urlscan.io logo urlscan.io
SecurityTrails logo

esign.safesendreturns.com Open in urlscan Pro
52.182.227.213  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ssr.safesendreturns.com/ls/click?upn=Gjmz1-2FQHSAn3iY3yWqHE-2BSSJemOA6xeS7vykT28HUTG-2FDit1Uy7-2B-2BL6XP2BVgAQVAq-2B3u6Y...
Effective URL: https://esign.safesendreturns.com/login/lnl491u6k5qm5dfpmu4586cw3390m000
Submission Tags: falconsandbox
Submission: On September 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 28 HTTP transactions. The main IP is 52.182.227.213, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is esign.safesendreturns.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 5th 2022. Valid for: a year.
This is the only time esign.safesendreturns.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 52.182.227.213 8075 (MICROSOFT...)
15 23.210.125.218 16625 (AKAMAI-AS)
2 52.236.186.216 8075 (MICROSOFT...)
2 35.201.109.167 396982 (GOOGLE-CL...)
28 4
10    52.182.227.213 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ssr.safesendreturns.com
esign.safesendreturns.com
15    23.210.125.218 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-125-218.deploy.static.akamaitechnologies.com
cdn.walkme.com
2    52.236.186.216 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
2    35.201.109.167 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 167.109.201.35.bc.googleusercontent.com
ec.walkme.com
Apex Domain
Subdomains		 Transfer
17 walkme.com
cdn.walkme.com — Cisco Umbrella Rank: 3017
ec.walkme.com — Cisco Umbrella Rank: 3990
597 KB
10 safesendreturns.com
ssr.safesendreturns.com — Cisco Umbrella Rank: 868513
esign.safesendreturns.com
8 MB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 1169
419 B
28 3
Domain Requested by
15 cdn.walkme.com esign.safesendreturns.com
cdn.walkme.com
9 esign.safesendreturns.com esign.safesendreturns.com
2 ec.walkme.com
2 dc.services.visualstudio.com
1 ssr.safesendreturns.com 1 redirects
28 5

This site contains no links.

Subject Issuer Validity Valid
*.safesendreturns.com
Go Daddy Secure Certificate Authority - G2		 2022-10-05 -
2023-11-06		 a year crt.sh
walkme.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-13 -
2024-01-31		 6 months crt.sh
in.applicationinsights.azure.com
Microsoft Azure RSA TLS Issuing CA 03		 2023-09-02 -
2024-08-27		 a year crt.sh
*.walkme.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-11 -
2024-01-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://esign.safesendreturns.com/login/lnl491u6k5qm5dfpmu4586cw3390m000
Frame ID: 5E2BE59363F4826DD5D833F5B8C4E248
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SafeSend Signatures

Page URL History Show full URLs

  1. https://ssr.safesendreturns.com/ls/click?upn=Gjmz1-2FQHSAn3iY3yWqHE-2BSSJemOA6xeS7vykT28HUTG-2FDit1Uy7-2B-2B... HTTP 302
    https://esign.safesendreturns.com/login/lnl491u6k5qm5dfpmu4586cw3390m000 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

