accounts.welcomesoftware.com Open in urlscan Pro
3.213.206.188 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://go.welcomesoftware.com/NTg1LUZEWS00MzgAAAF_1hYSewmQ2dIb8mzFV8LAqBjuRaw8KieGFgfOkK13QJlFzEdox9Vw1T_8tBJQp6oLqY361n4=
Effective URL:
https://accounts.welcomesoftware.com/login
Submission: On September 30 via api (September 30th 2021, 7:34:29 pm UTC) from US — Scanned from DE

Summary HTTP 45 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 8 domains to perform 45 HTTP transactions. The main IP is 3.213.206.188, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is accounts.welcomesoftware.com.
TLS certificate: Issued by Amazon on March 25th 2021. Valid for: a year.

This is the only time accounts.welcomesoftware.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.70.206 104.17.70.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	167.172.146.208 167.172.146.208	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 11	3.213.206.188 3.213.206.188	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.185.228 142.250.185.228	15169 (GOOGLE) (GOOGLE)
2	107.23.169.149 107.23.169.149	14618 (AMAZON-AES) (AMAZON-AES)
13	2.16.186.59 2.16.186.59	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.18.99 172.217.18.99	15169 (GOOGLE) (GOOGLE)
1	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.111.215.74 104.111.215.74	16625 (AKAMAI-AS) (AKAMAI-AS)
5	100.26.83.143 100.26.83.143	14618 (AMAZON-AES) (AMAZON-AES)
3	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
45	11

1 104.17.70.206 (None, )

ASN13335 (CLOUDFLARENET, US)

go.welcomesoftware.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 167.172.146.208 (North Bergen, United States) 3 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 467274.cloudwaysapps.com

support.newscred.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
support.welcomesoftware.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 3.213.206.188 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-206-188.compute-1.amazonaws.com

accounts.welcomesoftware.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.23.169.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-169-149.compute-1.amazonaws.com

track.gaconnector.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2.16.186.59 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-59.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.99 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f99.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.74 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-74.deploy.static.akamaitechnologies.com

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 100.26.83.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-26-83-143.compute-1.amazonaws.com

fs.welcomesoftware.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

newscred.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	welcomesoftware.com 3 redirects go.welcomesoftware.com support.welcomesoftware.com accounts.welcomesoftware.com fs.welcomesoftware.com	406 KB
14	typekit.net use.typekit.net p.typekit.net	255 KB
8	zdassets.com static.zdassets.com ekr.zdassets.com	322 KB
3	zendesk.com newscred.zendesk.com	2 KB
2	gaconnector.com track.gaconnector.com	3 KB
1	gstatic.com www.gstatic.com	134 KB
1	google.com www.google.com	987 B
1	newscred.com 1 redirects support.newscred.com	211 B
45	8

	Domain	Requested by
13	use.typekit.net	accounts.welcomesoftware.com
11	accounts.welcomesoftware.com	1 redirects go.welcomesoftware.com accounts.welcomesoftware.com
7	static.zdassets.com	accounts.welcomesoftware.com static.zdassets.com
5	fs.welcomesoftware.com	accounts.welcomesoftware.com fs.welcomesoftware.com
3	newscred.zendesk.com	static.zdassets.com
2	track.gaconnector.com	accounts.welcomesoftware.com track.gaconnector.com
2	support.welcomesoftware.com	2 redirects
1	p.typekit.net	accounts.welcomesoftware.com
1	ekr.zdassets.com	static.zdassets.com
1	www.gstatic.com	www.google.com
1	www.google.com	accounts.welcomesoftware.com
1	support.newscred.com	1 redirects
1	go.welcomesoftware.com
45	13

This site contains links to these domains. Also see Links.

