urlscan.io logo urlscan.io
SecurityTrails logo

exchange-taxpayer.safesendreturns.com Open in urlscan Pro
52.158.215.147  Public Scan

Go To Rescan Add Verdict Report
URL: https://exchange-taxpayer.safesendreturns.com/SendLinkRedirect/5ywt32vhj6pmv5llh91d2epye84lw2um51c5ah4lrlgr6j0n699kf00000000000
Submission: On October 11 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 5 domains to perform 39 HTTP transactions. The main IP is 52.158.215.147, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is exchange-taxpayer.safesendreturns.com. The Cisco Umbrella rank of the primary domain is 605834.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 3rd 2023. Valid for: a year.
This is the only time exchange-taxpayer.safesendreturns.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 52.158.215.147 8075 (MICROSOFT...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 172.217.165.131 15169 (GOOGLE)
8 52.179.73.39 8075 (MICROSOFT...)
15 23.204.14.9 16625 (AKAMAI-AS)
2 35.201.109.167 396982 (GOOGLE-CL...)
39 6
12    52.158.215.147 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
exchange-taxpayer.safesendreturns.com
exchange-taxpayer-api.safesendreturns.com
1    2607:f8b0:4006:81f::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    172.217.165.131 (United States)

ASN15169 (GOOGLE, US)
PTR: lax30s03-in-f3.1e100.net
fonts.gstatic.com
8    52.179.73.39 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
15    23.204.14.9 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-204-14-9.deploy.static.akamaitechnologies.com
cdn.walkme.com
2    35.201.109.167 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 167.109.201.35.bc.googleusercontent.com
ec.walkme.com
Apex Domain
Subdomains		 Transfer
17 walkme.com
cdn.walkme.com — Cisco Umbrella Rank: 1644
ec.walkme.com — Cisco Umbrella Rank: 1803
676 KB
12 safesendreturns.com
exchange-taxpayer.safesendreturns.com — Cisco Umbrella Rank: 605834
exchange-taxpayer-api.safesendreturns.com — Cisco Umbrella Rank: 543094
337 KB
8 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 785
1 KB
1 gstatic.com
fonts.gstatic.com
29 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
39 5
Domain Requested by
15 cdn.walkme.com exchange-taxpayer.safesendreturns.com
cdn.walkme.com
8 dc.services.visualstudio.com exchange-taxpayer.safesendreturns.com
8 exchange-taxpayer-api.safesendreturns.com exchange-taxpayer.safesendreturns.com
4 exchange-taxpayer.safesendreturns.com exchange-taxpayer.safesendreturns.com
2 ec.walkme.com exchange-taxpayer.safesendreturns.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com exchange-taxpayer.safesendreturns.com
39 7

This site contains links to these domains. Also see Links.

Domain
safesend.com
Subject Issuer Validity Valid
*.safesendreturns.com
Go Daddy Secure Certificate Authority - G2		 2023-10-03 -
2024-11-03		 a year crt.sh
upload.video.google.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.gstatic.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 08		 2024-09-16 -
2025-09-11		 a year crt.sh
walkme.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-04 -
2024-12-03		 a year crt.sh
*.walkme.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://exchange-taxpayer.safesendreturns.com/SendLinkRedirect/5ywt32vhj6pmv5llh91d2epye84lw2um51c5ah4lrlgr6j0n699kf00000000000
Frame ID: F7C6E3F7635C95E2CAAA299656B05838
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SafeSend Exchange

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

100 %
HTTPS

17 %
IPv6

5
Domains

7
Subdomains

6
IPs

1
Countries

1044 kB
Transfer

4546 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 5ywt32vhj6pmv5llh91d2epye84lw2um51c5ah4lrlgr6j0n699kf00000000000
exchange-taxpayer.safesendreturns.com/SendLinkRedirect/ 		1014 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://exchange-taxpayer.safesendreturns.com/SendLinkRedirect/5ywt32vhj6pmv5llh91d2epye84lw2um51c5ah4lrlgr6j0n699kf00000000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9aeb712049146cba6e148abc3f64a690c38f052ef96ac5ad7e76709c1772e4db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
public,max-age=31536000,max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Length
685
Content-Type
text/html
Date
Fri, 11 Oct 2024 16:03:44 GMT
ETag
"0281e46753db1:0"
Expires
0
Last-Modified
Tue, 10 Sep 2024 11:33:36 GMT
Pragma
no-cache
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Option
nosniff
X-Frame-Options
SAMEORIGIN
X-Powered-By
ASP.NET
X-Robots-Tag
noindex
css2
fonts.googleapis.com/ 		28 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Mulish:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: exchange-taxpayer.safesendreturns.com
URL: https://exchange-taxpayer.safesendreturns.com/SendLinkRedirect/5ywt32vhj6pmv5llh91d2epye84lw2um51c5ah4lrlgr6j0n699kf00000000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8f7c73fc33a164ebded38246bd119c604d319369766dac68f0ecc7548e106076
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://exchange-taxpayer.safesendreturns.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 11 Oct 2024 16:03:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 11 Oct 2024 16:03:45 GMT
content-type
text/css; charset=utf-8
last-modified
Fri, 11 Oct 2024 15:42:14 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
main.39693d65.js
exchange-taxpayer.safesendreturns.com/static/js/ 		837 KB
259 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange-taxpayer.safesendreturns.com/static/js/main.39693d65.js
Requested by
Host: exchange-taxpayer.safesendreturns.com
URL: https://exchange-taxpayer.safesendreturns.com/SendLinkRedirect/5ywt32vhj6pmv5llh91d2epye84lw2um51c5ah4lrlgr6j0n699kf00000000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
10eaccf223ddbae6e02150eae28504eb5255afcab5d430c6203ba278519dc705
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://exchange-taxpayer.safesendreturns.com/SendLinkRedirect/5ywt32vhj6pmv5llh91d2epye84lw2um51c5ah4lrlgr6j0n699kf00000000000