4
IPs

3
Countries

9276 kB
Transfer

34540 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ssr.safesendreturns.com/ls/click?upn=Gjmz1-2FQHSAn3iY3yWqHE-2BSSJemOA6xeS7vykT28HUTG-2FDit1Uy7-2B-2BL6XP2BVgAQVAq-2B3u6YYpVqbPUR-2FRXn81JHYRqWc2Q0tud4Qzp3ANPBTSMCXSgnNWx8HTpGXnRQQdmTs_Zf9noBSXp6zmd8gcAmse0BbFvG7r30vVRSXYCH5CPwbRnQEfhvNBc-2FzlmaQECaVjxTWGBWacaxcA0D-2BFI-2BVPYWQ-2B1x4Fni-2FoLgirdOawQ2XXTkN9kK0okyL6qQSxABfnO173CF2BJeekMJsqONwr4f7osG8u5lPz-2FTj4dGZpe6E54LDn1Sh0ZWOzEdzoG7SFMDyvuaY6beSBsIW4CHftw0v2te5GBR8hiMzNXzijSV7-2FF6453wcxa2jh-2BnVLRQwz-2BVWkiNFv36TX1VPl0QwFKuptJvc-2Brs8E51V7zD-2FeRRgpqMVODbQ28zmt5NW8-2FaYHfguBG9mznLMdb3w8LvoLNRr-2FshD2K1wJYKIOHaqo6FiuwJ0gO0egqLu-2BCLtOsMCvVAFw12QvimKSsrBucNk67NpQZJfcsHv48n20YUomXQyZWV-2FZEa8Y1A6E6oYzoMeSKjmIAYi-2BOuBYieZ8vFzb8Qnx2D2F7UkPd1qcjrYe2GnXok7n8gIW8BDiW-2Btzwn3z HTTP 302
    https://esign.safesendreturns.com/login/lnl491u6k5qm5dfpmu4586cw3390m000 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request lnl491u6k5qm5dfpmu4586cw3390m000
esign.safesendreturns.com/login/
Redirect Chain
  • https://ssr.safesendreturns.com/ls/click?upn=Gjmz1-2FQHSAn3iY3yWqHE-2BSSJemOA6xeS7vykT28HUTG-2FDit1Uy7-2B-2BL6XP2BVgAQVAq-2B3u6YYpVqbPUR-2FRXn81JHYRqWc2Q0tud4Qzp3ANPBTSMCXSgnNWx8HTpGXnRQQdmTs_Zf9no...
  • https://esign.safesendreturns.com/login/lnl491u6k5qm5dfpmu4586cw3390m000
1 KB
836 B 		Document
General
Check archive.org
Download Go to
Full URL
https://esign.safesendreturns.com/login/lnl491u6k5qm5dfpmu4586cw3390m000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b7862886e0e6382a95b8c963ed3acc931c9d8364fb5a81c5563b943e892c7883

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 19 Sep 2023 20:52:07 GMT
Request-Context
appId=cid-v1:6f486f7a-6d32-466b-9855-601cb22efd6b
Server
Kestrel
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
95
Content-Type
text/html; charset=utf-8
Date
Tue, 19 Sep 2023 20:52:06 GMT
Location
https://esign.safesendreturns.com/login/lnl491u6k5qm5dfpmu4586cw3390m000
Server
nginx
X-Robots-Tag
noindex, nofollow
pdfviewer.css
esign.safesendreturns.com/dist/assets/css/ 		251 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://esign.safesendreturns.com/dist/assets/css/pdfviewer.css
Requested by
Host: esign.safesendreturns.com
URL: https://esign.safesendreturns.com/login/lnl491u6k5qm5dfpmu4586cw3390m000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c5aca6cd0a16ee0d6c44db518620d9ab160c162e6a37ccd9ef67fa17e343b734

