taxpayer.safesendreturns.com Open in urlscan Pro
52.182.227.213 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ssr.safesendreturns.com/ls/click?upn=Gjmz1-2FQHSAn3iY3yWqHE-2BYKnfFtdorAyNwop58tB2l-2FD-2Bd98d7Xgf-2BRb64l1tJ1E42upIlrUE...
Effective URL:
https://taxpayer.safesendreturns.com/Delegatee/wcjd4qfhqy3m3d8t613ux4zh2380w000
Submission: On May 01 via manual (May 1st 2023, 2:10:25 pm UTC) from US — Scanned from DE

Summary HTTP 65 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 8 domains to perform 65 HTTP transactions. The main IP is 52.182.227.213, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is taxpayer.safesendreturns.com. The Cisco Umbrella rank of the primary domain is 196154.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 5th 2022. Valid for: a year.

This is the only time taxpayer.safesendreturns.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.158.215.147 52.158.215.147	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
27	52.182.227.213 52.182.227.213	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700:e2:... 2606:4700:e2::ac40:840f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.230.206.81 54.230.206.81	16509 (AMAZON-02) (AMAZON-02)
6	13.227.219.27 13.227.219.27	16509 (AMAZON-02) (AMAZON-02)
6	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
7	13.69.106.215 13.69.106.215	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2600:9000:207... 2600:9000:2070:fa00:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	54.148.101.195 54.148.101.195	16509 (AMAZON-02) (AMAZON-02)
6	23.67.138.249 23.67.138.249	() ()
65	11

1 52.158.215.147 (Des Moines, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ssr.safesendreturns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 52.182.227.213 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

taxpayer.safesendreturns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssr-taxpayer-api.safesendreturns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.230.206.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-206-81.ham50.r.cloudfront.net

sp.tinymce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.227.219.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-27.ams54.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.69.106.215 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2070:fa00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.148.101.195 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-101-195.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.67.138.249 (None, )

ASN- ()

cdn.walkme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	safesendreturns.com 1 redirects ssr.safesendreturns.com — Cisco Umbrella Rank: 229862 taxpayer.safesendreturns.com — Cisco Umbrella Rank: 196154 ssr-taxpayer-api.safesendreturns.com — Cisco Umbrella Rank: 159313	4 MB
14	stripe.com js.stripe.com — Cisco Umbrella Rank: 2411 q.stripe.com — Cisco Umbrella Rank: 20152 m.stripe.com — Cisco Umbrella Rank: 2198	238 KB
7	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 1066	877 B
6	walkme.com cdn.walkme.com	477 KB
4	stripe.network m.stripe.network — Cisco Umbrella Rank: 2669	36 KB
2	tinymce.com sp.tinymce.com — Cisco Umbrella Rank: 37267	755 B
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1543	24 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	3 KB
65	8

	Domain	Requested by
14	ssr-taxpayer-api.safesendreturns.com	taxpayer.safesendreturns.com
13	taxpayer.safesendreturns.com	taxpayer.safesendreturns.com
7	dc.services.visualstudio.com	taxpayer.safesendreturns.com
6	cdn.walkme.com	taxpayer.safesendreturns.com cdn.walkme.com
6	q.stripe.com	taxpayer.safesendreturns.com
6	js.stripe.com	taxpayer.safesendreturns.com js.stripe.com
4	m.stripe.network	js.stripe.com m.stripe.network
2	m.stripe.com	m.stripe.network
2	sp.tinymce.com	taxpayer.safesendreturns.com
2	use.fontawesome.com	taxpayer.safesendreturns.com
2	fonts.googleapis.com	taxpayer.safesendreturns.com
1	ssr.safesendreturns.com	1 redirects
65	12

This site contains no links.

Subject Issuer	Validity	Valid
*.safesendreturns.com Go Daddy Secure Certificate Authority - G2	`2022-10-05` - `2023-11-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
tinymce.com Amazon RSA 2048 M01	`2023-02-21` - `2023-07-20`	5 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-04-20` - `2023-08-05`	4 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
in.applicationinsights.azure.com Microsoft Azure TLS Issuing CA 06	`2023-04-20` - `2024-04-14`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-28` - `2023-07-26`	4 months	crt.sh
walkme.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-29` - `2024-01-31`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://taxpayer.safesendreturns.com/Delegatee/wcjd4qfhqy3m3d8t613ux4zh2380w000
Frame ID: E7F15F36A64DE32F87BDC97297431C19
Requests: 38 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 6A97996EC92F280A6C8EF865DBC9EE45
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 3F6B7B090280FD171249AEBCFCA44313
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: BD9985EBCED7B5EF7E178F3A951FCFC8
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: DB21405FB9C1B0E755D4DB0DAE99C36F
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SafesendReturns

Page URL History Show full URLs

https://ssr.safesendreturns.com/ls/click?upn=Gjmz1-2FQHSAn3iY3yWqHE-2BYKnfFtdorAyNwop58tB2l-2FD-2Bd98d7Xgf-2... HTTP 302
https://taxpayer.safesendreturns.com/Delegatee/Login/wcjd4qfhqy3m3d8t613ux4zh2380w000 Page URL
https://taxpayer.safesendreturns.com/Delegatee/wcjd4qfhqy3m3d8t613ux4zh2380w000 Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

