240313-141814-ce2a5bee-abc79d15.br/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20240313-141814-ce2a5bee-abc79d15.br/53.8ef06099.walkme_lib.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20240313-141814-ce2a5bee-abc79d15.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.138.249 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-138-249.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
33e6a95465d2d2cadba07750cd6a6b98f093598d570157012f246b505e7d7c74
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
HMXeQUqfvGfWozYeRXNzRxL_4qKy4JQj
content-encoding
br
x-content-type-options
nosniff
date
Wed, 24 Apr 2024 20:56:04 GMT
access-control-allow-private-network
true
x-amz-request-id
WZBRQQGDZ4DAXHA6
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
450
x-amz-id-2
XNJeqYmyqmmjzQKraSmnX7ItqDxtz151YZNVYUrfSiSHbAgQqZNjV4pk+ekWgE9f1KGxznX+SaE=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 13 Mar 2024 14:31:56 GMT
etag
"428d99cbef487c8acf5951d92781b4f6"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=28238897
accept-ranges
bytes
timing-allow-origin
*
icons.min.js
cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/icons/default/ 		63 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/icons/default/icons.min.js
Requested by
Host: cdn.tiny.cloud
URL: https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:1c00:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
7b6bfe3d9f00f09d48f9284d0fe18effcdc19208010566592be6a8f23e6ee92d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 12:16:09 GMT
content-encoding
gzip
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-C2
age
31195
x-cache
Hit from cloudfront
server
nginx/1.20.0
etag
W/"b657eb26f642bb7de37b1e8340df0d58"
access-control-max-age
3600
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-if-error=518400, stale-while-revalidate=518400
access-control-allow-credentials
true
vary
Origin
access-control-allow-headers
*
x-amz-cf-id
GY6LGOOkdINhmMmLWBG0mJNGf9kBFbbFLCnYUca6tvsPXMe35il03Q==
plugin.min.js
cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/advlist/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/advlist/plugin.min.js
Requested by
Host: cdn.tiny.cloud
URL: https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:1c00:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
47fd180de43ba4fd581dc674a73a328a54257c10015c7016f957ec6f075636a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 17:50:56 GMT
content-encoding
gzip
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-C2
age
97507
x-cache
RefreshHit from cloudfront
server
nginx/1.20.0
etag
W/"2b0400e59ee836bde1912588373eb504"
access-control-max-age
3600
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-if-error=518400, stale-while-revalidate=518400
access-control-allow-credentials
true
vary
Accept-Encoding,Origin
access-control-allow-headers
*
x-amz-cf-id
OovN2B9xbiCLtH2qQVq8ZK-6GHc8Y5QYJZOZxEZ0LGe-6KjwraIKpQ==
plugin.min.js
cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/autolink/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/autolink/plugin.min.js
Requested by
Host: cdn.tiny.cloud
URL: https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:1c00:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
bf4e50b9d0ec06c7e64164e746964874b65a94ebca061bbcb44f34f85f9edd01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 12:16:09 GMT
content-encoding
gzip
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-C2
age
31195
x-cache
Hit from cloudfront
server
nginx/1.20.0
etag
W/"bf0ecae05dad948cc63babf44ceb225b"
access-control-max-age
3600
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-if-error=518400, stale-while-revalidate=518400
access-control-allow-credentials
true
vary
Origin
access-control-allow-headers
*
x-amz-cf-id
fncH0zhdstdTrnreMwC6U5DaYe1bCNACODRHLQJDFAQMugD2pXgzGQ==
plugin.min.js
cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/lists/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/lists/plugin.min.js
Requested by
Host: cdn.tiny.cloud
URL: https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:1c00:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
0021044da0bc352fbbbc6b09ec8a490ff026ed938f69d39a998cee8e8da8fe86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 12:16:09 GMT
content-encoding
gzip