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esign.safesendreturns.com/login/lnl491u6k5qm5dfpmu4586cw3390m000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Tue, 19 Sep 2023 20:52:07 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jul 2023 04:01:20 GMT
Server
Kestrel
ETag
"1d9c1082a6c45a8"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Request-Context
appId=cid-v1:6f486f7a-6d32-466b-9855-601cb22efd6b
vendor.css
esign.safesendreturns.com/dist/ 		205 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://esign.safesendreturns.com/dist/vendor.css?v=6jVqzlQsU20g7iXeEjm7AWECMtHjcw9ZZPzMdBf2-zc
Requested by
Host: esign.safesendreturns.com
URL: https://esign.safesendreturns.com/login/lnl491u6k5qm5dfpmu4586cw3390m000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
ea356ace542c536d20ee25de1239bb01610232d1e3730f5964fccc7417f6fb37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esign.safesendreturns.com/login/lnl491u6k5qm5dfpmu4586cw3390m000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Tue, 19 Sep 2023 20:52:07 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jul 2023 04:01:20 GMT
Server
Kestrel
ETag
"1d9c1082a6c9c2d"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Request-Context
appId=cid-v1:6f486f7a-6d32-466b-9855-601cb22efd6b
site.css
esign.safesendreturns.com/dist/assets/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://esign.safesendreturns.com/dist/assets/css/site.css
Requested by
Host: esign.safesendreturns.com
URL: https://esign.safesendreturns.com/login/lnl491u6k5qm5dfpmu4586cw3390m000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
2b769864b69e19c7b92831f27421b869c0443525bb2a25d44de66ccffbc892c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esign.safesendreturns.com/login/lnl491u6k5qm5dfpmu4586cw3390m000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Tue, 19 Sep 2023 20:52:07 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jul 2023 04:01:20 GMT
Server
Kestrel
ETag
"1d9c1082a6f819b"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Request-Context
appId=cid-v1:6f486f7a-6d32-466b-9855-601cb22efd6b
custom.css
esign.safesendreturns.com/dist/assets/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://esign.safesendreturns.com/dist/assets/css/custom.css
Requested by
Host: esign.safesendreturns.com
URL: https://esign.safesendreturns.com/login/lnl491u6k5qm5dfpmu4586cw3390m000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8018e7240ac2d51f411f016323a46ed064d38857f2488858ed88e8037aacd7fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esign.safesendreturns.com/login/lnl491u6k5qm5dfpmu4586cw3390m000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Tue, 19 Sep 2023 20:52:07 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jul 2023 04:01:20 GMT
Server
Kestrel
ETag
"1d9c1082a6f8758"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Request-Context
appId=cid-v1:6f486f7a-6d32-466b-9855-601cb22efd6b
main.js
esign.safesendreturns.com/dist/ 		31 MB
8 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://esign.safesendreturns.com/dist/main.js
Requested by
Host: esign.safesendreturns.com
URL: https://esign.safesendreturns.com/login/lnl491u6k5qm5dfpmu4586cw3390m000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c4b66494a27729f97f3cfe92de72b23634515361368d1d0fd72d898c8117232a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esign.safesendreturns.com/login/lnl491u6k5qm5dfpmu4586cw3390m000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Tue, 19 Sep 2023 20:52:11 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jul 2023 04:01:20 GMT
Server
Kestrel
ETag
"1d9c1082b85a12c"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Request-Context
appId=cid-v1:6f486f7a-6d32-466b-9855-601cb22efd6b
ApplicationInsights
esign.safesendreturns.com/api/ 		123 B
435 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esign.safesendreturns.com/api/ApplicationInsights
Requested by
Host:
URL: webpack-internal:///./ClientApp/Logger/Telemetry/TelemetryLogger.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
d005daff80674cc4ee8a25a43fef8952a274322936c72a57d6f27598897edd59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esign.safesendreturns.com/login/lnl491u6k5qm5dfpmu4586cw3390m000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Tue, 19 Sep 2023 20:52:13 GMT
Content-Encoding
gzip
Server
Kestrel
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Cache-Control
no-store
Connection
keep-alive
Request-Context
appId=cid-v1:6f486f7a-6d32-466b-9855-601cb22efd6b
lnl491u6k5qm5dfpmu4586cw3390m000
esign.safesendreturns.com/api/Common/GetWalkMeScript/ 		386 B
587 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esign.safesendreturns.com/api/Common/GetWalkMeScript/lnl491u6k5qm5dfpmu4586cw3390m000
Requested by
Host:
URL: webpack-internal:///./node_modules/@microsoft/applicationinsights-core-js/dist-esm/JavaScriptSDK/InstrumentHooks.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
d29fec974b8a622e0a313b84e75a85e95baa3a16ace6bf5a790bef632949da03

Request headers

Referer
https://esign.safesendreturns.com/login/lnl491u6k5qm5dfpmu4586cw3390m000
traceparent
00-9af5d9a966114054951b242e3b87adc4-6dafdb79afb44ad1-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Tue, 19 Sep 2023 20:52:14 GMT
Content-Encoding
gzip
Server
Kestrel
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Cache-Control
no-store
Connection
keep-alive
Request-Context
appId=cid-v1:6f486f7a-6d32-466b-9855-601cb22efd6b
lnl491u6k5qm5dfpmu4586cw3390m000
esign.safesendreturns.com/api/Public/GetPrimaryDetails/ 		1 KB
857 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://esign.safesendreturns.com/api/Public/GetPrimaryDetails/lnl491u6k5qm5dfpmu4586cw3390m000
Requested by
Host:
URL: webpack-internal:///./node_modules/@microsoft/applicationinsights-core-js/dist-esm/JavaScriptSDK/InstrumentHooks.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
cbf1aa9006ed9b613e4d755a22c75451b5003672d3ec2eb451bab9193f5f0934