Response headers

X-Robots-Tag
noindex
Content-Encoding
gzip
ETag
"0dce81caf5db1:0"
Date
Fri, 11 Oct 2024 16:03:44 GMT
Content-Type
application/x-javascript
Last-Modified
Fri, 13 Sep 2024 07:32:40 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000
Cache-Control
public,max-age=31536000
Connection
keep-alive
X-Content-Type-Option
nosniff
Accept-Ranges
bytes
Content-Length
264239
X-Powered-By
ASP.NET
Server
Microsoft-IIS/10.0
main.480bbab5.css
exchange-taxpayer.safesendreturns.com/static/css/ 		365 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://exchange-taxpayer.safesendreturns.com/static/css/main.480bbab5.css
Requested by
Host: exchange-taxpayer.safesendreturns.com
URL: https://exchange-taxpayer.safesendreturns.com/SendLinkRedirect/5ywt32vhj6pmv5llh91d2epye84lw2um51c5ah4lrlgr6j0n699kf00000000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cfb9813cdd289b0692f5bd2f8cafc55afa7e446fe7b10a863a19a1be83d24751
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://exchange-taxpayer.safesendreturns.com/SendLinkRedirect/5ywt32vhj6pmv5llh91d2epye84lw2um51c5ah4lrlgr6j0n699kf00000000000

Response headers

X-Robots-Tag
noindex
Content-Encoding
gzip
ETag
"0281e46753db1:0"
Date
Fri, 11 Oct 2024 16:03:45 GMT
Content-Type
text/css
Last-Modified
Tue, 10 Sep 2024 11:33:36 GMT
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000
Cache-Control
public,max-age=31536000
Connection
keep-alive
X-Content-Type-Option
nosniff
Accept-Ranges
bytes
Content-Length
59019
X-Powered-By
ASP.NET
Server
Microsoft-IIS/10.0
5ywt32vhj6pmv5llh91d2epye84lw2um51c5ah4lrlgr6j0n699kf00000000000
exchange-taxpayer-api.safesendreturns.com/api/ApplicationInsight/BasicDetails/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://exchange-taxpayer-api.safesendreturns.com/api/ApplicationInsight/BasicDetails/5ywt32vhj6pmv5llh91d2epye84lw2um51c5ah4lrlgr6j0n699kf00000000000?component=undefined&tPLinkType=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
traceparent
Access-Control-Request-Method
GET
Origin
https://exchange-taxpayer.safesendreturns.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
traceparent
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
https://exchange-taxpayer.safesendreturns.com
Connection
keep-alive
Date
Fri, 11 Oct 2024 16:03:45 GMT
Request-Context
appId=cid-v1:882814f2-2042-49e8-a6e3-7a0ceec9e0b9
Server
Kestrel
Strict-Transport-Security
max-age=31536000
Vary
Origin
X-Content-Type-Option
nosniff
X-Frame-Options
SAMEORIGIN
X-Robots-Tag
noindex
5ywt32vhj6pmv5llh91d2epye84lw2um51c5ah4lrlgr6j0n699kf00000000000
exchange-taxpayer-api.safesendreturns.com/api/ApplicationInsight/BasicDetails/ 		249 B
793 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange-taxpayer-api.safesendreturns.com/api/ApplicationInsight/BasicDetails/5ywt32vhj6pmv5llh91d2epye84lw2um51c5ah4lrlgr6j0n699kf00000000000?component=undefined&tPLinkType=1
Requested by
Host: exchange-taxpayer.safesendreturns.com
URL: https://exchange-taxpayer.safesendreturns.com/static/js/main.39693d65.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e7dd88e8bdbab550a949e4faba5e95c2a21fc4965785aaea99bbd7fb6749f121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

traceparent
00-e1b7fbc030414510bc84bd10350fa329-2089916aacd942f9-01
Referer
https://exchange-taxpayer.safesendreturns.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

Strict-Transport-Security
max-age=31536000
X-Robots-Tag
noindex
Access-Control-Expose-Headers
Content-Disposition
Connection
keep-alive
Access-Control-Allow-Credentials
true
X-Content-Type-Option
nosniff
Request-Context
appId=cid-v1:882814f2-2042-49e8-a6e3-7a0ceec9e0b9
Access-Control-Allow-Origin
https://exchange-taxpayer.safesendreturns.com
Content-Length
249
Date
Fri, 11 Oct 2024 16:03:46 GMT
Content-Type
application/json; charset=utf-8
Vary
Origin
Server
Kestrel
X-Frame-Options
SAMEORIGIN
5ywt32vhj6pmv5llh91d2epye84lw2um51c5ah4lrlgr6j0n699kf00000000000
exchange-taxpayer-api.safesendreturns.com/api/SendLink/ValidateSendLink/ 		69 B
612 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange-taxpayer-api.safesendreturns.com/api/SendLink/ValidateSendLink/5ywt32vhj6pmv5llh91d2epye84lw2um51c5ah4lrlgr6j0n699kf00000000000
Requested by
Host: exchange-taxpayer.safesendreturns.com
URL: https://exchange-taxpayer.safesendreturns.com/static/js/main.39693d65.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b27c0fde7a73c8854cee784a2780696d031c0fd3f5feece3bcb5f89d59f974f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

traceparent
00-e1b7fbc030414510bc84bd10350fa329-471e91001deb4580-01
Referer
https://exchange-taxpayer.safesendreturns.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

Strict-Transport-Security
max-age=31536000
X-Robots-Tag
noindex
Access-Control-Expose-Headers
Content-Disposition
Connection
keep-alive
Access-Control-Allow-Credentials
true
X-Content-Type-Option
nosniff
Request-Context
appId=cid-v1:882814f2-2042-49e8-a6e3-7a0ceec9e0b9
Access-Control-Allow-Origin
https://exchange-taxpayer.safesendreturns.com
Content-Length
69
Date
Fri, 11 Oct 2024 16:03:46 GMT
Content-Type
application/json; charset=utf-8
Vary
Origin
Server
Kestrel
X-Frame-Options
SAMEORIGIN
5ywt32vhj6pmv5llh91d2epye84lw2um51c5ah4lrlgr6j0n699kf00000000000
exchange-taxpayer-api.safesendreturns.com/api/dropOff/GetWalkMeScript/ 		382 B
939 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange-taxpayer-api.safesendreturns.com/api/dropOff/GetWalkMeScript/5ywt32vhj6pmv5llh91d2epye84lw2um51c5ah4lrlgr6j0n699kf00000000000
Requested by
Host: exchange-taxpayer.safesendreturns.com
URL: https://exchange-taxpayer.safesendreturns.com/static/js/main.39693d65.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e110410022758787739a0a075f24d51228bc714560e50343a05cef4450e1744c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