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-C2
age
31195
x-cache
Hit from cloudfront
server
nginx/1.20.0
etag
W/"9db9554cec6973e4f7c251cbd0ed9908"
access-control-max-age
3600
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-if-error=518400, stale-while-revalidate=518400
access-control-allow-credentials
true
vary
Origin
access-control-allow-headers
*
x-amz-cf-id
MuHcEPU8i1a7FEBQv7vtyjXFQ6KLF-L2W4QpU6H7BYVh7OS_oKw6Tw==
plugin.min.js
cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/link/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/link/plugin.min.js
Requested by
Host: cdn.tiny.cloud
URL: https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:1c00:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
9dd828d83687aafee9b1ec10671e6df1d77142fe804313a97042f0aca9650e98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 17:50:56 GMT
content-encoding
gzip
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-C2
age
97507
x-cache
RefreshHit from cloudfront
server
nginx/1.20.0
etag
W/"4afb2624f4e0836ffe9b4e562e511049"
access-control-max-age
3600
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-if-error=518400, stale-while-revalidate=518400
access-control-allow-credentials
true
vary
Accept-Encoding,Origin
access-control-allow-headers
*
x-amz-cf-id
DWQQzr_QlCLKalpzCRimrkphFPTAumANDp4nSgV-J5wVOVvhssfpEA==
plugin.min.js
cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/image/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/image/plugin.min.js
Requested by
Host: cdn.tiny.cloud
URL: https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:1c00:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
023e1ae414f13b41d97d87ff2a9e7d6daac7840b4f881d6f19dcc512fdd2c25e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 17:50:56 GMT
content-encoding
gzip
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-C2
age
97508
x-cache
RefreshHit from cloudfront
server
nginx/1.20.0
etag
W/"514a200cbca8a604716b1142cdceb029"
access-control-max-age
3600
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-if-error=518400, stale-while-revalidate=518400
access-control-allow-credentials
true
vary
Accept-Encoding,Origin
access-control-allow-headers
*
x-amz-cf-id
bjEF04r81eTduP3YDjKWTyimhCWvrIglWIMDcUH-DBsdGILtoKbJyw==
plugin.min.js
cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/charmap/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/charmap/plugin.min.js
Requested by
Host: cdn.tiny.cloud
URL: https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:1c00:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
ca3cef5d683e3c75a2f39d6df256c45ae3e1a28ebc76824cb152a276caea40ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 12:16:09 GMT
content-encoding
gzip
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-C2
age
31195
x-cache
Hit from cloudfront
server
nginx/1.20.0
etag
W/"2a0e81cfc668d523bb7907d9e54ec56a"
access-control-max-age
3600
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-if-error=518400, stale-while-revalidate=518400
access-control-allow-credentials
true
vary
Accept-Encoding,Origin
access-control-allow-headers
*
x-amz-cf-id
VDoLZtr4H5Fn58KS0FrPp2c3yfbTTdEX_hgNAkcplADlWlBQfLixsA==
plugin.min.js
cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/print/ 		716 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/print/plugin.min.js
Requested by
Host: cdn.tiny.cloud
URL: https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:1c00:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
4f101f0e83668ac38025b31e041a32ccc7a3ee86e038039316cc84ba2051306a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 17:50:57 GMT
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-C2
age
97507
x-cache
RefreshHit from cloudfront
content-length
716
server
nginx/1.20.0
etag
"e852a778930f069e63c6a87a954bc577"
access-control-max-age
3600
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-if-error=518400, stale-while-revalidate=518400
access-control-allow-credentials
true
vary
Accept-Encoding,Origin
access-control-allow-headers
*
x-amz-cf-id
1okBjmNyrtLL4gTvKxUAHeWxzX6kJHoOG6w576Fgiu36awEPtJRmew==
plugin.min.js
cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/preview/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/preview/plugin.min.js
Requested by
Host: cdn.tiny.cloud