Domain
google.com
welcomesoftware.com

Subject Issuer	Validity	Valid
*.welcomesoftware.com Amazon	`2021-03-25` - `2022-04-23`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.gaconnector.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-27` - `2022-08-27`	a year	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-08-16`	a year	crt.sh
ssl1036557.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-08` - `2022-07-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-16` - `2022-07-21`	a year	crt.sh
newscred.zendesk.com Cloudflare Inc ECC CA-3	`2021-06-17` - `2022-06-16`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://accounts.welcomesoftware.com/login
Frame ID: CE80FEFF7377DA0EA918790A3E617982
Requests: 36 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-preload-c1fb2a0837baf967e156.js
Frame ID: 49BDFA77B78536B3887BF7A095CE175B
Requests: 8 HTTP requests in this frame

Frame: https://fs.welcomesoftware.com/s/fs.js
Frame ID: 15A8333AD5C43BE00356178C65E0CE1D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome

Page URL History Show full URLs

http://go.welcomesoftware.com/NTg1LUZEWS00MzgAAAF_1hYSewmQ2dIb8mzFV8LAqBjuRaw8KieGFgfOkK13QJlFzEdox9Vw1T_8... Page URL
https://support.newscred.com/?mkt_tok=NTg1LUZEWS00MzgAAAF_1hYSe3guUd62LjQcJHSIPYnTgezj1DR7coG0gKufcUUNJCn... HTTP 301
https://support.welcomesoftware.com/?mkt_tok=NTg1LUZEWS00MzgAAAF_1hYSe3guUd62LjQcJHSIPYnTgezj1DR7coG0gKufcUUNJCn... HTTP 301
https://support.welcomesoftware.com/?auth=sso HTTP 302
https://accounts.welcomesoftware.com/o/oauth2/v1/auth?oauth=authorize&response_type=code&client_id=54f0b352-c80e-... HTTP 302
https://accounts.welcomesoftware.com/login Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

45
Requests

98 %
HTTPS

0 %
IPv6

8
Domains

13
Subdomains

11
IPs

3
Countries

1122 kB
Transfer

2497 kB
Size

6
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://google.com/chrome
Title: Google Chrome

Search URL Search Domain Scan URL

URL: https://welcomesoftware.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://go.welcomesoftware.com/NTg1LUZEWS00MzgAAAF_1hYSewmQ2dIb8mzFV8LAqBjuRaw8KieGFgfOkK13QJlFzEdox9Vw1T_8tBJQp6oLqY361n4= Page URL
https://support.newscred.com/?mkt_tok=NTg1LUZEWS00MzgAAAF_1hYSe3guUd62LjQcJHSIPYnTgezj1DR7coG0gKufcUUNJCnudOh-TcHa8Rjg7dejTWzdzXvUSV7-8oG5Jjk9D8m8b2_j2Cyzf-8LVMuEfjdS HTTP 301
https://support.welcomesoftware.com/?mkt_tok=NTg1LUZEWS00MzgAAAF_1hYSe3guUd62LjQcJHSIPYnTgezj1DR7coG0gKufcUUNJCnudOh-TcHa8Rjg7dejTWzdzXvUSV7-8oG5Jjk9D8m8b2_j2Cyzf-8LVMuEfjdS HTTP 301
https://support.welcomesoftware.com/?auth=sso HTTP 302
https://accounts.welcomesoftware.com/o/oauth2/v1/auth?oauth=authorize&response_type=code&client_id=54f0b352-c80e-4a23-b609-1ea7d62f5e24&client_secret=KsjYcuRTSVLCYczO06F6yrSPEvMXern18Sa53ydZznJb9rqRVHZeA0X7yMY4N2QH&redirect_uri=https%3A%2F%2Fsupport.welcomesoftware.com%2F%3Fauth%3Dsso&scope=email+openid+profile+offline_access HTTP 302
https://accounts.welcomesoftware.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set NTg1LUZEWS00MzgAAAF_1hYSewmQ2dIb8mzFV8LAqBjuRaw8KieGFgfOkK13QJlFzEdox9Vw1T_8tBJQp6oLqY361n4= Show response
go.welcomesoftware.com/ 470 B
1 KB 770ms
325ms Document
text/html 104.17.70.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://go.welcomesoftware.com/NTg1LUZEWS00MzgAAAF_1hYSewmQ2dIb8mzFV8LAqBjuRaw8KieGFgfOkK13QJlFzEdox9Vw1T_8tBJQp6oLqY361n4=