traceparent
00-e1b7fbc030414510bc84bd10350fa329-dd70065f2c0449fa-01
Referer
https://exchange-taxpayer.safesendreturns.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
X-Robots-Tag
noindex
Access-Control-Expose-Headers
Content-Disposition
Connection
keep-alive
Access-Control-Allow-Credentials
true
X-Content-Type-Option
nosniff
Request-Context
appId=cid-v1:882814f2-2042-49e8-a6e3-7a0ceec9e0b9
Access-Control-Allow-Origin
https://exchange-taxpayer.safesendreturns.com
Date
Fri, 11 Oct 2024 16:03:46 GMT
Content-Type
text/plain; charset=utf-8
Vary
Origin
Server
Kestrel
X-Frame-Options
SAMEORIGIN
5ywt32vhj6pmv5llh91d2epye84lw2um51c5ah4lrlgr6j0n699kf00000000000
exchange-taxpayer-api.safesendreturns.com/api/SendLink/GetHeaderInfo/ 		201 B
745 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange-taxpayer-api.safesendreturns.com/api/SendLink/GetHeaderInfo/5ywt32vhj6pmv5llh91d2epye84lw2um51c5ah4lrlgr6j0n699kf00000000000
Requested by
Host: exchange-taxpayer.safesendreturns.com
URL: https://exchange-taxpayer.safesendreturns.com/static/js/main.39693d65.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e0739daf27190432e3ac0f1a616b1648c424e037fc2e426bec2ff986c4262a94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

traceparent
00-e1b7fbc030414510bc84bd10350fa329-ef37b384cefb40e6-01
Referer
https://exchange-taxpayer.safesendreturns.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*

Response headers

Strict-Transport-Security
max-age=31536000
X-Robots-Tag
noindex
Access-Control-Expose-Headers
Content-Disposition
Connection
keep-alive
Access-Control-Allow-Credentials
true
X-Content-Type-Option
nosniff
Request-Context
appId=cid-v1:882814f2-2042-49e8-a6e3-7a0ceec9e0b9
Access-Control-Allow-Origin
https://exchange-taxpayer.safesendreturns.com
Content-Length
201
Date
Fri, 11 Oct 2024 16:03:46 GMT
Content-Type
application/json; charset=utf-8
Vary
Origin
Server
Kestrel
X-Frame-Options
SAMEORIGIN
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v13/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mulish/v13/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mulish:ital,wght@0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax30s03-in-f3.1e100.net
Software
sffe /
Resource Hash
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://exchange-taxpayer.safesendreturns.com
Referer
https://fonts.googleapis.com/

Response headers

age
186242
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 09 Oct 2025 12:19:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 09 Oct 2024 12:19:43 GMT
last-modified
Wed, 13 Sep 2023 23:18:56 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
30096
x-xss-protection
0
server
sffe
5ywt32vhj6pmv5llh91d2epye84lw2um51c5ah4lrlgr6j0n699kf00000000000
exchange-taxpayer-api.safesendreturns.com/api/SendLink/ValidateSendLink/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://exchange-taxpayer-api.safesendreturns.com/api/SendLink/ValidateSendLink/5ywt32vhj6pmv5llh91d2epye84lw2um51c5ah4lrlgr6j0n699kf00000000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
traceparent
Access-Control-Request-Method
GET
Origin
https://exchange-taxpayer.safesendreturns.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
traceparent
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
https://exchange-taxpayer.safesendreturns.com
Connection
keep-alive
Date
Fri, 11 Oct 2024 16:03:45 GMT
Request-Context
appId=cid-v1:882814f2-2042-49e8-a6e3-7a0ceec9e0b9
Server
Kestrel
Strict-Transport-Security
max-age=31536000
Vary
Origin
X-Content-Type-Option
nosniff
X-Frame-Options
SAMEORIGIN
X-Robots-Tag
noindex
5ywt32vhj6pmv5llh91d2epye84lw2um51c5ah4lrlgr6j0n699kf00000000000
exchange-taxpayer-api.safesendreturns.com/api/dropOff/GetWalkMeScript/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://exchange-taxpayer-api.safesendreturns.com/api/dropOff/GetWalkMeScript/5ywt32vhj6pmv5llh91d2epye84lw2um51c5ah4lrlgr6j0n699kf00000000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
traceparent
Access-Control-Request-Method
GET
Origin
https://exchange-taxpayer.safesendreturns.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
traceparent
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
https://exchange-taxpayer.safesendreturns.com
Connection
keep-alive
Date
Fri, 11 Oct 2024 16:03:45 GMT
Request-Context
appId=cid-v1:882814f2-2042-49e8-a6e3-7a0ceec9e0b9
Server
Kestrel
Strict-Transport-Security
max-age=31536000
Vary
Origin
X-Content-Type-Option
nosniff
X-Frame-Options
SAMEORIGIN
X-Robots-Tag
noindex
5ywt32vhj6pmv5llh91d2epye84lw2um51c5ah4lrlgr6j0n699kf00000000000
exchange-taxpayer-api.safesendreturns.com/api/SendLink/GetHeaderInfo/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://exchange-taxpayer-api.safesendreturns.com/api/SendLink/GetHeaderInfo/5ywt32vhj6pmv5llh91d2epye84lw2um51c5ah4lrlgr6j0n699kf00000000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
traceparent
Access-Control-Request-Method
GET
Origin
https://exchange-taxpayer.safesendreturns.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
traceparent
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
https://exchange-taxpayer.safesendreturns.com
Connection
keep-alive
Date
Fri, 11 Oct 2024 16:03:45 GMT
Request-Context
appId=cid-v1:882814f2-2042-49e8-a6e3-7a0ceec9e0b9
Server
Kestrel
Strict-Transport-Security
max-age=31536000
Vary
Origin
X-Content-Type-Option
nosniff
X-Frame-Options
SAMEORIGIN
X-Robots-Tag
noindex
favicon.ico
exchange-taxpayer.safesendreturns.com/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://exchange-taxpayer.safesendreturns.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.158.215.147 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
57fc836f0deff19dff1b9bd0ea5307038c285ebdc35359184a1e1ed7aa429531
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://exchange-taxpayer.safesendreturns.com/SendLinkRedirect/5ywt32vhj6pmv5llh91d2epye84lw2um51c5ah4lrlgr6j0n699kf00000000000