URL: https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:1c00:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
505d49d5f64bddbfc8b2e491373a6f4edefc0a00a0eb8bb3411dbf6930a7aafc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 17:50:57 GMT
content-encoding
gzip
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-C2
age
97507
x-cache
RefreshHit from cloudfront
server
nginx/1.20.0
etag
W/"e6a3ad2010bfd64c85ca64819d9a9d33"
access-control-max-age
3600
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-if-error=518400, stale-while-revalidate=518400
access-control-allow-credentials
true
vary
Accept-Encoding,Origin
access-control-allow-headers
*
x-amz-cf-id
o_XW5HQmPt8l_nePWq2bv029CR3za3-PNk9MCY1wVBX_EHGwxezCag==
plugin.min.js
cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/anchor/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/anchor/plugin.min.js
Requested by
Host: cdn.tiny.cloud
URL: https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:1c00:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
bc9b8950cc09ec0ef8c6a683dec88b5b2b9787245eb22ff22f64f35f017e7e95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 12:16:09 GMT
content-encoding
gzip
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-C2
age
31195
x-cache
Hit from cloudfront
server
nginx/1.20.0
etag
W/"6b0f79d44acc0b9d3e28e2f16777a308"
access-control-max-age
3600
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-if-error=518400, stale-while-revalidate=518400
access-control-allow-credentials
true
vary
Origin
access-control-allow-headers
*
x-amz-cf-id
HWDamoiIZIxbdUMmLLhakfqWr6_aIfvyaEx8kNCdRDsYGuZ6FTegTA==
plugin.min.js
cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/searchreplace/ 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/searchreplace/plugin.min.js
Requested by
Host: cdn.tiny.cloud
URL: https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:1c00:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
544376e8ff2729912bf9129535530aa31f85caa66dd127b639da6eff74f6c7d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 17:50:57 GMT
content-encoding
gzip
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-C2
age
97507
x-cache
RefreshHit from cloudfront
server
nginx/1.20.0
etag
W/"10278deabb07cd374edf9f547f72bc95"
access-control-max-age
3600
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-if-error=518400, stale-while-revalidate=518400
access-control-allow-credentials
true
vary
Accept-Encoding,Origin
access-control-allow-headers
*
x-amz-cf-id
vUzgz5UDVErDaiQpealH8_d0esdL20pFeM6R0l8cdjAK01ssFBMkjw==
plugin.min.js
cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/visualblocks/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/visualblocks/plugin.min.js
Requested by
Host: cdn.tiny.cloud
URL: https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:1c00:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
4717596763e9b524dfe0e539ebc259c402176783d14b3252088007ed8a9faddd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 12:16:09 GMT
content-encoding
gzip
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-C2
age
31195
x-cache
Hit from cloudfront
server
nginx/1.20.0
etag
W/"641900544c24d383482c45b3dc164911"
access-control-max-age
3600
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-if-error=518400, stale-while-revalidate=518400
access-control-allow-credentials
true
vary
Origin
access-control-allow-headers
*
x-amz-cf-id
R0k_krp6k0pePpe-pySLYmVB6_B2OWyPs1q22TGoKvpq3sOEr2LyNg==
plugin.min.js
cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/code/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/code/plugin.min.js
Requested by
Host: cdn.tiny.cloud
URL: https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:1c00:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
4b5de37fd39f14e967d126c52cfe2cfbba198dd618a8a37e938089d3e279e89e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 17:50:56 GMT
content-encoding
gzip
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-C2
age
97508
x-cache
RefreshHit from cloudfront
server
nginx/1.20.0
etag
W/"66757c16d36500c8fd63f42db5b461ff"
access-control-max-age
3600
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-if-error=518400, stale-while-revalidate=518400
access-control-allow-credentials
true
vary
Accept-Encoding,Origin
access-control-allow-headers
*
x-amz-cf-id