Protocol

HTTP/1.1

Server

104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1f06f1da342a6ec8cbf6c8e10425e6f87f848419cac9bda1c2b68b990ffc7b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: go.welcomesoftware.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Thu, 30 Sep 2021 19:34:25 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, no-cache, no-store, max-age=0
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Set-Cookie: BIGipServersj_mailtracking_http=!FRrxPVlm6/97rqglU8cyx3LfarvBcfWfVFDQqq7rE+RmJ3MLeiwjWlVcG2qvuczup3SgeK+Q6hVivcE=; path=/; Httponly __cf_bm=LCAHvXLbv0T2ixUcb6qPB9gU_teNKAdAdV2N18LEGPo-1633030465-0-AfJtwVR70AndruHzMPkZYtXWiZ4plcHrAxTAfDjXVR51Zg3n9OYKzbJonjtElTDKP/FSzUA7LjPAQJj5HMistUs=; path=/; expires=Thu, 30-Sep-21 20:04:25 GMT; domain=.go.welcomesoftware.com; HttpOnly; SameSite=None
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 696fe3748d0b323c-FRA
Content-Encoding: gzip

GET
H2

200

Primary Request login Show response
accounts.welcomesoftware.com/
Redirect Chain

https://support.newscred.com/?mkt_tok=NTg1LUZEWS00MzgAAAF_1hYSe3guUd62LjQcJHSIPYnTgezj1DR7coG0gKufcUUNJCnudOh-TcHa8Rjg7dejTWzdzXvUSV7-8oG5Jjk9D8m8b2_j2Cyzf-8LVMuEfjdS
https://support.welcomesoftware.com/?mkt_tok=NTg1LUZEWS00MzgAAAF_1hYSe3guUd62LjQcJHSIPYnTgezj1DR7coG0gKufcUUNJCnudOh-TcHa8Rjg7dejTWzdzXvUSV7-8oG5Jjk9D8m8b2_j2Cyzf-8LVMuEfjdS
https://support.welcomesoftware.com/?auth=sso
https://accounts.welcomesoftware.com/o/oauth2/v1/auth?oauth=authorize&response_type=code&client_id=54f0b352-c80e-4a23-b609-1ea7d62f5e24&client_secret=KsjYcuRTSVLCYczO06F6yrSPEvMXern18Sa53ydZznJb9rq...
https://accounts.welcomesoftware.com/login

7 KB
4 KB

101ms
101ms

Document
text/html

3.213.206.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.welcomesoftware.com/login

Requested by

Host: go.welcomesoftware.com
URL: http://go.welcomesoftware.com/NTg1LUZEWS00MzgAAAF_1hYSewmQ2dIb8mzFV8LAqBjuRaw8KieGFgfOkK13QJlFzEdox9Vw1T_8tBJQp6oLqY361n4=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.213.206.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-213-206-188.compute-1.amazonaws.com