Response headers

X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000
X-Robots-Tag
noindex
Cache-Control
public,max-age=31536000
ETag
"01651c753db1:0"
Connection
keep-alive
X-Content-Type-Option
nosniff
Accept-Ranges
bytes
Content-Length
15406
Date
Fri, 11 Oct 2024 16:03:46 GMT
Content-Type
image/x-icon
Last-Modified
Tue, 10 Sep 2024 11:32:26 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.73.39 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://exchange-taxpayer.safesendreturns.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Fri, 11 Oct 2024 16:03:45 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
track
dc.services.visualstudio.com/v2/ 		337 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: exchange-taxpayer.safesendreturns.com
URL: https://exchange-taxpayer.safesendreturns.com/static/js/main.39693d65.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.73.39 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
341e7fc9550aa1c279ac9ccc64388e39e3190b0db863c3f8286769bbc0fee028
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://exchange-taxpayer.safesendreturns.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Sdk-Context
appId

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
*
date
Fri, 11 Oct 2024 16:03:46 GMT
content-type
application/json; charset=utf-8
server
Microsoft-HTTPAPI/2.0
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.73.39 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://exchange-taxpayer.safesendreturns.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Fri, 11 Oct 2024 16:03:45 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.73.39 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://exchange-taxpayer.safesendreturns.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Fri, 11 Oct 2024 16:03:45 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
track
dc.services.visualstudio.com/v2/ 		268 B
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: exchange-taxpayer.safesendreturns.com
URL: https://exchange-taxpayer.safesendreturns.com/static/js/main.39693d65.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.73.39 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
a775f1294d8a58106a1069eb9f34dfeb4c1fcdd1fc29deb0bd15bee35596b4e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://exchange-taxpayer.safesendreturns.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Sdk-Context
appId

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
*
date
Fri, 11 Oct 2024 16:03:46 GMT
content-type
application/json; charset=utf-8
server
Microsoft-HTTPAPI/2.0
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ 		199 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: exchange-taxpayer.safesendreturns.com
URL: https://exchange-taxpayer.safesendreturns.com/static/js/main.39693d65.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.73.39 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
dcedc71969d6334e3d6e59c89192507e4c243453fb7f5c1bb26613c16df86a0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://exchange-taxpayer.safesendreturns.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Sdk-Context
appId

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
*
date
Fri, 11 Oct 2024 16:03:46 GMT
content-type
application/json; charset=utf-8
server
Microsoft-HTTPAPI/2.0
x-content-type-options
nosniff
walkme_148aadebe34448148ad4edd74737f760_https.js
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/walkme_148aadebe34448148ad4edd74737f760_https.js
Requested by
Host: exchange-taxpayer.safesendreturns.com
URL: https://exchange-taxpayer.safesendreturns.com/SendLinkRedirect/5ywt32vhj6pmv5llh91d2epye84lw2um51c5ah4lrlgr6j0n699kf00000000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.204.14.9 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-14-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8997b9771acec70a4c0648de224e869bb31d5c61d1e577d68d46c66556f14737
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://exchange-taxpayer.safesendreturns.com/

Response headers

access-control-allow-private-network
true
content-encoding
gzip
etag
"65db7bea2e183b03afa9eac7fe5a26f1"
x-amz-version-id
eyyJoKjomxdSZlYG.kQzXUt9zzy1III9
x-content-type-options
nosniff
date
Fri, 11 Oct 2024 16:03:46 GMT
last-modified
Fri, 26 Jul 2024 20:09:26 GMT
content-type
application/javascript
vary
Accept-Encoding
x-amz-id-2
7xiPfGvypJODdtAKDDT1uB3YLYu5F3yGPkpvBy0IempnjYE+Xp3o0BYMAKcyEg+SO+oEut4+3H8=
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
content-security-policy
upgrade-insecure-requests;
cache-control
max-age=34287
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
no-referrer-when-downgrade
x-amz-request-id
JAND5VHH0YYKG2QG
accept-ranges
bytes
access-control-allow-origin
*
content-length
8824
x-xss-protection
1; mode=block
x-amz-server-side-encryption
AES256
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.73.39 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://exchange-taxpayer.safesendreturns.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Fri, 11 Oct 2024 16:03:45 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
track
dc.services.visualstudio.com/v2/ 		268 B
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: exchange-taxpayer.safesendreturns.com
URL: https://exchange-taxpayer.safesendreturns.com/static/js/main.39693d65.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.179.73.39 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
a775f1294d8a58106a1069eb9f34dfeb4c1fcdd1fc29deb0bd15bee35596b4e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://exchange-taxpayer.safesendreturns.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Sdk-Context
appId

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
*
date
Fri, 11 Oct 2024 16:03:46 GMT
content-type
application/json; charset=utf-8
server
Microsoft-HTTPAPI/2.0
x-content-type-options
nosniff
settings.txt
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/settings.txt
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/walkme_148aadebe34448148ad4edd74737f760_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.204.14.9 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-14-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
23a565c3147efe9755bb799b85ce093d329cf8684b06024be8d8efa0d4861490
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://exchange-taxpayer.safesendreturns.com/

Response headers

access-control-allow-private-network
true
content-encoding
gzip
etag
"a7b36c3ee9f828fc17e95340cfbca93d"
x-amz-version-id
9hOr2hxUOJMDa8Ju6nKXdHJeS.rTcJiT
x-content-type-options
nosniff
date
Fri, 11 Oct 2024 16:03:46 GMT
last-modified
Fri, 26 Jul 2024 20:09:26 GMT
content-type
application/javascript
vary
Accept-Encoding
x-amz-id-2
lqQyYHLHb6b2PI/d6KpwXLUnumty4w5lwuC5665j1AEr8ErXjjLtMYjxFsSxFT5769DwCVfon9I=
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
content-security-policy
upgrade-insecure-requests;
cache-control
max-age=291
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
no-referrer-when-downgrade
x-amz-request-id
CSMN2ZZ9MDY5A2K5
accept-ranges
bytes
access-control-allow-origin
*
content-length
715
x-xss-protection
1; mode=block
x-amz-server-side-encryption
AES256
wmjQuery33121.js
cdn.walkme.com/player/resources/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/resources/wmjQuery33121.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/walkme_148aadebe34448148ad4edd74737f760_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.204.14.9 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-14-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4c39cb66f7f70d491df03c9483665b7aa362d889daebc31d1d98305f34b7e3af
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://exchange-taxpayer.safesendreturns.com/