yIe_AbmxWz1Gl-shm8rxrjb-zbd-vG2ETgkU5xqZ9ndb9kfW_QUBig==
plugin.min.js
cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/fullscreen/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/fullscreen/plugin.min.js
Requested by
Host: cdn.tiny.cloud
URL: https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:1c00:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
a1d3fd25ae36a468c0fbb1ebb3cdb620af8912dbca7b2fe9b903904ce15396d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 12:16:09 GMT
content-encoding
gzip
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-C2
age
31195
x-cache
Hit from cloudfront
server
nginx/1.20.0
etag
W/"22832d183621a68bdbd328f2394f972d"
access-control-max-age
3600
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-if-error=518400, stale-while-revalidate=518400
access-control-allow-credentials
true
vary
Accept-Encoding,Origin
access-control-allow-headers
*
x-amz-cf-id
UPINQwd5b6IU_GUmc3Ikgx8AjE4y4wYvTPqrUMTTsREt9OUi6lGu2g==
plugin.min.js
cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/insertdatetime/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/insertdatetime/plugin.min.js
Requested by
Host: cdn.tiny.cloud
URL: https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:1c00:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
73348f161089ddc26df6a6d45024695f5b2530f7676e0a5ca2e6320e436b361d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 12:16:09 GMT
content-encoding
gzip
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-C2
age
31195
x-cache
Hit from cloudfront
server
nginx/1.20.0
etag
W/"9b6ba078cf4ae8fcfe8cc7c9020becba"
access-control-max-age
3600
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-if-error=518400, stale-while-revalidate=518400
access-control-allow-credentials
true
vary
Origin
access-control-allow-headers
*
x-amz-cf-id
QkJVCJHHadgH7orFKu_MRT39WOABFxlcod4iXMJH2PA1i40oTu7L5Q==
plugin.min.js
cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/media/ 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/media/plugin.min.js
Requested by
Host: cdn.tiny.cloud
URL: https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:1c00:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
680bd214c92858aac9b5a46102d143c7404d14bc810105b659cd2e333ecc75ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 12:16:09 GMT
content-encoding
gzip
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-C2
age
31195
x-cache
Hit from cloudfront
server
nginx/1.20.0
etag
W/"22d9c8dcd9d503e3a9bd922c59e4e255"
access-control-max-age
3600
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-if-error=518400, stale-while-revalidate=518400
access-control-allow-credentials
true
vary
Accept-Encoding,Origin
access-control-allow-headers
*
x-amz-cf-id
oYPGmH3ax8ISEQ3UXwFADxzXLlgezPyRqu9BfgjbjpYyWgU6miQzeA==
plugin.min.js
cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/table/ 		140 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/table/plugin.min.js
Requested by
Host: cdn.tiny.cloud
URL: https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:1c00:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
d43d85e86e592059e4e8f9157d764cdd7b10aeb716b55fcf35564a95a8c249e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 12:16:09 GMT
content-encoding
gzip
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-C2
age
31195
x-cache
Hit from cloudfront
server
nginx/1.20.0
etag
W/"fb959f2a75e9c2fbd3d2edf96d8e5506"
access-control-max-age
3600
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-if-error=518400, stale-while-revalidate=518400
access-control-allow-credentials
true
vary
Origin
access-control-allow-headers
*
x-amz-cf-id
1iA3It82dUmVssRvX6L0RIFAWXVK3fT9rGeRTeHQZuzVy_jDRevkSw==
plugin.min.js
cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/paste/ 		22 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/paste/plugin.min.js
Requested by
Host: cdn.tiny.cloud
URL: https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:1c00:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
8bc72ae334dfda04f09a449a8c3fcbf82559e1be4b70aa2ad9a8868d616fdf9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 12:16:09 GMT
content-encoding
gzip
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-C2
age
31195
x-cache
Hit from cloudfront
server
nginx/1.20.0
etag