65
Requests

98 %
HTTPS

27 %
IPv6

8
Domains

12
Subdomains

11
IPs

3
Countries

4818 kB
Transfer

19301 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ssr.safesendreturns.com/ls/click?upn=Gjmz1-2FQHSAn3iY3yWqHE-2BYKnfFtdorAyNwop58tB2l-2FD-2Bd98d7Xgf-2BRb64l1tJ1E42upIlrUE1XRdreULdSoHNETIy9YG-2BVlCnhjLnbrMcHL0uheXKmkSXh1eZQo3F0i7YML_ZtyLTlYa78bQffWNrIlGC1D-2B7jmrlzopx5NPR5wcJN-2BTaOID-2Ba4x-2F0RZ1v72lyapbyfb2FcdPRo8b0grzVqInVIk3VIW57TqSMNpwGwQdQ6At-2Bl4YWQuHBYFJRqMectC1JLK-2B0uOaBOE76ObODx5bA8NCXYTRwIHhbt8ya-2B4Z8oScm6qSvafPR-2B-2FkqkNP82ARzbO6s3Lj6SQoFG0y7wZdqqePAIi6L8WJ8dfqWaW4jKA3T-2B6Ll0BXbTZMZLfJ8Bu40v65GlX6D-2B4agCbr2FPzSU-2Fwc-2BAaoaAPmemYIIcXsgoSQPvTvXdQnC1xrxgkg8HSw8AUeMY1QCFnO9eN23nz45R0YvoZhL3EbGom2fq-2FXCsZ5V3jyoAwOiAbReWYx9gzif71ZYhvBGPlkz31NUkh5VmiYCvdEpeDbDT8ndTUZpvVic8pK1PdQ56LVIblWmYRcaLlxhkb-2FVXqba3TcHNXvxtNQDsVtLeXriTWCLFqCZGuWosfvrrdCHNP9hnlqKryyQe07pyMXXe1rK0VisPINg-2FCRyRKubZdq8xp24PTJJf67OVa7NQJExwoHH0SgZpE1x1NxIVxcsgI4ElphvHM4zxgmvnJI6UXT17ugLJPlhvMKAeuO4jRZITZrOquPXlRd0SWoSbaoRYW7JSS71IHyxwqosQ2mx5nJbmCwbz2ngimyYkHD20g-2B0jRCsiygM3w3ZImm7az-2Ftvi2jesrbYD1YnS8J6rzS3hdeihQOVNtY8Wwxj3WdfF0-2BDRca0TSFlxK41gRTEkax0v45UD5UuBxvxCJ5aBFEAIaWTzx-2BhPTUoJelyJbbKShDVFoLCV92dJcp2a8gBC-2FJzFIf39Bn5VADor0ZyUlCUwA6yHv3TKmz1ufuWLJEclKzC55uA0l1MJ3DCtK-2Fa9H2RXqVFE0kMnjxTTHibB4Nn3X8aIVrNJVdYxFbyd4-2FnGrTDPMzk-2FwTCCJlLxNd78Bt8JP2B-2BOKVumWRw-2BFLk-2Fp9rPmXC-2F8aC2ZoyR2kmt1LgdLHIXZL5QUQzTC-2FqIGTh8LLY92ipf-2FmUOWqK6FBFEgjllMK3Y8dXcKx1S-2B8m-2FLR0j0PPdKS94JlJKQS2wMphc4xvD5GXPFchQuBK2sOZx7EkvW4x6Y82QcseXhIyR1lEZbn0Tos-2FLCWjb6DCIDCOu1vgntw-2F3zgqH4odB0kZFFgeK1aEvicwJ8YFNxmHQlynSbp3IAvKseuUOTJVU-2FseB1lZgBAiECY6ZjMEjErAvMxPUB6J2qdiBC2Ii7nm6ourfGHliArxgY7N5OMWpdjv5qTEBynRtdwwdrnK9kwinD3F-2BlZFEPiXnIqe3S3bVIZxuuDw7i9cwS8oiKmzhiKKr3JsQx0MbWq6sdohuEhspIKi4vJI-2FpQ6tpa0dd8U27UCK4G1f9dGsM-2FHt4gkJHr-2B98sJqVNrHM6a-2F2En9IIqa2pop9UzQ81PvxeTCSg-2BtM5C68Ka6gE-2BRiORGZo1dYIbSOTNHDe7TBrLcv3zvswaHsTfAl0YXixZFqsOk-2BBgRlat6nkYrTYh6tvrH7y5Ifw-2F39NqV-2BNLrpPHy0PiUTUSdk33Fk2jn68KVKQDh4Ucl-2FoK1YpbG8Aw02ut6jCnsxziL1i9qVkONsUCS8LvVMlX7mv0YRwiyiEtZTpL2PX6fiQL1YhkyvPwUpLk4-2B0EeUX6GdFQz28LpVI81Qmexz3dayXKj0HOmjtZWP03aAsb7WekqD8bHC-2FcnwYUC3-2BLgAIPB2b3Z5GwPPE7Q2ITLI3Mr-2FQtMiBQnQF2g6LKrLCu4c2ftwhmY6AsBYz5iO1VpFVy5vXlPSdefK2YfnboeDG0GZ54UXOXLmyAjmX2aMpaVBCdbagZsWEet-2FQcjnms9FVP5RbjTq-2Br2d3s8rghEi2yBe2Ngf8KxaAO3lpipr6hMEV9yRkiVEAlC5-2FIC2SaUxWC1M-2FFMTiBo68wZ6JFMLQbBqF38gkyNB2wFNoTOOTnVW-2BZX7gmXYYCB4mb3ZSyhEsT70CwyKfvNMAbHV-2Bg2RVEdb0-2FjRk0cgHDzjEBKzhqtms6FAMT4wpHCmLRzmdGXjoGgcoHTkk0DnnpkcLdBPc9LLCMPi0ysW9NSbIn21Ca6B-2BgUnWDyv7T24ZD9lfQbzmNVUOoqZbzsCGV6Dlr1zNq8iNzsXEAjdx6SYMXgUf9Y2Gzy4a9Knb-2Fuy4JujaR16DKVQaJZZhDV1xm1yk90raQhK03FHsH76iTVof2zaxzuPyFpiPZgtgq0iQFcvMrFoBWUcJXYZd9Mt92I6Tk8P1M1OFMUmxY8-2Faw8Jk2kJPGDWu37R2IqWIxLAO4II40ON-2BzHM5KVyPVpIqqFnO9-2F74-2FAQETc48Yd1jiZa-2F8o1Magnyf3n0JKQxzWcurFLz7MZaie5mI7cHCKX4WKLnYpWW4lRMLHoKqe82VJDFK17zh-2Fh6uLQqprrNVOEHuSrGWr2xLw82nKYtEQXfEp9qYt7t8lcBtzkyBISdpTlfiw5tDbZuXvb3X7VNTx1YFLXtlzOrEHvjMCI0UAedIMkc-2BxDlgarRgevuEFRVa1wPl8jnwPLtsLtTgi8k9fLmncsLNgL9gDQvfSVtXbnPxEHBQ7pAKM8clK3FA4dUHu-2Fyss-2FWmHIYjrIO34Rgz46-2BaMvWLmuoh-2BzOtd1OjQctjdRFFNC5mcg-2Bly1M-2BOkcKtmo2ntrVl6YNklh2HRW3cSHADhHBz6v2uQ5xShaCyIxoa-2FaqhOHF0HuplYpgAZm6o6BFPT1Hqhk-2BvKYN9tBdjhVk0OnZvk7hwkIzOzsNZlMIRVWz6JBeeCovZ-2FO4Y214j53BtTk0YkAgpP7n7Kx3GBe6oE2MuzEUhqYve2NcKSyJhOlcOCcYGZes4nxIfPxn5Uo-2BjCeQzZxLVlmo1Ox8H4VWtVhxB5fqUdSB-2FGiyedr7Vy7L5U84KN5PxVNA2aMU5RjSdu3MEMAM4osqOiy7F39pVIaY7kJCHxrJ05BNXkqgsA3PAHCKP06OUY-2FR8uEVkQpR0rUHZ1gNRsKEl3hKyoMZ20cRXQEOYAiuQLPtuJ6vvZ1GPdckW3t5aox0Nbb5d1PdIXy0EZ-2FaYEhn4SNP8mIWred8xZ7WmjExunRPfRtgAuOEtFABXH7BkObJl6GloBxik1viCUZVEiTCE2ThxUw5vAEH6a1H-2FKteN9Lj6ErMP4nKh0-2BUqWNELfnGxHwZ85VWiKkAlrZgfMAfQCP6aIGZrX0aCkCgxch0sg9oPW-2FWrma-2FZrpMsr5-2FB6Fu2gDx-2FRSA8bT40H-2BMDmisJp31u39j4lp5xnwc00Um7kr5rm82J9W-2B7froolWWthQfbhDkFZgA4nIt9PS9DTw-2BYEe-2BZMY5TlTbni8D1rATBaqioX2eLJOuWXuddmBzq8hgR92f39nr10arzjYRr8UZTdwxzEw6zsP7QJvf2fbYBKpp4mnw4Yv8-2F6BDOzwilPqfmc4707MyvLZsZ63qdmupAoPgptZiqPp140PzoZ8Ss-2FggLKVrNnNLv0QDt1MoI9bz-2BiWqcTUrj0XrjAXHJ0lzOozHP-2FIksl20JTU39gJXCqXsCSrbWt67XSVGP6QWRo3W8E-2BHJ7uEvPesQPdQH4nEZ0B-2FX7XRSExss5T3i8xQOjIv-2BoMVQ-3D-3D HTTP 302
https://taxpayer.safesendreturns.com/Delegatee/Login/wcjd4qfhqy3m3d8t613ux4zh2380w000 Page URL
https://taxpayer.safesendreturns.com/Delegatee/wcjd4qfhqy3m3d8t613ux4zh2380w000 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://ssr.safesendreturns.com/ls/click?upn=Gjmz1-2FQHSAn3iY3yWqHE-2BYKnfFtdorAyNwop58tB2l-2FD-2Bd98d7Xgf-2BRb64l1tJ1E42upIlrUE1XRdreULdSoHNETIy9YG-2BVlCnhjLnbrMcHL0uheXKmkSXh1eZQo3F0i7YML_ZtyLTlYa78bQffWNrIlGC1D-2B7jmrlzopx5NPR5wcJN-2BTaOID-2Ba4x-2F0RZ1v72lyapbyfb2FcdPRo8b0grzVqInVIk3VIW57TqSMNpwGwQdQ6At-2Bl4YWQuHBYFJRqMectC1JLK-2B0uOaBOE76ObODx5bA8NCXYTRwIHhbt8ya-2B4Z8oScm6qSvafPR-2B-2FkqkNP82ARzbO6s3Lj6SQoFG0y7wZdqqePAIi6L8WJ8dfqWaW4jKA3T-2B6Ll0BXbTZMZLfJ8Bu40v65GlX6D-2B4agCbr2FPzSU-2Fwc-2BAaoaAPmemYIIcXsgoSQPvTvXdQnC1xrxgkg8HSw8AUeMY1QCFnO9eN23nz45R0YvoZhL3EbGom2fq-2FXCsZ5V3jyoAwOiAbReWYx9gzif71ZYhvBGPlkz31NUkh5VmiYCvdEpeDbDT8ndTUZpvVic8pK1PdQ56LVIblWmYRcaLlxhkb-2FVXqba3TcHNXvxtNQDsVtLeXriTWCLFqCZGuWosfvrrdCHNP9hnlqKryyQe07pyMXXe1rK0VisPINg-2FCRyRKubZdq8xp24PTJJf67OVa7NQJExwoHH0SgZpE1x1NxIVxcsgI4ElphvHM4zxgmvnJI6UXT17ugLJPlhvMKAeuO4jRZITZrOquPXlRd0SWoSbaoRYW7JSS71IHyxwqosQ2mx5nJbmCwbz2ngimyYkHD20g-2B0jRCsiygM3w3ZImm7az-2Ftvi2jesrbYD1YnS8J6rzS3hdeihQOVNtY8Wwxj3WdfF0-2BDRca0TSFlxK41gRTEkax0v45UD5UuBxvxCJ5aBFEAIaWTzx-2BhPTUoJelyJbbKShDVFoLCV92dJcp2a8gBC-2FJzFIf39Bn5VADor0ZyUlCUwA6yHv3TKmz1ufuWLJEclKzC55uA0l1MJ3DCtK-2Fa9H2RXqVFE0kMnjxTTHibB4Nn3X8aIVrNJVdYxFbyd4-2FnGrTDPMzk-2FwTCCJlLxNd78Bt8JP2B-2BOKVumWRw-2BFLk-2Fp9rPmXC-2F8aC2ZoyR2kmt1LgdLHIXZL5QUQzTC-2FqIGTh8LLY92ipf-2FmUOWqK6FBFEgjllMK3Y8dXcKx1S-2B8m-2FLR0j0PPdKS94JlJKQS2wMphc4xvD5GXPFchQuBK2sOZx7EkvW4x6Y82QcseXhIyR1lEZbn0Tos-2FLCWjb6DCIDCOu1vgntw-2F3zgqH4odB0kZFFgeK1aEvicwJ8YFNxmHQlynSbp3IAvKseuUOTJVU-2FseB1lZgBAiECY6ZjMEjErAvMxPUB6J2qdiBC2Ii7nm6ourfGHliArxgY7N5OMWpdjv5qTEBynRtdwwdrnK9kwinD3F-2BlZFEPiXnIqe3S3bVIZxuuDw7i9cwS8oiKmzhiKKr3JsQx0MbWq6sdohuEhspIKi4vJI-2FpQ6tpa0dd8U27UCK4G1f9dGsM-2FHt4gkJHr-2B98sJqVNrHM6a-2F2En9IIqa2pop9UzQ81PvxeTCSg-2BtM5C68Ka6gE-2BRiORGZo1dYIbSOTNHDe7TBrLcv3zvswaHsTfAl0YXixZFqsOk-2BBgRlat6nkYrTYh6tvrH7y5Ifw-2F39NqV-2BNLrpPHy0PiUTUSdk33Fk2jn68KVKQDh4Ucl-2FoK1YpbG8Aw02ut6jCnsxziL1i9qVkONsUCS8LvVMlX7mv0YRwiyiEtZTpL2PX6fiQL1YhkyvPwUpLk4-2B0EeUX6GdFQz28LpVI81Qmexz3dayXKj0HOmjtZWP03aAsb7WekqD8bHC-2FcnwYUC3-2BLgAIPB2b3Z5GwPPE7Q2ITLI3Mr-2FQtMiBQnQF2g6LKrLCu4c2ftwhmY6AsBYz5iO1VpFVy5vXlPSdefK2YfnboeDG0GZ54UXOXLmyAjmX2aMpaVBCdbagZsWEet-2FQcjnms9FVP5RbjTq-2Br2d3s8rghEi2yBe2Ngf8KxaAO3lpipr6hMEV9yRkiVEAlC5-2FIC2SaUxWC1M-2FFMTiBo68wZ6JFMLQbBqF38gkyNB2wFNoTOOTnVW-2BZX7gmXYYCB4mb3ZSyhEsT70CwyKfvNMAbHV-2Bg2RVEdb0-2FjRk0cgHDzjEBKzhqtms6FAMT4wpHCmLRzmdGXjoGgcoHTkk0DnnpkcLdBPc9LLCMPi0ysW9NSbIn21Ca6B-2BgUnWDyv7T24ZD9lfQbzmNVUOoqZbzsCGV6Dlr1zNq8iNzsXEAjdx6SYMXgUf9Y2Gzy4a9Knb-2Fuy4JujaR16DKVQaJZZhDV1xm1yk90raQhK03FHsH76iTVof2zaxzuPyFpiPZgtgq0iQFcvMrFoBWUcJXYZd9Mt92I6Tk8P1M1OFMUmxY8-2Faw8Jk2kJPGDWu37R2IqWIxLAO4II40ON-2BzHM5KVyPVpIqqFnO9-2F74-2FAQETc48Yd1jiZa-2F8o1Magnyf3n0JKQxzWcurFLz7MZaie5mI7cHCKX4WKLnYpWW4lRMLHoKqe82VJDFK17zh-2Fh6uLQqprrNVOEHuSrGWr2xLw82nKYtEQXfEp9qYt7t8lcBtzkyBISdpTlfiw5tDbZuXvb3X7VNTx1YFLXtlzOrEHvjMCI0UAedIMkc-2BxDlgarRgevuEFRVa1wPl8jnwPLtsLtTgi8k9fLmncsLNgL9gDQvfSVtXbnPxEHBQ7pAKM8clK3FA4dUHu-2Fyss-2FWmHIYjrIO34Rgz46-2BaMvWLmuoh-2BzOtd1OjQctjdRFFNC5mcg-2Bly1M-2BOkcKtmo2ntrVl6YNklh2HRW3cSHADhHBz6v2uQ5xShaCyIxoa-2FaqhOHF0HuplYpgAZm6o6BFPT1Hqhk-2BvKYN9tBdjhVk0OnZvk7hwkIzOzsNZlMIRVWz6JBeeCovZ-2FO4Y214j53BtTk0YkAgpP7n7Kx3GBe6oE2MuzEUhqYve2NcKSyJhOlcOCcYGZes4nxIfPxn5Uo-2BjCeQzZxLVlmo1Ox8H4VWtVhxB5fqUdSB-2FGiyedr7Vy7L5U84KN5PxVNA2aMU5RjSdu3MEMAM4osqOiy7F39pVIaY7kJCHxrJ05BNXkqgsA3PAHCKP06OUY-2FR8uEVkQpR0rUHZ1gNRsKEl3hKyoMZ20cRXQEOYAiuQLPtuJ6vvZ1GPdckW3t5aox0Nbb5d1PdIXy0EZ-2FaYEhn4SNP8mIWred8xZ7WmjExunRPfRtgAuOEtFABXH7BkObJl6GloBxik1viCUZVEiTCE2ThxUw5vAEH6a1H-2FKteN9Lj6ErMP4nKh0-2BUqWNELfnGxHwZ85VWiKkAlrZgfMAfQCP6aIGZrX0aCkCgxch0sg9oPW-2FWrma-2FZrpMsr5-2FB6Fu2gDx-2FRSA8bT40H-2BMDmisJp31u39j4lp5xnwc00Um7kr5rm82J9W-2B7froolWWthQfbhDkFZgA4nIt9PS9DTw-2BYEe-2BZMY5TlTbni8D1rATBaqioX2eLJOuWXuddmBzq8hgR92f39nr10arzjYRr8UZTdwxzEw6zsP7QJvf2fbYBKpp4mnw4Yv8-2F6BDOzwilPqfmc4707MyvLZsZ63qdmupAoPgptZiqPp140PzoZ8Ss-2FggLKVrNnNLv0QDt1MoI9bz-2BiWqcTUrj0XrjAXHJ0lzOozHP-2FIksl20JTU39gJXCqXsCSrbWt67XSVGP6QWRo3W8E-2BHJ7uEvPesQPdQH4nEZ0B-2FX7XRSExss5T3i8xQOjIv-2BoMVQ-3D-3D HTTP 302
https://taxpayer.safesendreturns.com/Delegatee/Login/wcjd4qfhqy3m3d8t613ux4zh2380w000