Response headers

access-control-allow-private-network
true
content-encoding
gzip
etag
"b00eee8317d72ce865b995c31f1f95ff"
x-amz-version-id
dpj4bAlfG6UlhFPdf_TGly9sgsSAJ5Ge
x-content-type-options
nosniff
date
Fri, 11 Oct 2024 16:03:47 GMT
last-modified
Tue, 03 May 2022 06:44:33 GMT
content-type
application/javascript
vary
Accept-Encoding
x-amz-id-2
exuTVklCwpn00Dvl3j9UTfkCWkj+NxHFc7rCjgQv23K39W9aLaht5jDG7f6yK/UduPft03j+yGE=
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
content-security-policy
upgrade-insecure-requests;
cache-control
max-age=28312584
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
no-referrer-when-downgrade
x-amz-request-id
A11PAKH1V9YCB1ZW
accept-ranges
bytes
access-control-allow-origin
*
content-length
30035
x-xss-protection
1; mode=block
x-amz-server-side-encryption
AES256
prelib-plugin-cbc917dd-5980-37ca-b6da-4deed694d54a.js
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/scripts/ 		233 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/scripts/prelib-plugin-cbc917dd-5980-37ca-b6da-4deed694d54a.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/walkme_148aadebe34448148ad4edd74737f760_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.204.14.9 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-14-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
92b4412e075cf1a55411f5da2c3bf54360fac70163d0e353db60f642e2bb0a7a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://exchange-taxpayer.safesendreturns.com/

Response headers

access-control-allow-private-network
true
content-encoding
gzip
etag
"879614d97d2c9a0168c0494a2a42059f"
x-amz-version-id
_mTVfKQI9NAGDkTLCKVCIb0Yhc2FcwGA
x-content-type-options
nosniff
date
Fri, 11 Oct 2024 16:03:47 GMT
last-modified
Wed, 08 Mar 2023 20:00:20 GMT
content-type
application/x-javascript
vary
Accept-Encoding
x-amz-id-2
hPzvdTrT6KHExT1NlrTWjc/hXWlYoHYW+18D1OKt+ggS+VEfnEciWQr0hc3uEep8ts/CoqI4QfM=
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
content-security-policy
upgrade-insecure-requests;
cache-control
max-age=27305354
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
no-referrer-when-downgrade
x-amz-request-id
SHC025ZHP82ZK7J6
accept-ranges
bytes
access-control-allow-origin
*
content-length
70036
x-xss-protection
1; mode=block
x-amz-server-side-encryption
AES256
walkme_lib_20240718-112855-ff2c8d3c-c647f9c4.br.js
cdn.walkme.com/player/lib/ 		2 MB
430 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/walkme_lib_20240718-112855-ff2c8d3c-c647f9c4.br.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/walkme_148aadebe34448148ad4edd74737f760_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.204.14.9 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-14-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2c324d1bcc349ee279edf2cc2122f6abefa0456347f02f8d3d8c24ef2b7833ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://exchange-taxpayer.safesendreturns.com/

Response headers

access-control-allow-private-network
true
content-encoding
br
etag
"eb0aeee35172c52c00bb0e282ac7b5aa"
x-amz-version-id
76ZXXY8OIBFWvbwWKnRiVtNY5RMta4ja
x-content-type-options
nosniff
date
Fri, 11 Oct 2024 16:03:47 GMT
last-modified
Thu, 18 Jul 2024 11:50:07 GMT
content-type
application/javascript
x-amz-id-2
qa1JYoftOvbv/XxPNcvkRx7urDB+uHsKsjywmWmX6cmiUVAZBbbQ0HfPoW/oMSGR+rrx/wYFEwg=
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
content-security-policy
upgrade-insecure-requests;
cache-control
max-age=28333553
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
no-referrer-when-downgrade
x-amz-request-id
5EAAGN704ZT7QADV
accept-ranges
bytes
access-control-allow-origin
*
content-length
439218
x-xss-protection
1; mode=block
x-amz-server-side-encryption
AES256
walkme_config_0ee5ae7f12854fc0bf537de821960bf6.js
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/walkme_config_0ee5ae7f12854fc0bf537de821960bf6.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/walkme_148aadebe34448148ad4edd74737f760_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.204.14.9 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-14-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
03dc376a12a6db303ec66cbbae3848189b55f4d4aa9c98af26d0f7605f642723
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://exchange-taxpayer.safesendreturns.com/

Response headers

access-control-allow-private-network
true
content-encoding
gzip
etag
"55367555063858508f39db6bfe4124db"
x-amz-version-id
AKdHc0.aKKZBSAh2cP5mz92ohDVRDnPB
x-content-type-options
nosniff
date
Fri, 11 Oct 2024 16:03:47 GMT
last-modified
Fri, 26 Jul 2024 20:09:26 GMT
content-type
application/javascript
vary
Accept-Encoding
x-amz-id-2
4weZJhgwmN2zu1Ijx/JqBM2GeKQJm9JE0Z7R7I948lRzGKpCjBtiUqqbWWlz3rLskulBi01w14I=
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
content-security-policy
upgrade-insecure-requests;
cache-control
max-age=28315442
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
no-referrer-when-downgrade
x-amz-request-id
DRM62CDNVDRPK15Y
accept-ranges
bytes
access-control-allow-origin
*
content-length
2307
x-xss-protection
1; mode=block
x-amz-server-side-encryption
AES256
insights_configuration_6b988278c2d2488da3861ca986bd97dd.js
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/external-data/insights-configuration/ 		72 B
651 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/external-data/insights-configuration/insights_configuration_6b988278c2d2488da3861ca986bd97dd.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20240718-112855-ff2c8d3c-c647f9c4.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.204.14.9 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-14-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fb153402ba70c0a381b1e9924b3d90fb40729735c3e9c1372b6cdc9594a329fe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://exchange-taxpayer.safesendreturns.com/