W/"dba07a2cdf7d713386d45dd10c15ece2"
access-control-max-age
3600
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-if-error=518400, stale-while-revalidate=518400
access-control-allow-credentials
true
vary
Origin
access-control-allow-headers
*
x-amz-cf-id
S0frjBx95sFkYALDhwLABmxMfiWXjw7vM640dWF3p05Bm-HWGoL0Ew==
plugin.min.js
cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/help/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/plugins/help/plugin.min.js
Requested by
Host: cdn.tiny.cloud
URL: https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:1c00:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
f5f1ed0b63544f12615b151d9bd14d87f6befbed21142bef716de263cef6b605
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 12:16:09 GMT
content-encoding
gzip
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-C2
age
31195
x-cache
Hit from cloudfront
server
nginx/1.20.0
etag
W/"686c7c02d33c9679b15e721483b2522f"
access-control-max-age
3600
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-if-error=518400, stale-while-revalidate=518400
access-control-allow-credentials
true
vary
Accept-Encoding,Origin
access-control-allow-headers
*
x-amz-cf-id
Is8UCJ9TZY-QGoR4aJ_jgOABhL40zdcd1ovSHL6Gv72t9t1iMLaEXQ==
notosans.js
cdn.walkme.com/player/resources/fonts/ 		28 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/resources/fonts/notosans.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20240313-141814-ce2a5bee-abc79d15.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.67.138.249 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-67-138-249.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
04492dc91f7b11414946c67dda4b85fba53e4ad6e76237095b73b30d1c6bbe5d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
WjEbTtapEYtXvse9Ooq2w1BlT1_OhZB3
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 Apr 2024 20:56:04 GMT
access-control-allow-private-network
true
x-amz-request-id
CQFP5BGAXYS11EMA
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
21880
x-amz-id-2
q1D1jK4cHxBgIrgyUmXSsb0jaLxEQ1bAc+QGKcBalBgYJ0movfmvWq6EOOW7i89xXUT3kJKR0Lw=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 12 Jun 2019 21:50:11 GMT
etag
"7e9b968dcc783627e445ad04f4dab310"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
timing-allow-origin
*
skin.min.css
cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/skins/ui/oxide/ 		60 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/skins/ui/oxide/skin.min.css
Requested by
Host: cdn.tiny.cloud
URL: https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:1c00:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
1a792abe08960c784b597255c397064e8b74dca5afb3aad8f514888db0102a7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 12:16:13 GMT
content-encoding
gzip
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-C2
age
31192
x-cache
Hit from cloudfront
server
nginx/1.20.0
etag
W/"39663a415ba40b53fb2150794157ee87"
access-control-max-age
3600
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400, stale-if-error=518400, stale-while-revalidate=518400
access-control-allow-credentials
true
vary
Origin
access-control-allow-headers
*
x-amz-cf-id
K8c-3h9WUf4E4UaOt6ksvX320R8M5R6KB4QdgDQdc6_Q3-L93mNwtg==
content.min.css
cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/skins/ui/oxide/ Frame 2DBC 		21 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/skins/ui/oxide/content.min.css
Requested by
Host: cdn.tiny.cloud
URL: https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:1c00:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
efde537fd6efeb4e146f44b761b71bb9901cde0c478a9081fce33c9d442576ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Origin
https://exchange-taxpayer.safesendreturns.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 12:16:13 GMT
content-encoding
gzip
via
1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-C2
age
31192
x-cache
Hit from cloudfront
server
nginx/1.20.0
etag
W/"66f6f34609079a4e2ba9816470935ced"
access-control-max-age
3600
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/css
access-control-allow-origin
https://exchange-taxpayer.safesendreturns.com
cache-control
public, max-age=86400, stale-if-error=518400, stale-while-revalidate=518400
access-control-allow-credentials
true
vary
Origin
access-control-allow-headers
*
x-amz-cf-id