Request headers

Accept
application/json, text/plain, */*
Referer
https://esign.safesendreturns.com/login/lnl491u6k5qm5dfpmu4586cw3390m000
traceparent
00-9af5d9a966114054951b242e3b87adc4-c89cf90913b54866-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Tue, 19 Sep 2023 20:52:14 GMT
Content-Encoding
gzip
Server
Kestrel
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Cache-Control
no-store
Connection
keep-alive
Request-Context
appId=cid-v1:6f486f7a-6d32-466b-9855-601cb22efd6b
walkme_148aadebe34448148ad4edd74737f760_https.js
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/walkme_148aadebe34448148ad4edd74737f760_https.js
Requested by
Host: esign.safesendreturns.com
URL: https://esign.safesendreturns.com/login/lnl491u6k5qm5dfpmu4586cw3390m000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.125.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-125-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d5a35523c6a5f29fb94a01404936c3457997018e2bddeec8b8e5703e0f39dee1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esign.safesendreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
1y70ATDH.2eL42CteTvzPKQASo95zNDm
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 19 Sep 2023 20:52:15 GMT
access-control-allow-private-network
true
x-amz-request-id
5WENTYPCGEEJHRDA
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
8507
x-amz-id-2
crB6aB/fC0JIKNEChh7bS+nQ7cTtvuHjYTlL6bXDu30QFzMZu6aZUiCIMl7ewIC0swSR+e6Hkmc=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 01 Sep 2023 19:20:36 GMT
etag
"52eacbcc9224344c945a5d5316e0d368"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=41746
accept-ranges
bytes
timing-allow-origin
*
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.236.186.216 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://esign.safesendreturns.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Tue, 19 Sep 2023 20:52:14 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ 		233 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host:
URL: webpack-internal:///./node_modules/@microsoft/applicationinsights-core-js/dist-esm/JavaScriptSDK/InstrumentHooks.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.236.186.216 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
272e54d9c0ae8bd9a8c8797d914324774424b02409fbd79eac203dc57cd136b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://esign.safesendreturns.com/
accept-language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
60520AAC-D476-480F-95A8-D6BAF56AB485
strict-transport-security
max-age=31536000
date
Tue, 19 Sep 2023 20:52:14 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
233
settings.txt
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/settings.txt
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/walkme_148aadebe34448148ad4edd74737f760_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.125.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-125-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3f792a3b99bcf6b5274f103bdc3b296037fbf76cff8cde8e32a10f65c950fd30
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esign.safesendreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
.puXP_DExFgCtd7zD0TfDCzXc9b1AmDx
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 19 Sep 2023 20:52:15 GMT
access-control-allow-private-network
true
x-amz-request-id
81JJYJAC1XZHXSD1
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
738
x-amz-id-2
YXVV4EG0nmI32FTkGCbcFEUeuwOKUoubT67xqb+FIQAu3xwohdLmVhxAfPj4UP98j8Vlkt3h084=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 19 Sep 2023 05:17:34 GMT
etag
"6eb878fa9b28c17a6f6727abab162ddc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
timing-allow-origin
*
wmjQuery33121.js
cdn.walkme.com/player/resources/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/resources/wmjQuery33121.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/walkme_148aadebe34448148ad4edd74737f760_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.125.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-125-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4c39cb66f7f70d491df03c9483665b7aa362d889daebc31d1d98305f34b7e3af
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esign.safesendreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
dpj4bAlfG6UlhFPdf_TGly9sgsSAJ5Ge
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 19 Sep 2023 20:52:15 GMT
access-control-allow-private-network
true
x-amz-request-id
AQSH0V4QFSRVHEK7
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
30035
x-amz-id-2
YSHq3cdOZ91D3rIu9T9vnZiyPpmLeyaF+RKy6f/z2EEX/Bzezt5TjJq8dqzblP0IZIpHK530CQo=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 03 May 2022 06:44:33 GMT
etag
"b00eee8317d72ce865b995c31f1f95ff"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=26403795
accept-ranges
bytes
timing-allow-origin
*
prelib-plugin-cbc917dd-5980-37ca-b6da-4deed694d54a.js
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/scripts/ 		233 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/scripts/prelib-plugin-cbc917dd-5980-37ca-b6da-4deed694d54a.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/walkme_148aadebe34448148ad4edd74737f760_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.125.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-125-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2f162b4fb6caa4636e492962bb37957bfbecf2eb952775951472e3ff8ec5817e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esign.safesendreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
Y8NO7wSBUm6pr159PXMp.o1oMRgNoRrw
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 19 Sep 2023 20:52:15 GMT
access-control-allow-private-network
true
x-amz-request-id
6YX9JY3NMZ2E0BD1
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
70036
x-amz-id-2
mwf9ikhhtKWDguwioF5RqeaDWX9p1BPx/SH0Pxe+xMyYhFzZLcLFVhmcSNibA1y+rPkb1yXCoSs=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 08 Mar 2023 20:00:20 GMT
etag
"e1765b2d10a910660616899510311384"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=29363842
accept-ranges
bytes
timing-allow-origin
*
walkme_lib_20230823-084107-4df1d99a-10deab56.br.js
cdn.walkme.com/player/lib/ 		2 MB
371 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/walkme_lib_20230823-084107-4df1d99a-10deab56.br.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/walkme_148aadebe34448148ad4edd74737f760_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.125.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-125-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d1354acb3138ed36fc0a4d502a2233944d4abb7f00e8d32a2b27b9b2eb5c66f4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esign.safesendreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
Qg2O_iNGKjkIgy2hfO2UCEE9hgoXe630