65 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

wcjd4qfhqy3m3d8t613ux4zh2380w000 Show response
taxpayer.safesendreturns.com/Delegatee/Login/
Redirect Chain

https://ssr.safesendreturns.com/ls/click?upn=Gjmz1-2FQHSAn3iY3yWqHE-2BYKnfFtdorAyNwop58tB2l-2FD-2Bd98d7Xgf-2BRb64l1tJ1E42upIlrUE1XRdreULdSoHNETIy9YG-2BVlCnhjLnbrMcHL0uheXKmkSXh1eZQo3F0i7YML_ZtyLTlY...
https://taxpayer.safesendreturns.com/Delegatee/Login/wcjd4qfhqy3m3d8t613ux4zh2380w000

3 KB
2 KB

444ms
130ms

Document
text/html

52.182.227.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://taxpayer.safesendreturns.com/Delegatee/Login/wcjd4qfhqy3m3d8t613ux4zh2380w000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8d56e6f68ba29c117cf24b90f3d5c669ca443f7dcdb40bca85cd826f0d2defe9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1754
Content-Type: text/html
Date: Mon, 01 May 2023 14:10:19 GMT
ETag: "03af624a7ad91:0"
Last-Modified: Sat, 29 Apr 2023 03:23:48 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-Powered-By: ASP.NET

Redirect headers

Connection: keep-alive
Content-Length: 108
Content-Type: text/html; charset=utf-8
Date: Mon, 01 May 2023 14:10:18 GMT
Location: https://taxpayer.safesendreturns.com/Delegatee/Login/wcjd4qfhqy3m3d8t613ux4zh2380w000
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H2 200 css2
fonts.googleapis.com/ 27 KB
2 KB 44ms
20ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=IBM+Plex+Mono:wght@400;700&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto&display=swap

Requested by

Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/Delegatee/Login/wcjd4qfhqy3m3d8t613ux4zh2380w000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a967e70335ecab726a3991cd662bba59647d3764674cac9876810a006cebd845

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://taxpayer.safesendreturns.com/
Origin: https://taxpayer.safesendreturns.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 01 May 2023 14:10:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:10:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 May 2023 14:10:19 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.3/css/ 52 KB
12 KB 63ms
19ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by: Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/Delegatee/Login/wcjd4qfhqy3m3d8t613ux4zh2380w000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Referer: https://taxpayer.safesendreturns.com/
Origin: https://taxpayer.safesendreturns.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 14:10:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 6H0MCYYYQ5DN517R
age: 345967
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: M3n25USLECf8M4NwLa3f3hJvfqPsShIORNNtRt84DtVhS0xdhMIr/pmx/UQ7LRlMpeNPQ5UCPsA=
last-modified: Wed, 30 Jun 2021 15:44:33 GMT
server: cloudflare
etag: W/"dc93d584e41f8417f6b7163320d34329"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YyQQnK%2B97FWZrcZ71dYsInOYjA%2BWTxLGsO%2BWLo4KgHsqKwu5jiF7Nu0oglv5DApC8C5O3v6uoHCTHcsV9w7IrkBatrqOJ9YTs014UHUBcfE75HI1Mt3WxiQBeTo52OSNr2BUTEkpGBWDIvq9qXy5Y5x9"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7c089b769cb79960-FRA

GET
H/1.1 200
OK 2.45679bfc.chunk.css
taxpayer.safesendreturns.com/static/css/ 352 KB
49 KB 256ms
254ms Stylesheet
text/css 52.182.227.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://taxpayer.safesendreturns.com/static/css/2.45679bfc.chunk.css
Requested by: Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/Delegatee/Login/wcjd4qfhqy3m3d8t613ux4zh2380w000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: af8c9a757e88b54d2cba14979beb2d254ffcbb006224cf8f79bba0e7dafc3cad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxpayer.safesendreturns.com/Delegatee/Login/wcjd4qfhqy3m3d8t613ux4zh2380w000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 01 May 2023 14:10:19 GMT
Content-Encoding: gzip
Last-Modified: Sat, 29 Apr 2023 03:23:48 GMT
Server: Microsoft-IIS/10.0
ETag: "03af624a7ad91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49989