R5Uc3p0eVwJ0JSWZH0Nq-wi04Pg9v4laOIu98K_qAWBcmNYqKMP4CA==
content.min.css
cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/skins/content/default/ Frame 2DBC 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/skins/content/default/content.min.css
Requested by
Host: cdn.tiny.cloud
URL: https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5/tinymce.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:1c00:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
03f882ce7bea044f2d562bf7122e053ed19315d40d8077bbfc122d11aa30909f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Origin
https://exchange-taxpayer.safesendreturns.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 12:16:13 GMT
content-encoding
gzip
via
1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-C2
age
31192
x-cache
Hit from cloudfront
server
nginx/1.20.0
etag
W/"edae7c97a1cb5f99075ea8d883562ea4"
access-control-max-age
3600
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/css
access-control-allow-origin
https://exchange-taxpayer.safesendreturns.com
cache-control
public, max-age=86400, stale-if-error=518400, stale-while-revalidate=518400
access-control-allow-credentials
true
vary
Accept-Encoding,Origin
access-control-allow-headers
*
x-amz-cf-id
pMc0hIVG5QqRHgHQgsHpXpB7ePoIVfulUC4op6DxuRsjPP9XeuG27Q==
truncated
/ 		153 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
96ed0aaea7ca61dc7bc944980d1444f63f62b7c45f621567a9e5a2bc9a448b82

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.238 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://exchange-taxpayer.safesendreturns.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Wed, 24 Apr 2024 20:56:04 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
track
dc.services.visualstudio.com/v2/ 		96 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: exchange-taxpayer.safesendreturns.com
URL: https://exchange-taxpayer.safesendreturns.com/static/js/2.9c9b78d2.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.238 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
7852085024246d2375b7425e32f9daba815bf7a3ed9c17e10340a41fce9f3542
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://exchange-taxpayer.safesendreturns.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Wed, 24 Apr 2024 20:56:05 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
favicon.ico
exchange-taxpayer.safesendreturns.com/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://exchange-taxpayer.safesendreturns.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
57fc836f0deff19dff1b9bd0ea5307038c285ebdc35359184a1e1ed7aa429531
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/DropOff/6d20007930000
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 24 Apr 2024 20:56:05 GMT
Strict-Transport-Security
max-age=2592000
Last-Modified
Fri, 29 Mar 2024 06:50:04 GMT
Server
Kestrel
ETag
"1da81a554040a2e"
Content-Type
image/x-icon
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15406
Request-Context
appId=cid-v1:882814f2-2042-49e8-a6e3-7a0ceec9e0b9
cdn-init
cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/cdn-init
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:1c00:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,traceparent
Access-Control-Request-Method
POST
Origin
https://exchange-taxpayer.safesendreturns.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Traceparent
access-control-allow-methods
POST
access-control-allow-origin
https://exchange-taxpayer.safesendreturns.com
access-control-max-age
604800
age
31191
content-length
0
date
Wed, 24 Apr 2024 12:16:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via
1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
x-amz-cf-id
Lv5H3Xc7TWxZ_C3sK-lPS8TIwfSJuVFNsO77mDRHDj3gVycjmzEI2w==
x-amz-cf-pop
FRA56-C2
x-cache
Hit from cloudfront
cdn-init
cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/ 		21 B
392 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.tiny.cloud/1/ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo/tinymce/5.10.9-138/cdn-init
Requested by
Host: exchange-taxpayer.safesendreturns.com
URL: https://exchange-taxpayer.safesendreturns.com/static/js/2.9c9b78d2.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:1c00:4:8ff3:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
traceparent
00-d8a36b99b41c42b0b6aa431b3d758016-c9112d33ab9e4394-01