Response headers

access-control-allow-private-network
true
content-encoding
gzip
etag
"847a33f7659cea7dfc9792ee7dae9ce0"
x-amz-version-id
AxJRdw0S4AkFC_xJ4j9Jyt6gQe9twYQf
x-content-type-options
nosniff
date
Fri, 11 Oct 2024 16:03:48 GMT
last-modified
Wed, 02 Nov 2022 14:24:50 GMT
content-type
application/javascript
vary
Accept-Encoding
x-amz-id-2
4+MvIvVXQpBLdm+QknBaEm3PfY8JOqzMhcPqxRFRfB9LvWl2V3I1lffMoqmW3+x1gNQSy7qMteo=
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
content-security-policy
upgrade-insecure-requests;
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
no-referrer-when-downgrade
x-amz-request-id
ZASZ5FRQE1K0J2YN
accept-ranges
bytes
access-control-allow-origin
*
content-length
65
x-xss-protection
1; mode=block
x-amz-server-side-encryption
AES256
custom_css_0ee5ae7f12854fc0bf537de821960bf6.css
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/ 		33 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/custom_css_0ee5ae7f12854fc0bf537de821960bf6.css
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20240718-112855-ff2c8d3c-c647f9c4.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.204.14.9 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-14-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6da0319cc447f687bb9f8b33b8ef4b0c9e319bc3dc3cc1b27826c51d2a96deaa
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://exchange-taxpayer.safesendreturns.com
Referer
https://exchange-taxpayer.safesendreturns.com/

Response headers

access-control-allow-private-network
true
content-encoding
gzip
etag
"6949111aebe20a9385dacb9789cb3ef0"
x-amz-version-id
FmRsEo1QJARqTe7pM8s4tIfvHImPn7R6
x-content-type-options
nosniff
date
Fri, 11 Oct 2024 16:03:48 GMT
last-modified
Fri, 26 Jul 2024 20:09:26 GMT
content-type
text/css
vary
Accept-Encoding
x-amz-id-2
NRyDsN2y8EuTOaNQV5rvxQsrRyDxgFQOj0L4ObuWHgvGF9IVRuYt1vO2KA9zpM0SfKm9STpFZ7E=
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
content-security-policy
upgrade-insecure-requests;
cache-control
max-age=28327370
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
no-referrer-when-downgrade
x-amz-request-id
PWH7YR1H6NWEY7J1
accept-ranges
bytes
access-control-allow-origin
*
content-length
1981
x-xss-protection
1; mode=block
x-amz-server-side-encryption
AES256
data_0ee5ae7f12854fc0bf537de821960bf6.br.js
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/ 		743 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/test/data_0ee5ae7f12854fc0bf537de821960bf6.br.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20240718-112855-ff2c8d3c-c647f9c4.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.204.14.9 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-14-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9bf08ebed4c0b0d687f5b509ec510fa1f26e9bad0a0b5d8943068912abad8629
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://exchange-taxpayer.safesendreturns.com/

Response headers

access-control-allow-private-network
true
content-encoding
br
etag
"4efdba3fc4b69a36b4ce77d94276510b"
x-amz-version-id
PTChCBQ7O9xjdv1pa6vjt3PWcYEDKsBF
x-content-type-options
nosniff
date
Fri, 11 Oct 2024 16:03:48 GMT
last-modified
Fri, 26 Jul 2024 20:09:28 GMT
content-type
application/javascript
x-amz-id-2
4A2bF10SCS3sWGGi/fNFbCsmX35CFGjTad6SmZYQ4RyooV135xKSZMMcsYTjKX9uHh/ysXJh1Qk=
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
content-security-policy
upgrade-insecure-requests;
cache-control
max-age=28261974
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
no-referrer-when-downgrade
x-amz-request-id
EBE19YE2G5EF9YY4
accept-ranges
bytes
access-control-allow-origin
*
content-length
55876
x-xss-protection
1; mode=block
x-amz-server-side-encryption
AES256
runtime_data.json
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/runtime_data.json
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20240718-112855-ff2c8d3c-c647f9c4.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.204.14.9 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-14-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
939b9ad89634f7cfe4addcfbcc0480a2317402ace16fd57ecdbe7478f7b76f16
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://exchange-taxpayer.safesendreturns.com/

Response headers

access-control-allow-private-network
true
content-encoding
gzip
etag
"fe24f729ad8c5f0bd6869a8dca12b716"
x-amz-version-id
8qB5vDFeagVQu06iL1Ubt5.AU7uxl5us
x-content-type-options
nosniff
date
Fri, 11 Oct 2024 16:03:48 GMT
last-modified
Wed, 09 Oct 2024 11:44:22 GMT
content-type
application/json
vary
Accept-Encoding
x-amz-id-2
DKA4DaEgfjGOr2xkvHaJasTPXFMlaGZMZ96WYMbDj5shTAmNoWmkgHWzBNiu5ZC1Qc+n4sM2aUI=
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
content-security-policy
upgrade-insecure-requests;
cache-control
max-age=57132
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
no-referrer-when-downgrade
x-amz-request-id
CJ78XQCYZA245F51
accept-ranges
bytes
access-control-allow-origin
*
content-length
856
x-xss-protection
1; mode=block
x-amz-server-side-encryption
AES256
12.9d9ac614.walkme_lib.js
cdn.walkme.com/player/lib/20240718-112855-ff2c8d3c-c647f9c4.br/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20240718-112855-ff2c8d3c-c647f9c4.br/12.9d9ac614.walkme_lib.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20240718-112855-ff2c8d3c-c647f9c4.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.204.14.9 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-14-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4478f48de2270d661ecc086c80ec11a88dd48f199cabf2593f4a64b4e41e3692
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://exchange-taxpayer.safesendreturns.com/

Response headers

access-control-allow-private-network
true
content-encoding
br
etag
"320f2e5c1dfb4ceaa73f191bdae5b919"
x-amz-version-id
7ao5NZspswFNvKygAa4jR69OWf_Z3Vbb
x-content-type-options
nosniff
date
Fri, 11 Oct 2024 16:03:48 GMT
last-modified
Thu, 18 Jul 2024 11:49:53 GMT
content-type
application/javascript
x-amz-id-2
nhb2yhjJMI8YZ7a+dZ8Rit/9bEOL/TnTDGtk2iWhXUHtLxgzDYvjlpMjhBeLVr7Fea9Y0yQTe5Q=
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
content-security-policy
upgrade-insecure-requests;
cache-control
max-age=28335423
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
no-referrer-when-downgrade
x-amz-request-id
FEVEAK6SE02P1ZT6
accept-ranges
bytes
access-control-allow-origin
*
content-length
10337
x-xss-protection
1; mode=block
x-amz-server-side-encryption
AES256
30.01e4ea77.walkme_lib.js
cdn.walkme.com/player/lib/20240718-112855-ff2c8d3c-c647f9c4.br/ 		116 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20240718-112855-ff2c8d3c-c647f9c4.br/30.01e4ea77.walkme_lib.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20240718-112855-ff2c8d3c-c647f9c4.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.204.14.9 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-14-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2127708854ffa4b1389afbe21df69a0513fdfa8b458a204e375cfbd8e2c56d13
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://exchange-taxpayer.safesendreturns.com/