GET
H/1.1 200
OK main.c9e412b2.chunk.css
taxpayer.safesendreturns.com/static/css/ 75 KB
16 KB 520ms
268ms Stylesheet
text/css 52.182.227.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://taxpayer.safesendreturns.com/static/css/main.c9e412b2.chunk.css
Requested by: Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/Delegatee/Login/wcjd4qfhqy3m3d8t613ux4zh2380w000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fb73601061ee2ea4141d53a72fcab6c3a62cd3800e1960c43d8f6c27e894906a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxpayer.safesendreturns.com/Delegatee/Login/wcjd4qfhqy3m3d8t613ux4zh2380w000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 01 May 2023 14:10:19 GMT
Content-Encoding: gzip
Last-Modified: Sat, 29 Apr 2023 03:23:48 GMT
Server: Microsoft-IIS/10.0
ETag: "03af624a7ad91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16161

GET
H/1.1 200
OK 2.529bbe0a.chunk.js Show response
taxpayer.safesendreturns.com/static/js/ 6 MB
1 MB 549ms
295ms Script
application/x-javascript 52.182.227.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://taxpayer.safesendreturns.com/static/js/2.529bbe0a.chunk.js
Requested by: Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/Delegatee/Login/wcjd4qfhqy3m3d8t613ux4zh2380w000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6998deab81740fc56c94da25c0fb79631dc64cd8efcc8416b94d1a2bc01699ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxpayer.safesendreturns.com/Delegatee/Login/wcjd4qfhqy3m3d8t613ux4zh2380w000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 01 May 2023 14:10:19 GMT
Content-Encoding: gzip
Last-Modified: Sat, 29 Apr 2023 03:23:48 GMT
Server: Microsoft-IIS/10.0
ETag: "03af624a7ad91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1508688

GET
H/1.1 200
OK main.517a7283.chunk.js Show response
taxpayer.safesendreturns.com/static/js/ 2 MB
395 KB 529ms
273ms Script
application/x-javascript 52.182.227.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://taxpayer.safesendreturns.com/static/js/main.517a7283.chunk.js
Requested by: Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/Delegatee/Login/wcjd4qfhqy3m3d8t613ux4zh2380w000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3cde0d86e8f5e2f1773eb822b04c4de9b27a6a6f3bdc0e4df01205e7f3206b03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxpayer.safesendreturns.com/Delegatee/Login/wcjd4qfhqy3m3d8t613ux4zh2380w000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 01 May 2023 14:10:19 GMT
Content-Encoding: gzip
Last-Modified: Sat, 29 Apr 2023 03:23:48 GMT
Server: Microsoft-IIS/10.0
ETag: "03af624a7ad91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 404215

GET
H2 200 i
sp.tinymce.com/ 43 B
377 B 93ms
16ms Image
image/gif 54.230.206.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.tinymce.com/i?aid=uivgzp3qbb9flaej7rn4qyryyzu6iskcwyis6cwl2jmkboxk&tna=tinymce_cloud&p=web&dtm=1682950220584&stm=1682950220585&tz=Etc%2FUnknown&e=se&se_ca=script_load&eid=caca89a2-36bd-4117-aa8c-3580528bae3e&fp=none&tv=js-2.6.1
Requested by: Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/Delegatee/Login/wcjd4qfhqy3m3d8t613ux4zh2380w000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.206.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-206-81.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxpayer.safesendreturns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 05:35:33 GMT
via: 1.1 6bf6848b0a526667291cc03dfcf8febe.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2017 05:55:26 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C3
age: 30888
etag: "fb02f374b8f73825415db1bccd4bd76d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 43
x-amz-cf-id: sT-VzPsVh79c0-WRqhe0n01kjNZd7VFzdTb-ZtKRCAgc7M3oTiELIg==

GET
H2 200 v3 Show response
js.stripe.com/ 473 KB
114 KB 100ms
17ms Script
text/javascript 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/static/js/2.529bbe0a.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

2c4f8d66c9bae8c9f00d858fd7192dffcb5f86c4f2775a3abb1ac6143347b460

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxpayer.safesendreturns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 01 May 2023 14:10:07 GMT
via: 1.1 6c22fb0e883db3123ae98d8d72cdaf76.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 17
x-cache: Hit from cloudfront
last-modified: Sun, 30 Apr 2023 10:53:47 GMT
server: Cloudfront
etag: W/"e0c2fcb6f1be2cfafacb1bed780a0f67"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: 6kjFsnyqWxRHhNEg7b8TewjV7Uol_0Pq9eWohKVm6ZIWF_jGbdvclg==

OPTIONS
H/1.1 204
No Content wcjd4qfhqy3m3d8t613ux4zh2380w000
ssr-taxpayer-api.safesendreturns.com/Delegatee/Login/ Frame 0
0 525ms
202ms Preflight 52.182.227.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssr-taxpayer-api.safesendreturns.com/Delegatee/Login/wcjd4qfhqy3m3d8t613ux4zh2380w000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: controller-guid,traceparent
Access-Control-Request-Method: GET
Origin: https://taxpayer.safesendreturns.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: controller-guid,traceparent
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://taxpayer.safesendreturns.com
Connection: keep-alive
Date: Mon, 01 May 2023 14:10:21 GMT
Request-Context: appId=cid-v1:df617754-ff6f-4604-a453-fa684097b92f
Server: Kestrel
Vary: Origin

GET
H/1.1 200
OK wcjd4qfhqy3m3d8t613ux4zh2380w000
ssr-taxpayer-api.safesendreturns.com/Delegatee/Login/ 43 B
534 B 373ms
128ms XHR
text/plain 52.182.227.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssr-taxpayer-api.safesendreturns.com/Delegatee/Login/wcjd4qfhqy3m3d8t613ux4zh2380w000
Requested by: Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/static/js/2.529bbe0a.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Accept: application/json, text/plain, */*
Referer: https://taxpayer.safesendreturns.com/
CONTROLLER-GUID
traceparent: 00-90f2175fb38e4136bdd7937ee01d37bb-a3faf6697f914fe7-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 01 May 2023 14:10:21 GMT
Content-Encoding: gzip
Server: Kestrel
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://taxpayer.safesendreturns.com
Access-Control-Expose-Headers: Content-Disposition
Access-Control-Allow-Credentials: true
Connection: keep-alive
Request-Context: appId=cid-v1:df617754-ff6f-4604-a453-fa684097b92f

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 6A97 200 B
1 KB 16ms
16ms Document
text/html 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://taxpayer.safesendreturns.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1638
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 01 May 2023 14:10:10 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Thu, 20 Apr 2023 20:13:02 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 6c22fb0e883db3123ae98d8d72cdaf76.cloudfront.net (CloudFront)
x-amz-cf-id: 4RHJbtow-Ow5F_f_WbqC9DN161grcHg9sf1_K5_HoP0e9CC1Hlxfug==
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 6A97 0
715 B 564ms
182ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/Delegatee/Login/wcjd4qfhqy3m3d8t613ux4zh2380w000

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 01 May 2023 14:10:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682950221508242
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682950221508001
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 6A97 0
714 B 566ms
184ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/Delegatee/Login/wcjd4qfhqy3m3d8t613ux4zh2380w000

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 01 May 2023 14:10:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682950221508609
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682950221508048
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6A97 631 B
1 KB 16ms
15ms Script
text/javascript 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Mon, 01 May 2023 13:44:50 GMT
x-content-type-options: nosniff
via: 1.1 6c22fb0e883db3123ae98d8d72cdaf76.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 1532
x-cache: Hit from cloudfront
content-length: 631
last-modified: Mon, 17 Apr 2023 21:23:27 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Cv6YwR-XfNQKf5Q1AOCdEyD39afqBbQzyVd838xJm6JmDfgd8fpkGw==

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 132ms
16ms Preflight 13.69.106.215
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://taxpayer.safesendreturns.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Mon, 01 May 2023 14:10:20 GMT
x-content-type-options: nosniff

POST
H2 400 track Show response
dc.services.visualstudio.com/v2/ 186 B
371 B 38ms
38ms XHR
application/json 13.69.106.215
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/static/js/2.529bbe0a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

43f9cea186c6a97cf28dc6183d6f81e945bc8aada8bb2a77042d9c9e4423d067

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://taxpayer.safesendreturns.com/
accept-language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: ABABA60A-C10E-48AB-8541-1637F916710B
strict-transport-security: max-age=31536000
date: Mon, 01 May 2023 14:10:20 GMT
x-content-type-options: nosniff
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 186

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 3F6B 930 B
2 KB 81ms
17ms Document
text/html 2600:9000:2070:fa00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2070:fa00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 274
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 01 May 2023 14:05:49 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 64003b022bc3cc2e877f218eb451e376.cloudfront.net (CloudFront)
x-amz-cf-id: mQq8_vDBkt-3FyJfhxXJkO_yI52J2-voLryCJ0LRKYbdnRRDuFXkvg==
x-amz-cf-pop: HAM50-C3
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 3F6B 0
488 B 461ms
183ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/Delegatee/Login/wcjd4qfhqy3m3d8t613ux4zh2380w000

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 01 May 2023 14:10:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682950221508924
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1682950221508092
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 3F6B 86 KB
16 KB 19ms
19ms Script
text/javascript 2600:9000:2070:fa00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2070:fa00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 01 May 2023 14:10:21 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 64003b022bc3cc2e877f218eb451e376.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 1
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: WzUSRlHImsUjuMc_b8n9oy35VyItGy_SWJTrbjeXhV1QIsIYziOeWg==

POST
H2 200 6
m.stripe.com/ Frame 3F6B 156 B
670 B 573ms
198ms XHR
application/json 54.148.101.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.148.101.195 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-101-195.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 01 May 2023 14:10:21 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682950221676387
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 15
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1682950221675536
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 400 track
dc.services.visualstudio.com/v2/ 186 B
253 B 31ms
30ms Fetch
application/json 13.69.106.215
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/static/js/2.529bbe0a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://taxpayer.safesendreturns.com/
accept-language: de-DE,de;q=0.9
sdk-context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

x-ms-session-id: D4B4E2ED-4E2F-4C0D-8E70-6127391EDAAB
strict-transport-security: max-age=31536000
date: Mon, 01 May 2023 14:10:21 GMT
x-content-type-options: nosniff
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 186