content-encoding
br
x-content-type-options
nosniff
date
Tue, 19 Sep 2023 20:52:15 GMT
access-control-allow-private-network
true
x-amz-request-id
DDA4MDZPA1192EVS
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
379369
x-amz-id-2
scYrsXOW3kOyY9zTKMKjjYyIfnQ5IkQOjIbyl4XpX0axaeKeDHmELyXu3J38s0vsPBipf9qQY5Y=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 23 Aug 2023 09:01:20 GMT
etag
"9e9b11343bf86337c642472c2980139c"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=29361540
accept-ranges
bytes
timing-allow-origin
*
walkme_config_cc93da2c4ab64087b70484c65ec9d371.js
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/walkme_config_cc93da2c4ab64087b70484c65ec9d371.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/walkme_148aadebe34448148ad4edd74737f760_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.125.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-125-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1f195748dfa1808ead798c554e30fcad54413380c6566fc83853f6b3aee8663e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esign.safesendreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
XJU16eJjRpGtNa3YpmxXAWAVlAjVGX10
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 19 Sep 2023 20:52:15 GMT
access-control-allow-private-network
true
x-amz-request-id
BMSKQZV0XAM269DJ
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
2109
x-amz-id-2
H0MSdPD40e8GPqZPCued+w0fTIEuwrs6MQCIfEQPSPt+wSGGmeBkZukdwdOzBpITid3b+DaiAsU=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 19 Sep 2023 05:17:34 GMT
etag
"8217429d0b0e0ab2bef2dc6c3283eaff"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31480372
accept-ranges
bytes
timing-allow-origin
*
insights_configuration_df2677031bd04f30a8a15d79bd731922.js
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/external-data/insights-configuration/ 		72 B
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/external-data/insights-configuration/insights_configuration_df2677031bd04f30a8a15d79bd731922.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20230823-084107-4df1d99a-10deab56.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.125.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-125-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fb153402ba70c0a381b1e9924b3d90fb40729735c3e9c1372b6cdc9594a329fe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esign.safesendreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
5NhDDFN0RkIEIdZ9S5_pRDI7DO7Knflu
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 19 Sep 2023 20:52:15 GMT
access-control-allow-private-network
true
x-amz-request-id
7GNN7SA1BB9RKA7R
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
65
x-amz-id-2
FRvOhb2miGoKsLGxaKlPi4m9FcyRaKD7MeUIDC6byBejmWUc7r0Qcod/1pliQjvMeMLOfnOqxoU=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 10 May 2023 20:23:54 GMT
etag
"847a33f7659cea7dfc9792ee7dae9ce0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
custom_css_065a78052cf840818d759d96bf71adb7.css
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/ 		31 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/custom_css_065a78052cf840818d759d96bf71adb7.css
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20230823-084107-4df1d99a-10deab56.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.125.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-125-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a3587c99d611abdc651646f13351205fce81fb5b9d01827f27c2760bd23a43f9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://esign.safesendreturns.com/
Origin
https://esign.safesendreturns.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
WIiCGq7P6_k9GtvUua_ex3vcFNZmZMjy
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 19 Sep 2023 20:52:15 GMT
access-control-allow-private-network
true
x-amz-request-id
QBVJ03AEZCMD45VD
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
1857
x-amz-id-2
i6k4ak2XB3D1t0BcS1cwFfbMBKb5WwOIJphM2rODMhuf5mUwyl0liilo2YOUSbAF3TExvgMzOLM=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 01 Sep 2023 19:20:32 GMT
etag
"b7e75d749fe4dae2f904c3b00e2d10d8"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=30384257
accept-ranges
bytes
timing-allow-origin
*
data_065a78052cf840818d759d96bf71adb7.br.js
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/ 		457 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/data_065a78052cf840818d759d96bf71adb7.br.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20230823-084107-4df1d99a-10deab56.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.125.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-125-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
988793a0b06907deb2e91efe642e9939ff5908d03c598e746b792829ec9d6737
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esign.safesendreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
_cxuKlYcrznkCBNyAI_4Emu1X4dlchEd
content-encoding
br
x-content-type-options
nosniff
date
Tue, 19 Sep 2023 20:52:15 GMT
access-control-allow-private-network
true
x-amz-request-id
CYZD4183D46653R1
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
39190
x-amz-id-2
vfRfubLzY+AuuuIAejhU/vM9LigneCIXzI3qUvbrWpLYSucPg81nGWX/fDFZ9F7ScvD1L/JXHvJF2XUt9ErEgQ==
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 01 Sep 2023 19:20:34 GMT
etag
"5cac14e2ead7d8e3b03b6fe9e84d1bb2"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=29976750
accept-ranges
bytes
timing-allow-origin
*
runtime_data.json
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/runtime_data.json
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20230823-084107-4df1d99a-10deab56.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.125.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-125-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a39163b58400703cdac9fbaa96d94910d3cae0b7483c69a55772da8557e60107
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esign.safesendreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
EX.fGNWHjAJBNVETVEa12VKUR4i5CNr4
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 19 Sep 2023 20:52:15 GMT
access-control-allow-private-network
true
x-amz-request-id
81JZ1MQMPP0KSW4Q
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
824
x-amz-id-2
2QP3wPUfdJ/zvxeml9qegme2MBAENeRDXZKnjD+OnjF3Lp8SwalXNjDutVtWlx3Oyzf6FRful8o=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 19 Sep 2023 05:17:28 GMT
etag
"59ba42b54c3d5b545d7d8dcdf3eb6530"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86385
accept-ranges
bytes
timing-allow-origin
*
28.ed802106.walkme_lib.js