Response headers

access-control-allow-private-network
true
content-encoding
br
etag
"85bfe16dd770b6caa38d651770193104"
x-amz-version-id
HwIDLf1bwQPuAD0vryVOyMeW0EY6YOvr
x-content-type-options
nosniff
date
Fri, 11 Oct 2024 16:03:48 GMT
last-modified
Thu, 18 Jul 2024 11:49:54 GMT
content-type
application/javascript
x-amz-id-2
9QnOqyjEhCD0+a5J2CK3FSmdJj1jfBcSDsYNaW5lUZMer5D9tZl97lAjQ2bTjzPuFjf3DWT110A=
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
content-security-policy
upgrade-insecure-requests;
cache-control
max-age=28333738
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
no-referrer-when-downgrade
x-amz-request-id
2JFRG2QQ1Y2J6KCM
accept-ranges
bytes
access-control-allow-origin
*
content-length
31412
x-xss-protection
1; mode=block
x-amz-server-side-encryption
AES256
24.6b7aa000.walkme_lib.js
cdn.walkme.com/player/lib/20240718-112855-ff2c8d3c-c647f9c4.br/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20240718-112855-ff2c8d3c-c647f9c4.br/24.6b7aa000.walkme_lib.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20240718-112855-ff2c8d3c-c647f9c4.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.204.14.9 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-14-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
693988f8058bd20270d6d4372c0691dcfde7a3d2a60643b288e24d29e88b7b8a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://exchange-taxpayer.safesendreturns.com/

Response headers

access-control-allow-private-network
true
content-encoding
br
etag
"8a9b1e20301f05e4b4c613b99a682565"
x-amz-version-id
WGgtYnoa0jMsvrXj9asuJ4OpshrDYAFT
x-content-type-options
nosniff
date
Fri, 11 Oct 2024 16:03:48 GMT
last-modified
Thu, 18 Jul 2024 11:49:53 GMT
content-type
application/javascript
x-amz-id-2
MNt9qR5RT/2JP95CR19qrLIYk9yE1/V21dIqnOl4msgIIA4p6SxuKgIk05K+M+xmUwMhgvjlIAg=
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
content-security-policy
upgrade-insecure-requests;
cache-control
max-age=28334245
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
no-referrer-when-downgrade
x-amz-request-id
FJHM3DNF68ZJGX02
accept-ranges
bytes
access-control-allow-origin
*
content-length
8463
x-xss-protection
1; mode=block
x-amz-server-side-encryption
AES256
53.18007167.walkme_lib.js
cdn.walkme.com/player/lib/20240718-112855-ff2c8d3c-c647f9c4.br/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20240718-112855-ff2c8d3c-c647f9c4.br/53.18007167.walkme_lib.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20240718-112855-ff2c8d3c-c647f9c4.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.204.14.9 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-14-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
93694943bf5c88f632ac6ba0871d7a2c02671d9d68ddbf2caeb464c0bb316e55
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://exchange-taxpayer.safesendreturns.com/

Response headers

access-control-allow-private-network
true
content-encoding
br
etag
"bf09acdca81432303958253cfb3741c6"
x-amz-version-id
kVne6EUvMUgGtPdS4j.JB88ShXrU50wA
x-content-type-options
nosniff
date
Fri, 11 Oct 2024 16:03:48 GMT
last-modified
Thu, 18 Jul 2024 11:49:54 GMT
content-type
application/javascript
x-amz-id-2
NAHlADv688sf++pT94vpOAAKfCy/MHWbPfiFf3G6VMr/0VdWVOJN1mqjbWYPVkb4GRf4cesu+As=
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
content-security-policy
upgrade-insecure-requests;
cache-control
max-age=28334575
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
no-referrer-when-downgrade
x-amz-request-id
WG0SB8JYW63RJSKY
accept-ranges
bytes
access-control-allow-origin
*
content-length
443
x-xss-protection
1; mode=block
x-amz-server-side-encryption
AES256
notosans.js
cdn.walkme.com/player/resources/fonts/ 		28 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/resources/fonts/notosans.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20240718-112855-ff2c8d3c-c647f9c4.br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.204.14.9 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-14-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
04492dc91f7b11414946c67dda4b85fba53e4ad6e76237095b73b30d1c6bbe5d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000;includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://exchange-taxpayer.safesendreturns.com/

Response headers

access-control-allow-private-network
true
content-encoding
gzip
etag
"7e9b968dcc783627e445ad04f4dab310"
x-amz-version-id
WjEbTtapEYtXvse9Ooq2w1BlT1_OhZB3
x-content-type-options
nosniff
date
Fri, 11 Oct 2024 16:03:48 GMT
last-modified
Wed, 12 Jun 2019 21:50:11 GMT
content-type
application/javascript
vary
Accept-Encoding
x-amz-id-2
S/ZuAcqAm2j0OybgHI/DeC7jF9KowqBQmdeIJj8WHrP53Z6Aq6BxygJDcenswWmJw3TlrnlwVdk=
strict-transport-security
max-age=31536000;includeSubdomains
x-amz-replication-status
COMPLETED
content-security-policy
upgrade-insecure-requests;
cache-control
max-age=14400
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
referrer-policy
no-referrer-when-downgrade
x-amz-request-id
0BZ9BZRJZ6XN8FES
accept-ranges
bytes
access-control-allow-origin
*
content-length
21880
x-xss-protection
1; mode=block
x-amz-server-side-encryption
AES256
postEvent
ec.walkme.com/event/ 		2 B
80 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ec.walkme.com/event/postEvent
Requested by
Host: exchange-taxpayer.safesendreturns.com
URL: https://exchange-taxpayer.safesendreturns.com/static/js/main.39693d65.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.109.167 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
167.109.201.35.bc.googleusercontent.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; block-all-mixed-content; default-src 'none'; frame-ancestors: 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