GET
H/1.1 200
OK Primary Request wcjd4qfhqy3m3d8t613ux4zh2380w000 Show response
taxpayer.safesendreturns.com/Delegatee/ 3 KB
2 KB 138ms
137ms Document
text/html 52.182.227.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://taxpayer.safesendreturns.com/Delegatee/wcjd4qfhqy3m3d8t613ux4zh2380w000
Requested by: Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/static/js/main.517a7283.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8d56e6f68ba29c117cf24b90f3d5c669ca443f7dcdb40bca85cd826f0d2defe9

Request headers

Referer: https://taxpayer.safesendreturns.com/Delegatee/Login/wcjd4qfhqy3m3d8t613ux4zh2380w000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1754
Content-Type: text/html
Date: Mon, 01 May 2023 14:10:22 GMT
ETag: "03af624a7ad91:0"
Last-Modified: Sat, 29 Apr 2023 03:23:48 GMT
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-Powered-By: ASP.NET

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 15ms
15ms Preflight 13.69.106.215
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://taxpayer.safesendreturns.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Mon, 01 May 2023 14:10:21 GMT
x-content-type-options: nosniff

GET
H2 200 css2
fonts.googleapis.com/ 27 KB
1 KB 29ms
22ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/Delegatee/wcjd4qfhqy3m3d8t613ux4zh2380w000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a967e70335ecab726a3991cd662bba59647d3764674cac9876810a006cebd845

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://taxpayer.safesendreturns.com/
Origin: https://taxpayer.safesendreturns.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 01 May 2023 14:10:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 01 May 2023 14:10:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 May 2023 14:10:22 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.3/css/ 52 KB
12 KB 26ms
21ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by: Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/Delegatee/wcjd4qfhqy3m3d8t613ux4zh2380w000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Referer: https://taxpayer.safesendreturns.com/
Origin: https://taxpayer.safesendreturns.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 14:10:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 6H0MCYYYQ5DN517R
age: 345970
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: M3n25USLECf8M4NwLa3f3hJvfqPsShIORNNtRt84DtVhS0xdhMIr/pmx/UQ7LRlMpeNPQ5UCPsA=
last-modified: Wed, 30 Jun 2021 15:44:33 GMT
server: cloudflare
etag: W/"dc93d584e41f8417f6b7163320d34329"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xAv%2Fdit4lYMpMqIEafySPJ70HANoRJ%2BH7Sdtm60quQnJzpOyZboQSYNnuCqIBE8bAoWyKDcob6IILwgdetqayG9pWzAPAOcS0iAFX52L0mFO1R8%2FtlHNnStM5ve4zcChA8IGJFxBTVBTJb1v4SMA1jHi"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7c089b8b58099960-FRA

GET
H/1.1 200
OK 2.45679bfc.chunk.css
taxpayer.safesendreturns.com/static/css/ 352 KB
49 KB 143ms
139ms Stylesheet
text/css 52.182.227.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://taxpayer.safesendreturns.com/static/css/2.45679bfc.chunk.css
Requested by: Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/Delegatee/wcjd4qfhqy3m3d8t613ux4zh2380w000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: af8c9a757e88b54d2cba14979beb2d254ffcbb006224cf8f79bba0e7dafc3cad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxpayer.safesendreturns.com/Delegatee/wcjd4qfhqy3m3d8t613ux4zh2380w000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 01 May 2023 14:10:22 GMT
Content-Encoding: gzip
Last-Modified: Sat, 29 Apr 2023 03:23:48 GMT
Server: Microsoft-IIS/10.0
ETag: "03af624a7ad91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49989

GET
H/1.1 200
OK main.c9e412b2.chunk.css
taxpayer.safesendreturns.com/static/css/ 75 KB
16 KB 267ms
263ms Stylesheet
text/css 52.182.227.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://taxpayer.safesendreturns.com/static/css/main.c9e412b2.chunk.css
Requested by: Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/Delegatee/wcjd4qfhqy3m3d8t613ux4zh2380w000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: fb73601061ee2ea4141d53a72fcab6c3a62cd3800e1960c43d8f6c27e894906a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxpayer.safesendreturns.com/Delegatee/wcjd4qfhqy3m3d8t613ux4zh2380w000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 01 May 2023 14:10:22 GMT
Content-Encoding: gzip
Last-Modified: Sat, 29 Apr 2023 03:23:48 GMT
Server: Microsoft-IIS/10.0
ETag: "03af624a7ad91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16161

GET
H/1.1 200
OK 2.529bbe0a.chunk.js Show response
taxpayer.safesendreturns.com/static/js/ 6 MB
1 MB 662ms
659ms Script
application/x-javascript 52.182.227.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://taxpayer.safesendreturns.com/static/js/2.529bbe0a.chunk.js
Requested by: Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/Delegatee/wcjd4qfhqy3m3d8t613ux4zh2380w000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6998deab81740fc56c94da25c0fb79631dc64cd8efcc8416b94d1a2bc01699ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxpayer.safesendreturns.com/Delegatee/wcjd4qfhqy3m3d8t613ux4zh2380w000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 01 May 2023 14:10:23 GMT
Content-Encoding: gzip
Last-Modified: Sat, 29 Apr 2023 03:23:48 GMT
Server: Microsoft-IIS/10.0
ETag: "03af624a7ad91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1508688

GET
H/1.1 200
OK main.517a7283.chunk.js Show response
taxpayer.safesendreturns.com/static/js/ 2 MB
395 KB 257ms
254ms Script
application/x-javascript 52.182.227.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://taxpayer.safesendreturns.com/static/js/main.517a7283.chunk.js
Requested by: Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/Delegatee/wcjd4qfhqy3m3d8t613ux4zh2380w000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3cde0d86e8f5e2f1773eb822b04c4de9b27a6a6f3bdc0e4df01205e7f3206b03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxpayer.safesendreturns.com/Delegatee/wcjd4qfhqy3m3d8t613ux4zh2380w000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 01 May 2023 14:10:22 GMT
Content-Encoding: gzip
Last-Modified: Sat, 29 Apr 2023 03:23:48 GMT
Server: Microsoft-IIS/10.0
ETag: "03af624a7ad91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 404215

OPTIONS
H/1.1 204
No Content wcjd4qfhqy3m3d8t613ux4zh2380w000
ssr-taxpayer-api.safesendreturns.com/api/ApplicationInsight/BasicDetails/ Frame 0
0 125ms
125ms Preflight 52.182.227.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssr-taxpayer-api.safesendreturns.com/api/ApplicationInsight/BasicDetails/wcjd4qfhqy3m3d8t613ux4zh2380w000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: controller-guid,traceparent
Access-Control-Request-Method: GET
Origin: https://taxpayer.safesendreturns.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: controller-guid,traceparent
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://taxpayer.safesendreturns.com
Connection: keep-alive
Date: Mon, 01 May 2023 14:10:24 GMT
Request-Context: appId=cid-v1:df617754-ff6f-4604-a453-fa684097b92f
Server: Kestrel
Vary: Origin

GET
H2 200 i
sp.tinymce.com/ 43 B
378 B 17ms
16ms Image
image/gif 54.230.206.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp.tinymce.com/i?aid=uivgzp3qbb9flaej7rn4qyryyzu6iskcwyis6cwl2jmkboxk&tna=tinymce_cloud&p=web&dtm=1682950224030&stm=1682950224030&tz=Etc%2FUnknown&e=se&se_ca=script_load&eid=2e0a8d75-b9a5-4fe2-8f46-1390a5fa9220&fp=none&tv=js-2.6.1
Requested by: Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/Delegatee/wcjd4qfhqy3m3d8t613ux4zh2380w000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.206.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-206-81.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxpayer.safesendreturns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 05:35:33 GMT
via: 1.1 6bf6848b0a526667291cc03dfcf8febe.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2017 05:55:26 GMT
server: AmazonS3
x-amz-cf-pop: HAM50-C3
age: 30892
etag: "fb02f374b8f73825415db1bccd4bd76d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 43
x-amz-cf-id: vlV95JYZSkjlDXspJgx8Os5OEAC2XTdWXQ8kfge76NDX1EmH3TdOJg==

GET
H2 200 v3 Show response
js.stripe.com/ 473 KB
114 KB 16ms
15ms Script
text/javascript 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/static/js/2.529bbe0a.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

2c4f8d66c9bae8c9f00d858fd7192dffcb5f86c4f2775a3abb1ac6143347b460

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxpayer.safesendreturns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 01 May 2023 14:10:14 GMT
via: 1.1 6c22fb0e883db3123ae98d8d72cdaf76.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 11
x-cache: Hit from cloudfront
last-modified: Sun, 30 Apr 2023 10:52:59 GMT
server: Cloudfront
etag: W/"e0c2fcb6f1be2cfafacb1bed780a0f67"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: uO6wHb8c-Wqs3GePeY7khsoKGkFSLqvBuiH_gJbT1AO2tIVZXnqA5g==

GET
H/1.1 200
OK wcjd4qfhqy3m3d8t613ux4zh2380w000 Show response
ssr-taxpayer-api.safesendreturns.com/api/ApplicationInsight/BasicDetails/ 195 B
628 B 130ms
130ms XHR
application/json 52.182.227.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssr-taxpayer-api.safesendreturns.com/api/ApplicationInsight/BasicDetails/wcjd4qfhqy3m3d8t613ux4zh2380w000
Requested by: Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/static/js/2.529bbe0a.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: bbe3a8a5d5a470625cc3fea92f024d6b839a4b7a44448f521e79340e169cc4e4