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json
Referer
https://exchange-taxpayer.safesendreturns.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 20:56:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
vary
Origin
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://exchange-taxpayer.safesendreturns.com
access-control-allow-credentials
true
content-length
21
x-amz-cf-id
AFQ69ZkGizD4vpMKjptaIX6ZPt2Nmb1ycX26k-GMsi_kEhZe69dgsw==
i
sp.tinymce.com/ 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.tinymce.com/i?aid=ak6oopao3qi031uv2vv3dgarjcqpsgxar3k7wzcjgerapjlo&tna=tinymce_cloud&p=web&dtm=1713992165170&stm=1713992165170&tz=Europe%2FBerlin&e=se&se_ca=init
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.169.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-169-118.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://exchange-taxpayer.safesendreturns.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 02:05:56 GMT
via
1.1 d0229dbe69f77738f3ccab386a045ad8.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2017 05:55:26 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P2
age
67810
etag
"fb02f374b8f73825415db1bccd4bd76d"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
no-store
accept-ranges
bytes
content-length
43
x-amz-cf-id
gUpjKedVFSSVUbtIAdvr6Sm_BytS-pbl5lzmKkVqJqoDIXqch3KMbA==
postEvent
ec.walkme.com/event/ 		2 B
80 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ec.walkme.com/event/postEvent
Requested by
Host: exchange-taxpayer.safesendreturns.com
URL: https://exchange-taxpayer.safesendreturns.com/static/js/2.9c9b78d2.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.109.167 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
167.109.201.35.bc.googleusercontent.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; block-all-mixed-content; default-src 'none'; frame-ancestors: 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
traceparent
00-d8a36b99b41c42b0b6aa431b3d758016-a32ac9f43a4146bc-01
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain
Accept
text/html, */*; q=0.01
Referer
https://exchange-taxpayer.safesendreturns.com/
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests; block-all-mixed-content; default-src 'none'; frame-ancestors: 'none'
x-content-type-options
nosniff
referrer-policy
strict-origin
via
1.1 google
date
Wed, 24 Apr 2024 20:56:05 GMT
x-frame-options
DENY
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-xss-protection
1; mode=block
postEvent
ec.walkme.com/event/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ec.walkme.com/event/postEvent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.109.167 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
167.109.201.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; block-all-mixed-content; default-src 'none'; frame-ancestors: 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
traceparent
Access-Control-Request-Method
POST
Origin
https://exchange-taxpayer.safesendreturns.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
traceparent
access-control-allow-methods
POST,GET
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=600
content-length
0
content-security-policy
upgrade-insecure-requests; block-all-mixed-content; default-src 'none'; frame-ancestors: 'none'
cross-origin-resource-policy
cross-origin
date
Wed, 24 Apr 2024 20:56:05 GMT
referrer-policy
strict-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Access-Control-Request-Headers
via
1.1 google
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| webpackJsonpsse-taxpayer-app object| _walkmeConfig object| _walkmeInternals object| wmSnippet undefined| fixedCallback function| mtjQuery function| wmjQuery function| walkme_pre_lib_loaded object| _walkmeWebpackJP object| _makeTutorialEv undefined| WalkMeConfigCallback object| _makeTutorial object| _walkMe undefined| InsightsConfigurationCallback object| WalkMeAPI object| WalkMeDataAPI object| WalkMeInsightsAPI object| tinymce object| tinyMCE number| mce-data-1hs8u9pbk object| wmContext function| WalkMeDataClass object| WalkMePlayerAPI string| segmentId object| valuePerEvent

2 Cookies

Domain/Path Name / Value
exchange-taxpayer.safesendreturns.com/ Name: ai_user
Value: +8dGtD6bgN/8V5CBOPYpei|2024-04-24T20:56:04.052Z