cdn.walkme.com/player/lib/20230823-084107-4df1d99a-10deab56.br/ 		113 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20230823-084107-4df1d99a-10deab56.br/28.ed802106.walkme_lib.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20230823-084107-4df1d99a-10deab56.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.125.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-125-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b2bac930e1f18c0a0e4a8847f735b15559ab59582f403e5e2df67058a9962f29
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esign.safesendreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
CED4VmUZ72l6vJnXwiOO5LTJamAFOMND
content-encoding
br
x-content-type-options
nosniff
date
Tue, 19 Sep 2023 20:52:15 GMT
access-control-allow-private-network
true
x-amz-request-id
ZEK9MJQSN4Q16Y1N
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
30441
x-amz-id-2
0aF+R7A/X6ht50OUDSDpyKIGygDmVL7Xyx4ribst9FNMYkKHtKf9DHaL0Hy7RsKxWq4Vr0md6vQ=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 23 Aug 2023 09:01:10 GMT
etag
"0a989fbc79fec043003571b132570c08"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=29361571
accept-ranges
bytes
timing-allow-origin
*
23.0da65e4d.walkme_lib.js
cdn.walkme.com/player/lib/20230823-084107-4df1d99a-10deab56.br/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20230823-084107-4df1d99a-10deab56.br/23.0da65e4d.walkme_lib.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20230823-084107-4df1d99a-10deab56.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.125.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-125-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
51277e9944b522577c407eb671272551c2d211d6a192f084c36ef1f7e4e7f4cd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esign.safesendreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
Gpb.pc1.5CgkbPQlMakFRNtXxidiEeor
content-encoding
br
x-content-type-options
nosniff
date
Tue, 19 Sep 2023 20:52:15 GMT
access-control-allow-private-network
true
x-amz-request-id
ZEKB04AVRWFC5X64
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
7964
x-amz-id-2
JoExqqyozW8vN15z5GrQAQCMHkZMiEecAUbXMSnORClgwTEGKE8fgvUgPgSABtU7I6GpBASL6VQ=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 23 Aug 2023 09:01:10 GMT
etag
"42dbd184f468a3c9ed243382e35b6754"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=29361571
accept-ranges
bytes
timing-allow-origin
*
11.ab434a05.walkme_lib.js
cdn.walkme.com/player/lib/20230823-084107-4df1d99a-10deab56.br/ 		31 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20230823-084107-4df1d99a-10deab56.br/11.ab434a05.walkme_lib.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20230823-084107-4df1d99a-10deab56.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.125.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-125-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5ab76ba880e02fb5364c7f758e51ed2592ff5231b7f1730c446a069cd5b178d6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esign.safesendreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
R8M1sZ06U5cDb7_PljkiL6rsyQcC6zst
content-encoding
br
x-content-type-options
nosniff
date
Tue, 19 Sep 2023 20:52:15 GMT
access-control-allow-private-network
true
x-amz-request-id
WV0TFD1EE5JXKXE0
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
8111
x-amz-id-2
cFFeuoGcmyHeIMxT/1jI0tYBqfenvQgz71Id3UGzgGLvmeiu50byYqzN1lbpzPYNOewPT8kwYdA=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 23 Aug 2023 09:01:10 GMT
etag
"509f3434f58bec2cd3daec04cc8146c4"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=29396624
accept-ranges
bytes
timing-allow-origin
*
49.fb16e7fd.walkme_lib.js
cdn.walkme.com/player/lib/20230823-084107-4df1d99a-10deab56.br/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20230823-084107-4df1d99a-10deab56.br/49.fb16e7fd.walkme_lib.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20230823-084107-4df1d99a-10deab56.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.125.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-125-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4c7b955d0d234cf20bac813171af276a29ff5f0ffebab894e1af865b51eb8dcb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esign.safesendreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
BUQjGFTyO_Q968R7PYRucqTJWsUj5QBH
content-encoding
br
x-content-type-options
nosniff
date
Tue, 19 Sep 2023 20:52:15 GMT
access-control-allow-private-network
true
x-amz-request-id
QYJ43HKQVHSJ5ZGE
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
444
x-amz-id-2
14RylbOVYmKugtnS1Ilq+VO/hnlgG65MQsssjLzoflXiJU2v7P1acadvaYFsn5ZwpqKa7IAf0ZE=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 23 Aug 2023 09:01:11 GMT
etag
"dc79ee61ed86a69db78cdebbc8f07b21"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=29536844
accept-ranges
bytes
timing-allow-origin
*
notosans.js
cdn.walkme.com/player/resources/fonts/ 		28 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/resources/fonts/notosans.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20230823-084107-4df1d99a-10deab56.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.125.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-125-218.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
04492dc91f7b11414946c67dda4b85fba53e4ad6e76237095b73b30d1c6bbe5d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://esign.safesendreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
WjEbTtapEYtXvse9Ooq2w1BlT1_OhZB3
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 19 Sep 2023 20:52:15 GMT
access-control-allow-private-network
true
x-amz-request-id
48YF43JH19BCCWVD
x-amz-server-side-encryption
AES256
content-security-policy
upgrade-insecure-requests;
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
cross-origin-resource-policy
cross-origin
content-length
21880
x-amz-id-2
SKEc/ggb5I4yIIt5uUzFvUQQqkBkwMV2D3larm/6AoQ6Z1j1xRxPzQDwS5Trpt2ccznI7Yfqp1c=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 12 Jun 2019 21:50:11 GMT
etag
"7e9b968dcc783627e445ad04f4dab310"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
timing-allow-origin
*
postEvent
ec.walkme.com/event/ 		2 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ec.walkme.com/event/postEvent
Requested by
Host:
URL: webpack-internal:///./node_modules/@microsoft/applicationinsights-core-js/dist-esm/JavaScriptSDK/InstrumentHooks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.109.167 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
167.109.201.35.bc.googleusercontent.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; block-all-mixed-content; default-src 'none'; frame-ancestors: 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Content-Type
text/plain
Accept
text/html, */*; q=0.01
Referer
https://esign.safesendreturns.com/
traceparent
00-9af5d9a966114054951b242e3b87adc4-112ec4676a464756-01
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Request-Context
appId=cid-v1:6f486f7a-6d32-466b-9855-601cb22efd6b