Request headers

Accept: application/json, text/plain, */*
Referer: https://taxpayer.safesendreturns.com/
CONTROLLER-GUID
traceparent: 00-eefee8476ae8402482f2965ad6a4afcf-972302e70645408a-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 01 May 2023 14:10:24 GMT
Content-Encoding: gzip
Server: Kestrel
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://taxpayer.safesendreturns.com
Access-Control-Expose-Headers: Content-Disposition
Access-Control-Allow-Credentials: true
Connection: keep-alive
Request-Context: appId=cid-v1:df617754-ff6f-4604-a453-fa684097b92f

GET
H/1.1 200
OK wcjd4qfhqy3m3d8t613ux4zh2380w000 Show response
ssr-taxpayer-api.safesendreturns.com/api/Delegatee/ 35 B
526 B 132ms
132ms XHR
application/json 52.182.227.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssr-taxpayer-api.safesendreturns.com/api/Delegatee/wcjd4qfhqy3m3d8t613ux4zh2380w000
Requested by: Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/static/js/2.529bbe0a.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 3896fe0343b53ad9f9afb0fdeaa82eadf7d7b9a07d5f14730d6d253b2597b0c2

Request headers

Accept: application/json, text/plain, */*
Referer: https://taxpayer.safesendreturns.com/
CONTROLLER-GUID
traceparent: 00-eefee8476ae8402482f2965ad6a4afcf-dbe059a3cd8e4714-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 01 May 2023 14:10:24 GMT
Content-Encoding: gzip
Server: Kestrel
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://taxpayer.safesendreturns.com
Access-Control-Expose-Headers: Content-Disposition
Access-Control-Allow-Credentials: true
Connection: keep-alive
Request-Context: appId=cid-v1:df617754-ff6f-4604-a453-fa684097b92f

OPTIONS
H/1.1 204
No Content wcjd4qfhqy3m3d8t613ux4zh2380w000
ssr-taxpayer-api.safesendreturns.com/api/Delegatee/ Frame 0
0 263ms
138ms Preflight 52.182.227.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssr-taxpayer-api.safesendreturns.com/api/Delegatee/wcjd4qfhqy3m3d8t613ux4zh2380w000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: controller-guid,traceparent
Access-Control-Request-Method: GET
Origin: https://taxpayer.safesendreturns.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: controller-guid,traceparent
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://taxpayer.safesendreturns.com
Connection: keep-alive
Date: Mon, 01 May 2023 14:10:24 GMT
Request-Context: appId=cid-v1:df617754-ff6f-4604-a453-fa684097b92f
Server: Kestrel
Vary: Origin

GET
H/1.1 200
OK wcjd4qfhqy3m3d8t613ux4zh2380w000 Show response
ssr-taxpayer-api.safesendreturns.com/api/Coverpage/GetWalkMeScriptAsync/ 386 B
735 B 163ms
125ms XHR
application/json 52.182.227.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssr-taxpayer-api.safesendreturns.com/api/Coverpage/GetWalkMeScriptAsync/wcjd4qfhqy3m3d8t613ux4zh2380w000
Requested by: Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/static/js/2.529bbe0a.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: d29fec974b8a622e0a313b84e75a85e95baa3a16ace6bf5a790bef632949da03

Request headers

Accept: application/json, text/plain, */*
Referer: https://taxpayer.safesendreturns.com/
CONTROLLER-GUID
traceparent: 00-eefee8476ae8402482f2965ad6a4afcf-6d47c539f65e4572-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 01 May 2023 14:10:24 GMT
Content-Encoding: gzip
Server: Kestrel
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://taxpayer.safesendreturns.com
Access-Control-Expose-Headers: Content-Disposition
Access-Control-Allow-Credentials: true
Connection: keep-alive
Request-Context: appId=cid-v1:df617754-ff6f-4604-a453-fa684097b92f

OPTIONS
H/1.1 204
No Content wcjd4qfhqy3m3d8t613ux4zh2380w000
ssr-taxpayer-api.safesendreturns.com/api/Coverpage/GetWalkMeScriptAsync/ Frame 0
0 352ms
121ms Preflight 52.182.227.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssr-taxpayer-api.safesendreturns.com/api/Coverpage/GetWalkMeScriptAsync/wcjd4qfhqy3m3d8t613ux4zh2380w000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: controller-guid,traceparent
Access-Control-Request-Method: GET
Origin: https://taxpayer.safesendreturns.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: controller-guid,traceparent
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://taxpayer.safesendreturns.com
Connection: keep-alive
Date: Mon, 01 May 2023 14:10:24 GMT
Request-Context: appId=cid-v1:df617754-ff6f-4604-a453-fa684097b92f
Server: Kestrel
Vary: Origin

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame BD99 200 B
1 KB 16ms
16ms Document
text/html 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://taxpayer.safesendreturns.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1641
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 01 May 2023 14:10:10 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Thu, 20 Apr 2023 20:13:02 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 6c22fb0e883db3123ae98d8d72cdaf76.cloudfront.net (CloudFront)
x-amz-cf-id: SKMeve6Pp5BlzKjM10xZup2WVJyXrztDaxOkTsS0JyRCqUFX1XEy1Q==
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 17ms
16ms Preflight 13.69.106.215
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://taxpayer.safesendreturns.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Mon, 01 May 2023 14:10:23 GMT
x-content-type-options: nosniff

POST
H2 400 track Show response
dc.services.visualstudio.com/v2/ 186 B
253 B 60ms
60ms XHR
application/json 13.69.106.215
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/static/js/2.529bbe0a.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

43f9cea186c6a97cf28dc6183d6f81e945bc8aada8bb2a77042d9c9e4423d067

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://taxpayer.safesendreturns.com/
accept-language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: FE56C82F-E2C9-401F-999A-BAC554456FF6
strict-transport-security: max-age=31536000
date: Mon, 01 May 2023 14:10:23 GMT
x-content-type-options: nosniff
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 186

POST
H2 200 csp-report
q.stripe.com/ Frame BD99 0
716 B 186ms
184ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/Delegatee/Login/wcjd4qfhqy3m3d8t613ux4zh2380w000

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 01 May 2023 14:10:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682950224259872
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682950224259353
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame BD99 0
716 B 182ms
181ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/Delegatee/Login/wcjd4qfhqy3m3d8t613ux4zh2380w000

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 01 May 2023 14:10:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682950224259976
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1682950224259452
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame BD99 631 B
1 KB 16ms
15ms Script
text/javascript 13.227.219.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-27.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Mon, 01 May 2023 13:44:50 GMT
x-content-type-options: nosniff
via: 1.1 6c22fb0e883db3123ae98d8d72cdaf76.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 1535
x-cache: Hit from cloudfront
content-length: 631
last-modified: Mon, 17 Apr 2023 21:23:27 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: ifGoO71ca9bp1N6hVwqTMSKfWUjdOlSV5lSFsW56jeHlHt86L9UNFg==

GET
H2 200 inner.html Show response
m.stripe.network/ Frame DB21 930 B
2 KB 16ms
16ms Document
text/html 2600:9000:2070:fa00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2070:fa00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 277
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 01 May 2023 14:05:49 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 64003b022bc3cc2e877f218eb451e376.cloudfront.net (CloudFront)
x-amz-cf-id: 3VAPBUu7SWW1_uYp8tFwRr9V76wjgoJzaX4c5pFhAwfuJC5XWkdepw==
x-amz-cf-pop: HAM50-C3
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame DB21 0
490 B 184ms
184ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/Delegatee/Login/wcjd4qfhqy3m3d8t613ux4zh2380w000

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 01 May 2023 14:10:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682950224303516
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1682950224302945
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame DB21 86 KB
16 KB 18ms
18ms Script
text/javascript 2600:9000:2070:fa00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2070:fa00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 01 May 2023 14:10:21 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 64003b022bc3cc2e877f218eb451e376.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 4
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: _mtsYcolUudT_aZ4833-ujfuCp2tHuTqYSo7J3z6_VFX10UiwF2Wvg==

POST
H2 200 6 Show response
m.stripe.com/ Frame DB21 156 B
668 B 184ms
184ms XHR
application/json 54.148.101.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.148.101.195 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-101-195.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

9aca055d0ec13f9459abe3d1abd7496069df8f9b003be5ef333d0f039e349b6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Mon, 01 May 2023 14:10:24 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1682950224337234
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1682950224336918
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

OPTIONS
H/1.1 204
No Content wcjd4qfhqy3m3d8t613ux4zh2380w000
ssr-taxpayer-api.safesendreturns.com/api/ApplicationInsight/BasicDetails/ Frame 0
0 122ms
121ms Preflight 52.182.227.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssr-taxpayer-api.safesendreturns.com/api/ApplicationInsight/BasicDetails/wcjd4qfhqy3m3d8t613ux4zh2380w000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: controller-guid,traceparent
Access-Control-Request-Method: GET
Origin: https://taxpayer.safesendreturns.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: controller-guid,traceparent
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://taxpayer.safesendreturns.com
Connection: keep-alive
Date: Mon, 01 May 2023 14:10:24 GMT
Request-Context: appId=cid-v1:df617754-ff6f-4604-a453-fa684097b92f
Server: Kestrel
Vary: Origin

OPTIONS
H/1.1 204
No Content wcjd4qfhqy3m3d8t613ux4zh2380w000
ssr-taxpayer-api.safesendreturns.com/api/Delegatee/HeaderInfo/ Frame 0
0 127ms
127ms Preflight 52.182.227.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssr-taxpayer-api.safesendreturns.com/api/Delegatee/HeaderInfo/wcjd4qfhqy3m3d8t613ux4zh2380w000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: controller-guid,traceparent
Access-Control-Request-Method: GET
Origin: https://taxpayer.safesendreturns.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: controller-guid,traceparent
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://taxpayer.safesendreturns.com
Connection: keep-alive
Date: Mon, 01 May 2023 14:10:24 GMT
Request-Context: appId=cid-v1:df617754-ff6f-4604-a453-fa684097b92f
Server: Kestrel
Vary: Origin