exchange-taxpayer.safesendreturns.com/ Name: ai_session
Value: eYXt93DWK1zkB7huN4wSxV|1713992164118|1713992164118

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.tiny.cloud
cdn.walkme.com
dc.services.visualstudio.com
ec.walkme.com
exchange-taxpayer.safesendreturns.com
fonts.googleapis.com
fonts.gstatic.com
sp.tinymce.com
20.50.88.238
23.67.138.249
2600:9000:211e:1c00:4:8ff3:780:93a1
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
35.201.109.167
52.158.215.147
52.222.169.118
0021044da0bc352fbbbc6b09ec8a490ff026ed938f69d39a998cee8e8da8fe86
023e1ae414f13b41d97d87ff2a9e7d6daac7840b4f881d6f19dcc512fdd2c25e
03f882ce7bea044f2d562bf7122e053ed19315d40d8077bbfc122d11aa30909f
04492dc91f7b11414946c67dda4b85fba53e4ad6e76237095b73b30d1c6bbe5d
0b23438aacf10d6899b2f83fc5b4f20b309d08f5c5f310da9e240f6a5799ffbd
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
14d5635f0a9f727963cb08745ea5d2a1e1a2b06fa5425036787e547dd560d0db
1a792abe08960c784b597255c397064e8b74dca5afb3aad8f514888db0102a7c
1fd61595631e54e75249cfe35188528f2efc4341ce51f4e4efa580a8d0265cc1
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
33e6a95465d2d2cadba07750cd6a6b98f093598d570157012f246b505e7d7c74
4074393be40b75dbe46d2e3c48aa452936f9aa84466bf0cf6171500a7fb5c639
43f19984e51388039314399af61394999cabdf6e33a1b8017d455dd6411f1b53
4717596763e9b524dfe0e539ebc259c402176783d14b3252088007ed8a9faddd
47fd180de43ba4fd581dc674a73a328a54257c10015c7016f957ec6f075636a2
4921a62a006fcbc2c2b98768606b234770cbfd66469d90aa8e2815c49e3a89e4
4b5de37fd39f14e967d126c52cfe2cfbba198dd618a8a37e938089d3e279e89e
4c39cb66f7f70d491df03c9483665b7aa362d889daebc31d1d98305f34b7e3af
4f101f0e83668ac38025b31e041a32ccc7a3ee86e038039316cc84ba2051306a
505d49d5f64bddbfc8b2e491373a6f4edefc0a00a0eb8bb3411dbf6930a7aafc
544376e8ff2729912bf9129535530aa31f85caa66dd127b639da6eff74f6c7d1
57fc836f0deff19dff1b9bd0ea5307038c285ebdc35359184a1e1ed7aa429531
6330a0cd0ff8ff93ac0d1cb76f8eba9dc1f3fad223fe9ae7055e6a37fca45e57
680bd214c92858aac9b5a46102d143c7404d14bc810105b659cd2e333ecc75ae
6da0319cc447f687bb9f8b33b8ef4b0c9e319bc3dc3cc1b27826c51d2a96deaa
73348f161089ddc26df6a6d45024695f5b2530f7676e0a5ca2e6320e436b361d
766f149e0b1f7d81945055c7cdf13f0dba78af9181b9ddb492ada264308c4a10
7852085024246d2375b7425e32f9daba815bf7a3ed9c17e10340a41fce9f3542
7b6bfe3d9f00f09d48f9284d0fe18effcdc19208010566592be6a8f23e6ee92d
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
817aa150086d6162c78e8ae5dca7d06aca10f9bd9dc6eff20935d7303a1f4cd2
89a6de9c240c8b73eaa4c930cd61312206809ffbf3ee5a1cd878bbfbb8c89a35
8a13047db01fe99120e82e3872d8afe858e156fa54a158445e50a9cebd01fbc6
8b479610778cef415158ef2deef872c0bdc85bd63f339ecdc1382fabef4da407
8bbd037cb3479d6fcd732b851b70bf3cd79b874da64d61fb2a1633328204aa5f
8bc72ae334dfda04f09a449a8c3fcbf82559e1be4b70aa2ad9a8868d616fdf9c
8f7c73fc33a164ebded38246bd119c604d319369766dac68f0ecc7548e106076
92b4412e075cf1a55411f5da2c3bf54360fac70163d0e353db60f642e2bb0a7a
92d1345f084b8b23b338dd3fc6dfb93f4d604a7ddb4e832f8c3866891422d1fe
932eefffda6f1507914cc9f8cf54e99cbdf0a32ab51b00a6037b533de50d4edc
96ed0aaea7ca61dc7bc944980d1444f63f62b7c45f621567a9e5a2bc9a448b82
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
98d5e875cce29dc311261e6e73688277b720a4b8deba598ae510c5a81ec85bef
9dd828d83687aafee9b1ec10671e6df1d77142fe804313a97042f0aca9650e98
a009e2763e36e97a8e6e97adcbced400b68f6c407b53846a92f812d2022b6f4c
a1d3fd25ae36a468c0fbb1ebb3cdb620af8912dbca7b2fe9b903904ce15396d5
b369aee749c20ebe62cb8331c1a1190d68eafec31851453feb3dd0403a11e1a8
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
bc9b8950cc09ec0ef8c6a683dec88b5b2b9787245eb22ff22f64f35f017e7e95
bf4e50b9d0ec06c7e64164e746964874b65a94ebca061bbcb44f34f85f9edd01
c8fbc4be1760c3034d84446382ccf69a1e9f8dde8a859264f722043785b6da2f
ca3cef5d683e3c75a2f39d6df256c45ae3e1a28ebc76824cb152a276caea40ea
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d348d009ca0186d1b6301411dfa97810af122a791b580c4112b634fc048a0741
d43d85e86e592059e4e8f9157d764cdd7b10aeb716b55fcf35564a95a8c249e7
d5e06e57d31f840d307c3c458bae936cc370ffbdb17aafd179d1291babe0f8c7
e110410022758787739a0a075f24d51228bc714560e50343a05cef4450e1744c
efde537fd6efeb4e146f44b761b71bb9901cde0c478a9081fce33c9d442576ec
f5f1ed0b63544f12615b151d9bd14d87f6befbed21142bef716de263cef6b605
fb153402ba70c0a381b1e9924b3d90fb40729735c3e9c1372b6cdc9594a329fe