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests; block-all-mixed-content; default-src 'none'; frame-ancestors: 'none'
x-content-type-options
nosniff
referrer-policy
strict-origin
via
1.1 google
date
Tue, 19 Sep 2023 20:52:16 GMT
x-frame-options
DENY
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-xss-protection
1; mode=block
postEvent
ec.walkme.com/event/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ec.walkme.com/event/postEvent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.109.167 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
167.109.201.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; block-all-mixed-content; default-src 'none'; frame-ancestors: 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
request-context,traceparent
Access-Control-Request-Method
POST
Origin
https://esign.safesendreturns.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-headers
request-context,traceparent
access-control-allow-methods
POST,GET
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=600
content-length
0
content-security-policy
upgrade-insecure-requests; block-all-mixed-content; default-src 'none'; frame-ancestors: 'none'
date
Tue, 19 Sep 2023 20:52:16 GMT
referrer-policy
strict-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Access-Control-Request-Headers
via
1.1 google
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| Variables object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| pdfjsWorker object| scCGSHMRCache number| __styled-components-init__ function| loadWalkMe object| _walkmeConfig object| _walkmeInternals object| wmSnippet undefined| fixedCallback function| mtjQuery function| wmjQuery function| walkme_pre_lib_loaded object| _walkmeWebpackJP object| _makeTutorialEv undefined| WalkMeConfigCallback object| _makeTutorial object| _walkMe undefined| InsightsConfigurationCallback object| WalkMeAPI object| WalkMeDataAPI object| WalkMeInsightsAPI object| wmContext function| WalkMeDataClass object| WalkMePlayerAPI string| segmentId object| valuePerEvent