OPTIONS
H/1.1 204
No Content wcjd4qfhqy3m3d8t613ux4zh2380w000
ssr-taxpayer-api.safesendreturns.com/api/Delegatee/GetClientInfo/ Frame 0
0 125ms
125ms Preflight 52.182.227.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssr-taxpayer-api.safesendreturns.com/api/Delegatee/GetClientInfo/wcjd4qfhqy3m3d8t613ux4zh2380w000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: controller-guid,traceparent
Access-Control-Request-Method: GET
Origin: https://taxpayer.safesendreturns.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: controller-guid,traceparent
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://taxpayer.safesendreturns.com
Connection: keep-alive
Date: Mon, 01 May 2023 14:10:24 GMT
Request-Context: appId=cid-v1:df617754-ff6f-4604-a453-fa684097b92f
Server: Kestrel
Vary: Origin

GET
H/1.1 200
OK wcjd4qfhqy3m3d8t613ux4zh2380w000 Show response
ssr-taxpayer-api.safesendreturns.com/api/ApplicationInsight/BasicDetails/ 195 B
628 B 129ms
129ms XHR
application/json 52.182.227.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssr-taxpayer-api.safesendreturns.com/api/ApplicationInsight/BasicDetails/wcjd4qfhqy3m3d8t613ux4zh2380w000
Requested by: Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/static/js/2.529bbe0a.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: bbe3a8a5d5a470625cc3fea92f024d6b839a4b7a44448f521e79340e169cc4e4

Request headers

Accept: application/json, text/plain, */*
Referer: https://taxpayer.safesendreturns.com/
CONTROLLER-GUID
traceparent: 00-d5829c75bf42461f8ab20cd0ae5e29c0-d6f3c595dff24f58-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 01 May 2023 14:10:24 GMT
Content-Encoding: gzip
Server: Kestrel
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://taxpayer.safesendreturns.com
Access-Control-Expose-Headers: Content-Disposition
Access-Control-Allow-Credentials: true
Connection: keep-alive
Request-Context: appId=cid-v1:df617754-ff6f-4604-a453-fa684097b92f

GET
H/1.1 200
OK wcjd4qfhqy3m3d8t613ux4zh2380w000 Show response
ssr-taxpayer-api.safesendreturns.com/api/Delegatee/HeaderInfo/ 899 B
1 KB 274ms
150ms XHR
application/json 52.182.227.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssr-taxpayer-api.safesendreturns.com/api/Delegatee/HeaderInfo/wcjd4qfhqy3m3d8t613ux4zh2380w000
Requested by: Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/static/js/2.529bbe0a.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 4c0915d09038152bc505322ac24700d627bd11a91471261719f2c2ebb7c4b314

Request headers

Accept: application/json, text/plain, */*
Referer: https://taxpayer.safesendreturns.com/
CONTROLLER-GUID
traceparent: 00-d5829c75bf42461f8ab20cd0ae5e29c0-e0d4697aa99f45ac-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 01 May 2023 14:10:24 GMT
Content-Encoding: gzip
Server: Kestrel
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://taxpayer.safesendreturns.com
Access-Control-Expose-Headers: Content-Disposition
Access-Control-Allow-Credentials: true
Connection: keep-alive
Request-Context: appId=cid-v1:df617754-ff6f-4604-a453-fa684097b92f

GET
H/1.1 200
OK wcjd4qfhqy3m3d8t613ux4zh2380w000 Show response
ssr-taxpayer-api.safesendreturns.com/api/Delegatee/GetClientInfo/ 773 B
967 B 220ms
151ms XHR
application/json 52.182.227.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssr-taxpayer-api.safesendreturns.com/api/Delegatee/GetClientInfo/wcjd4qfhqy3m3d8t613ux4zh2380w000
Requested by: Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/static/js/2.529bbe0a.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 1e73f3858fe691bb3567ca9f8d4c85ed18a41ca7e141ecd8c81da86dd2230052

Request headers

Accept: application/json, text/plain, */*
Referer: https://taxpayer.safesendreturns.com/
CONTROLLER-GUID
traceparent: 00-d5829c75bf42461f8ab20cd0ae5e29c0-b62f813d43ea4375-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 01 May 2023 14:10:24 GMT
Content-Encoding: gzip
Server: Kestrel
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://taxpayer.safesendreturns.com
Access-Control-Expose-Headers: Content-Disposition
Access-Control-Allow-Credentials: true
Connection: keep-alive
Request-Context: appId=cid-v1:df617754-ff6f-4604-a453-fa684097b92f

GET
H/1.1 404
Not Found fontawesome-webfont.20fd1704.woff2
taxpayer.safesendreturns.com/static/media/ 0
0 138ms
138ms Font
text/html 52.182.227.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://taxpayer.safesendreturns.com/static/media/fontawesome-webfont.20fd1704.woff2
Requested by: Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/static/css/2.45679bfc.chunk.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer: https://taxpayer.safesendreturns.com/static/css/2.45679bfc.chunk.css
Origin: https://taxpayer.safesendreturns.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 01 May 2023 14:10:24 GMT
Server: Microsoft-IIS/10.0
Connection: keep-alive
X-Powered-By: ASP.NET
Content-Length: 103
Content-Type: text/html

GET
H2 200 walkme_148aadebe34448148ad4edd74737f760_https.js Show response
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/ 24 KB
9 KB 78ms
26ms Script
application/javascript 23.67.138.249

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/walkme_148aadebe34448148ad4edd74737f760_https.js

Requested by

Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/Delegatee/Login/wcjd4qfhqy3m3d8t613ux4zh2380w000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.67.138.249 -, , ASN (),

Reverse DNS

Software

Resource Hash

d5a35523c6a5f29fb94a01404936c3457997018e2bddeec8b8e5703e0f39dee1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxpayer.safesendreturns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: qNiKXuN7lMKliSWYrlgQ.gTkgwBa6eW5
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 01 May 2023 14:10:24 GMT
access-control-allow-private-network: true
x-amz-request-id: Q69H7MWTBD3W3MQA
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000;includeSubdomains
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
content-length: 8507
x-amz-id-2: 7INWiWR8QnMMkYvj4ReCs2BY1ZjkS29BHmYh7N5A0VvIrr+r8RJmS2cNydpfR9CD6Kd0VjVjGgM=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 24 Mar 2023 13:25:00 GMT
etag: "52eacbcc9224344c945a5d5316e0d368"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=76313
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 404
Not Found fontawesome-webfont.f691f37e.woff
taxpayer.safesendreturns.com/static/media/ 0
0 136ms
135ms Font
text/html 52.182.227.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://taxpayer.safesendreturns.com/static/media/fontawesome-webfont.f691f37e.woff
Requested by: Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/static/css/2.45679bfc.chunk.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer: https://taxpayer.safesendreturns.com/static/css/2.45679bfc.chunk.css
Origin: https://taxpayer.safesendreturns.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 01 May 2023 14:10:24 GMT
Server: Microsoft-IIS/10.0
Connection: keep-alive
X-Powered-By: ASP.NET
Content-Length: 103
Content-Type: text/html

GET
H2 200 settings.txt Show response
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/ 2 KB
1 KB 197ms
197ms Script
application/javascript 23.67.138.249

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/settings.txt

Requested by

Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/walkme_148aadebe34448148ad4edd74737f760_https.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.67.138.249 -, , ASN (),

Reverse DNS

Software

Resource Hash

b3a20a52c40d2388b7e9828a03ac18729fc5f4c6f1c4635684aebb658a132ed2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxpayer.safesendreturns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: nqVJdmpS4OJeZlsY6UOfoU7CADejary4
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 01 May 2023 14:10:24 GMT
access-control-allow-private-network: true
x-amz-request-id: PYB83WBBQ05J37YB
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000;includeSubdomains
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
content-length: 714
x-amz-id-2: XVAjxlXYeSMqI+if3bUpaQYptDX/FesWJPjqL4hUvK46ovWBEESNxgmClFe9HJHLnZnak9ZC0U4=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 29 Apr 2023 10:04:48 GMT
etag: "d1b3d9393cca827c13d21447d5353750"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK fontawesome-webfont.1e59d233.ttf
taxpayer.safesendreturns.com/static/media/ 162 KB
162 KB 134ms
133ms Font
application/octet-stream 52.182.227.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://taxpayer.safesendreturns.com/static/media/fontawesome-webfont.1e59d233.ttf
Requested by: Host: taxpayer.safesendreturns.com
URL: https://taxpayer.safesendreturns.com/static/css/2.45679bfc.chunk.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.227.213 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8

Request headers

Referer: https://taxpayer.safesendreturns.com/static/css/2.45679bfc.chunk.css
Origin: https://taxpayer.safesendreturns.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 01 May 2023 14:10:24 GMT
Last-Modified: Sat, 29 Apr 2023 03:23:48 GMT
Server: Microsoft-IIS/10.0
ETag: "03af624a7ad91:0"
X-Powered-By: ASP.NET
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 165548

GET
H2 200 wmjQuery33121.js Show response
cdn.walkme.com/player/resources/ 87 KB
30 KB 27ms
27ms Script
application/javascript 23.67.138.249

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/player/resources/wmjQuery33121.js

Requested by

Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/walkme_148aadebe34448148ad4edd74737f760_https.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.67.138.249 -, , ASN (),