traceparent
00-6179eccfa8d64fd9bb02fcd9ec0bb9c1-4dd98549b2c54239-01
Referer
https://exchange-taxpayer.safesendreturns.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
text/html, */*; q=0.01
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
upgrade-insecure-requests; block-all-mixed-content; default-src 'none'; frame-ancestors: 'none'
cache-control
private, max-age=600
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-xss-protection
1; mode=block
date
Fri, 11 Oct 2024 16:03:49 GMT
content-type
text/html; charset=utf-8
x-frame-options
DENY
postEvent
ec.walkme.com/event/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ec.walkme.com/event/postEvent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.109.167 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
167.109.201.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; block-all-mixed-content; default-src 'none'; frame-ancestors: 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
traceparent
Access-Control-Request-Method
POST
Origin
https://exchange-taxpayer.safesendreturns.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
traceparent
access-control-allow-methods
POST,GET
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=600
content-length
0
content-security-policy
upgrade-insecure-requests; block-all-mixed-content; default-src 'none'; frame-ancestors: 'none'
cross-origin-resource-policy
cross-origin
date
Fri, 11 Oct 2024 16:03:49 GMT
referrer-policy
strict-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Access-Control-Request-Headers
via
1.1 google
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __dynProto$Gbl object| _walkmeConfig object| _walkmeInternals object| wmSnippet function| mtjQuery function| wmjQuery function| walkme_pre_lib_loaded object| _walkmeWebpackJP object| _makeTutorialEv object| _makeTutorial object| _walkMe object| WalkMeAPI object| WalkMeDataAPI object| WalkMeInsightsAPI object| wmContext function| WalkMeDataClass object| WalkMePlayerAPI string| segmentId object| valuePerEvent

4 Cookies

Domain/Path Name / Value
.exchange-taxpayer.safesendreturns.com/ Name: ARRAffinity
Value: 06dece71727ab2c9a75506862155277ef8948b1004ad39e70a73eb837c7bf7ad
.exchange-taxpayer.safesendreturns.com/ Name: ARRAffinitySameSite
Value: 06dece71727ab2c9a75506862155277ef8948b1004ad39e70a73eb837c7bf7ad
exchange-taxpayer.safesendreturns.com/ Name: ai_user
Value: eB+ThAP89bxnUDqY0NYI8s|2024-10-11T16:03:45.524Z
exchange-taxpayer.safesendreturns.com/ Name: ai_session
Value: G3ij2b1jtGH98fXoRrWroY|1728662625562|1728662625562

4 Console Messages

Source Level URL
Text
network error URL: https://dc.services.visualstudio.com/v2/track
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://dc.services.visualstudio.com/v2/track
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://dc.services.visualstudio.com/v2/track
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://dc.services.visualstudio.com/v2/track
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.walkme.com
dc.services.visualstudio.com
ec.walkme.com
exchange-taxpayer-api.safesendreturns.com
exchange-taxpayer.safesendreturns.com
fonts.googleapis.com
fonts.gstatic.com
172.217.165.131
23.204.14.9
2607:f8b0:4006:81f::200a
35.201.109.167
52.158.215.147
52.179.73.39
03dc376a12a6db303ec66cbbae3848189b55f4d4aa9c98af26d0f7605f642723
04492dc91f7b11414946c67dda4b85fba53e4ad6e76237095b73b30d1c6bbe5d
10eaccf223ddbae6e02150eae28504eb5255afcab5d430c6203ba278519dc705
2127708854ffa4b1389afbe21df69a0513fdfa8b458a204e375cfbd8e2c56d13
23a565c3147efe9755bb799b85ce093d329cf8684b06024be8d8efa0d4861490
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2c324d1bcc349ee279edf2cc2122f6abefa0456347f02f8d3d8c24ef2b7833ea
341e7fc9550aa1c279ac9ccc64388e39e3190b0db863c3f8286769bbc0fee028
4478f48de2270d661ecc086c80ec11a88dd48f199cabf2593f4a64b4e41e3692
4c39cb66f7f70d491df03c9483665b7aa362d889daebc31d1d98305f34b7e3af
57fc836f0deff19dff1b9bd0ea5307038c285ebdc35359184a1e1ed7aa429531
693988f8058bd20270d6d4372c0691dcfde7a3d2a60643b288e24d29e88b7b8a
6da0319cc447f687bb9f8b33b8ef4b0c9e319bc3dc3cc1b27826c51d2a96deaa
7f0f781820c8de56bd6699ac9570ff90634de4eb5cca7ef4b573bb90619e5a5d
8997b9771acec70a4c0648de224e869bb31d5c61d1e577d68d46c66556f14737
8f7c73fc33a164ebded38246bd119c604d319369766dac68f0ecc7548e106076
92b4412e075cf1a55411f5da2c3bf54360fac70163d0e353db60f642e2bb0a7a
93694943bf5c88f632ac6ba0871d7a2c02671d9d68ddbf2caeb464c0bb316e55
939b9ad89634f7cfe4addcfbcc0480a2317402ace16fd57ecdbe7478f7b76f16
9aeb712049146cba6e148abc3f64a690c38f052ef96ac5ad7e76709c1772e4db
9bf08ebed4c0b0d687f5b509ec510fa1f26e9bad0a0b5d8943068912abad8629
a775f1294d8a58106a1069eb9f34dfeb4c1fcdd1fc29deb0bd15bee35596b4e1
b27c0fde7a73c8854cee784a2780696d031c0fd3f5feece3bcb5f89d59f974f7
cfb9813cdd289b0692f5bd2f8cafc55afa7e446fe7b10a863a19a1be83d24751
dcedc71969d6334e3d6e59c89192507e4c243453fb7f5c1bb26613c16df86a0e
e0739daf27190432e3ac0f1a616b1648c424e037fc2e426bec2ff986c4262a94
e110410022758787739a0a075f24d51228bc714560e50343a05cef4450e1744c
e7dd88e8bdbab550a949e4faba5e95c2a21fc4965785aaea99bbd7fb6749f121
fb153402ba70c0a381b1e9924b3d90fb40729735c3e9c1372b6cdc9594a329fe