2 Cookies

Domain/Path Name / Value
esign.safesendreturns.com/ Name: ai_user
Value: FNq3COhut9p1ilZTsYa5i0|2023-09-19T20:52:13.793Z
esign.safesendreturns.com/ Name: ai_session
Value: 3jEOCVQ83y7Xu851z5a744|1695156734726|1695156734726

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.walkme.com
dc.services.visualstudio.com
ec.walkme.com
esign.safesendreturns.com
ssr.safesendreturns.com
23.210.125.218
35.201.109.167
52.182.227.213
52.236.186.216
04492dc91f7b11414946c67dda4b85fba53e4ad6e76237095b73b30d1c6bbe5d
1f195748dfa1808ead798c554e30fcad54413380c6566fc83853f6b3aee8663e
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
272e54d9c0ae8bd9a8c8797d914324774424b02409fbd79eac203dc57cd136b6
2b769864b69e19c7b92831f27421b869c0443525bb2a25d44de66ccffbc892c2
2f162b4fb6caa4636e492962bb37957bfbecf2eb952775951472e3ff8ec5817e
3f792a3b99bcf6b5274f103bdc3b296037fbf76cff8cde8e32a10f65c950fd30
4c39cb66f7f70d491df03c9483665b7aa362d889daebc31d1d98305f34b7e3af
4c7b955d0d234cf20bac813171af276a29ff5f0ffebab894e1af865b51eb8dcb
51277e9944b522577c407eb671272551c2d211d6a192f084c36ef1f7e4e7f4cd
5ab76ba880e02fb5364c7f758e51ed2592ff5231b7f1730c446a069cd5b178d6
8018e7240ac2d51f411f016323a46ed064d38857f2488858ed88e8037aacd7fd
988793a0b06907deb2e91efe642e9939ff5908d03c598e746b792829ec9d6737
a3587c99d611abdc651646f13351205fce81fb5b9d01827f27c2760bd23a43f9
a39163b58400703cdac9fbaa96d94910d3cae0b7483c69a55772da8557e60107
b2bac930e1f18c0a0e4a8847f735b15559ab59582f403e5e2df67058a9962f29
b7862886e0e6382a95b8c963ed3acc931c9d8364fb5a81c5563b943e892c7883
c4b66494a27729f97f3cfe92de72b23634515361368d1d0fd72d898c8117232a
c5aca6cd0a16ee0d6c44db518620d9ab160c162e6a37ccd9ef67fa17e343b734
cbf1aa9006ed9b613e4d755a22c75451b5003672d3ec2eb451bab9193f5f0934
d005daff80674cc4ee8a25a43fef8952a274322936c72a57d6f27598897edd59
d1354acb3138ed36fc0a4d502a2233944d4abb7f00e8d32a2b27b9b2eb5c66f4
d29fec974b8a622e0a313b84e75a85e95baa3a16ace6bf5a790bef632949da03
d5a35523c6a5f29fb94a01404936c3457997018e2bddeec8b8e5703e0f39dee1
ea356ace542c536d20ee25de1239bb01610232d1e3730f5964fccc7417f6fb37
fb153402ba70c0a381b1e9924b3d90fb40729735c3e9c1372b6cdc9594a329fe