Reverse DNS

Software

Resource Hash

4c39cb66f7f70d491df03c9483665b7aa362d889daebc31d1d98305f34b7e3af

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxpayer.safesendreturns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: dpj4bAlfG6UlhFPdf_TGly9sgsSAJ5Ge
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 01 May 2023 14:10:24 GMT
access-control-allow-private-network: true
x-amz-request-id: QWXNT2P1G2H5ET30
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000;includeSubdomains
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
content-length: 30035
x-amz-id-2: PPaNtQ7CTLirbHX1V/38PFlXeXYgnA4f3/PsWNekwjNghLMgEZJHuu9HFkMtzaXUN8RNOvM4iKI=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 03 May 2022 06:44:33 GMT
etag: "b00eee8317d72ce865b995c31f1f95ff"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=26171645
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 prelib-plugin-cbc917dd-5980-37ca-b6da-4deed694d54a.js
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/scripts/ 233 KB
69 KB 179ms
179ms Script
application/x-javascript 23.67.138.249

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/scripts/prelib-plugin-cbc917dd-5980-37ca-b6da-4deed694d54a.js

Requested by

Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/walkme_148aadebe34448148ad4edd74737f760_https.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.67.138.249 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxpayer.safesendreturns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: Y8NO7wSBUm6pr159PXMp.o1oMRgNoRrw
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 01 May 2023 14:10:25 GMT
access-control-allow-private-network: true
x-amz-request-id: T9HT5KP1N7V5SQAA
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000;includeSubdomains
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
content-length: 70036
x-amz-id-2: BULntGYj6JlZts725qKXOvOTOWzXsJ82fQwATN0cjZYlNvOzrL1LMablmPiREEIuqeUIcPBoMYo=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 08 Mar 2023 20:00:20 GMT
etag: "e1765b2d10a910660616899510311384"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=27559760
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 walkme_lib_20230419-114047-3acf4620-7f4b179d.br.js Show response
cdn.walkme.com/player/lib/ 2 MB
365 KB 19ms
19ms Script
application/javascript 23.67.138.249

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/player/lib/walkme_lib_20230419-114047-3acf4620-7f4b179d.br.js

Requested by

Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/walkme_148aadebe34448148ad4edd74737f760_https.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.67.138.249 -, , ASN (),

Reverse DNS

Software

Resource Hash

2708d45945bbc0b1d61e8b5dd4d742dd7215b7cf49964de17da8a8b9fcfadfd1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxpayer.safesendreturns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: 2AgaVzMCuQuxcPIacMWhgfCP8lkrbaIz
content-encoding: br
x-content-type-options: nosniff
date: Mon, 01 May 2023 14:10:24 GMT
access-control-allow-private-network: true
x-amz-request-id: QX48D8Z46ARSPX7K
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000;includeSubdomains
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
content-length: 372286
x-amz-id-2: 9jO0fSxfsCQ0g6PYlL9pvxhf8Lnl8/wPFDO5ZYdfFAMeYh0yQZDuIS6/83UnCb2qjIzejMTiDSI=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 19 Apr 2023 12:01:00 GMT
etag: "bd214eebdfc55227ab9dbb39b0e4f693"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=30862547
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 walkme_config_bd5358551b144d3fb6a2b0e17cea775a.js Show response
cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/ 4 KB
3 KB 31ms
31ms Script
application/javascript 23.67.138.249

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/walkme_config_bd5358551b144d3fb6a2b0e17cea775a.js

Requested by

Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/148aadebe34448148ad4edd74737f760/walkme_148aadebe34448148ad4edd74737f760_https.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.67.138.249 -, , ASN (),

Reverse DNS

Software

Resource Hash

e71c2aae12ecb7a36c5ebf4f087fa1c29f5b0e3718e0bf66121696abab7d1880

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://taxpayer.safesendreturns.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: RlSpRXbXCoo3ed7kZjjzxw8hRwz5HGQG
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 01 May 2023 14:10:24 GMT
access-control-allow-private-network: true
x-amz-request-id: 5HTDP8G7SETAH5D4
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests;
strict-transport-security: max-age=31536000;includeSubdomains
x-amz-replication-status: COMPLETED
cross-origin-resource-policy: cross-origin
content-length: 1949
x-amz-id-2: XcxBrvG/5ufYo+msAMl+eVL+yXwNUMklVL4BHOa86rN9nFefDKhfGx/xztAvb8WIerF4PVULEcQ=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 29 Apr 2023 10:04:48 GMT
etag: "28cbdf44e5eef6a7f21975739ff98e94"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31349079
accept-ranges: bytes
timing-allow-origin: *

POST track
dc.services.visualstudio.com/v2/ 0
0

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 15ms
14ms Preflight 13.69.106.215
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://taxpayer.safesendreturns.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Mon, 01 May 2023 14:10:24 GMT
x-content-type-options: nosniff

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dc.services.visualstudio.com
URL: https://dc.services.visualstudio.com/v2/track

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.taxpayer.safesendreturns.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 7652f19944144e572a9caeba459920ae0d4ab4427296b1acb1da65d4b1a40d1f
.taxpayer.safesendreturns.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 7652f19944144e572a9caeba459920ae0d4ab4427296b1acb1da65d4b1a40d1f
taxpayer.safesendreturns.com/	1970-01-20 20:14:46	Name: ai_user Value: YF/AWjDR2JkCkw5XJ12Z/2\|2023-05-01T14:10:20.633Z
m.stripe.com/	1970-01-20 21:05:10	Name: m Value: 62784f87-1a6b-450a-ae4d-0c9c1f1756cd2dd264
.taxpayer.safesendreturns.com/	1970-01-20 20:14:46	Name: __stripe_mid Value: f68cf225-ad0b-434c-9c8f-d32823b7df8e58e78b
.taxpayer.safesendreturns.com/	1970-01-20 11:29:12	Name: __stripe_sid Value: 4a8a9c41-4728-438e-aee8-19c720a8dc2b582bf0
taxpayer.safesendreturns.com/	1970-01-20 11:29:12	Name: ai_session Value: kzdebpGtC97vOa7lKLSQ0X\|1682950221036\|1682950224146

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://dc.services.visualstudio.com/v2/track Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://dc.services.visualstudio.com/v2/track Message: Failed to load resource: the server responded with a status of 400 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://dc.services.visualstudio.com/v2/track Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://taxpayer.safesendreturns.com/static/media/fontawesome-webfont.20fd1704.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://taxpayer.safesendreturns.com/static/media/fontawesome-webfont.f691f37e.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.walkme.com
dc.services.visualstudio.com
fonts.googleapis.com
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
sp.tinymce.com
ssr-taxpayer-api.safesendreturns.com
ssr.safesendreturns.com
taxpayer.safesendreturns.com
use.fontawesome.com
dc.services.visualstudio.com
13.227.219.27
13.69.106.215
23.67.138.249
2600:9000:2070:fa00:19:7d10:bd80:93a1
2606:4700:e2::ac40:840f
2a00:1450:4001:811::200a
52.158.215.147
52.182.227.213
54.148.101.195
54.187.119.242
54.230.206.81
1e73f3858fe691bb3567ca9f8d4c85ed18a41ca7e141ecd8c81da86dd2230052
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2708d45945bbc0b1d61e8b5dd4d742dd7215b7cf49964de17da8a8b9fcfadfd1
2c4f8d66c9bae8c9f00d858fd7192dffcb5f86c4f2775a3abb1ac6143347b460
3896fe0343b53ad9f9afb0fdeaa82eadf7d7b9a07d5f14730d6d253b2597b0c2
3cde0d86e8f5e2f1773eb822b04c4de9b27a6a6f3bdc0e4df01205e7f3206b03
43f9cea186c6a97cf28dc6183d6f81e945bc8aada8bb2a77042d9c9e4423d067
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
4c0915d09038152bc505322ac24700d627bd11a91471261719f2c2ebb7c4b314
4c39cb66f7f70d491df03c9483665b7aa362d889daebc31d1d98305f34b7e3af
6998deab81740fc56c94da25c0fb79631dc64cd8efcc8416b94d1a2bc01699ea
8d56e6f68ba29c117cf24b90f3d5c669ca443f7dcdb40bca85cd826f0d2defe9
9aca055d0ec13f9459abe3d1abd7496069df8f9b003be5ef333d0f039e349b6d
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a967e70335ecab726a3991cd662bba59647d3764674cac9876810a006cebd845
aa58f33f239a0fb02f5c7a6c45c043d7a9ac9a093335806694ecd6d4edc0d6a8
af8c9a757e88b54d2cba14979beb2d254ffcbb006224cf8f79bba0e7dafc3cad
b3a20a52c40d2388b7e9828a03ac18729fc5f4c6f1c4635684aebb658a132ed2
bbe3a8a5d5a470625cc3fea92f024d6b839a4b7a44448f521e79340e169cc4e4
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d29fec974b8a622e0a313b84e75a85e95baa3a16ace6bf5a790bef632949da03
d5a35523c6a5f29fb94a01404936c3457997018e2bddeec8b8e5703e0f39dee1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71c2aae12ecb7a36c5ebf4f087fa1c29f5b0e3718e0bf66121696abab7d1880
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
fb73601061ee2ea4141d53a72fcab6c3a62cd3800e1960c43d8f6c27e894906a

taxpayer.safesendreturns.com Open in urlscan Pro 52.182.227.213 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

65 Requests

98 %HTTPS

27 %IPv6

8 Domains

12 Subdomains

11 IPs

3 Countries

4818 kBTransfer

19301 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

taxpayer.safesendreturns.com Open in urlscan Pro
52.182.227.213 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

98 %
HTTPS

27 %
IPv6

8
Domains

12
Subdomains

11
IPs

3
Countries

4818 kB
Transfer

19301 kB
Size

7
Cookies

65 HTTP transactions
0 data transactions