Software

Resource Hash

c25eba5b127a3e956ed30bccaa47be3d05072dec2e17cbeb64cbde0b2586ae08

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .typekit.net .google.com .gstatic.com .zdassets.com track.gaconnector.com https://analytics.newscred.com https://fs.welcomesoftware.com; img-src 'self' data: .typekit.net .google.com .googleapis.com .newscred.com; frame-src https://www.google.com; connect-src .zdassets.com .zendesk.com track.gaconnector.com fs.welcomesoftware.com; font-src 'self' https: data:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: accounts.welcomesoftware.com
:scheme: https
:path: /login
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://go.welcomesoftware.com/
accept-encoding: gzip, deflate, br
cookie: connect.sid=s%3A4k3NYHucJbbKeUdUCbHVVAKwOtvTyJob.Y0nTG7trntsSSRURu1SvDhRtm0pJQn%2Bngudivh4teX0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://go.welcomesoftware.com/NTg1LUZEWS00MzgAAAF_1hYSewmQ2dIb8mzFV8LAqBjuRaw8KieGFgfOkK13QJlFzEdox9Vw1T_8tBJQp6oLqY361n4=

Response headers

date: Thu, 30 Sep 2021 19:34:26 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.typekit.net *.google.com *.gstatic.com *.zdassets.com track.gaconnector.com https://analytics.newscred.com https://fs.welcomesoftware.com; img-src 'self' data: *.typekit.net *.google.com *.googleapis.com *.newscred.com; frame-src https://www.google.com; connect-src *.zdassets.com *.zendesk.com track.gaconnector.com fs.welcomesoftware.com; font-src 'self' https: data:
cache-control: no-cache,no-store,must-revalidate,private
pragma: no-cache
set-cookie: _csrf=eBfBYMc3vNG7FHBHcWfMMk7N; Path=/
etag: W/"1dec-hdgjZ1eXF/ArANTj+g9VJ6GJxL8"
content-encoding: gzip

Redirect headers

date: Thu, 30 Sep 2021 19:34:26 GMT
content-type: text/html; charset=utf-8
content-length: 56
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.typekit.net *.google.com *.gstatic.com *.zdassets.com track.gaconnector.com https://analytics.newscred.com https://fs.welcomesoftware.com; img-src 'self' data: *.typekit.net *.google.com *.googleapis.com *.newscred.com; frame-src https://www.google.com; connect-src *.zdassets.com *.zendesk.com track.gaconnector.com fs.welcomesoftware.com; font-src 'self' https: data:
cache-control: no-cache,no-store,must-revalidate,private
pragma: no-cache
location: /login
vary: Accept
set-cookie: connect.sid=s%3A4k3NYHucJbbKeUdUCbHVVAKwOtvTyJob.Y0nTG7trntsSSRURu1SvDhRtm0pJQn%2Bngudivh4teX0; Path=/; Expires=Sat, 30 Oct 2021 19:34:26 GMT; HttpOnly; Secure

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
987 B 37ms
15ms Script
text/javascript 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: accounts.welcomesoftware.com
URL: https://accounts.welcomesoftware.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

GSE /

Resource Hash

1c9eab627784ec862dd97635d015b259fa3fdc1f58d7fd198ae0a449e6790848

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.welcomesoftware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:34:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553
x-xss-protection: 1; mode=block
expires: Thu, 30 Sep 2021 19:34:26 GMT

GET
H2 200 gaconnector.js Show response
track.gaconnector.com/ 8 KB
3 KB 320ms
97ms Script
text/plain 107.23.169.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track.gaconnector.com/gaconnector.js
Requested by: Host: accounts.welcomesoftware.com
URL: https://accounts.welcomesoftware.com/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.169.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-169-149.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 056cf1ad4d84c1438bd0efea62a6a10a21acab4f1adae279e87bd401ba83cd99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.welcomesoftware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:34:26 GMT
access-control-request-method: *
server: nginx/1.18.0
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
access-control-allow-headers: *
content-length: 3080
expires: Thu, 30 Sep 2021 20:34:26 GMT

GET
H2 200 base.css
accounts.welcomesoftware.com/stylesheets/v2/ 10 KB
3 KB 98ms
97ms Stylesheet
text/css 3.213.206.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.welcomesoftware.com/stylesheets/v2/base.css?v=7

Requested by

Host: accounts.welcomesoftware.com
URL: https://accounts.welcomesoftware.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.213.206.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-213-206-188.compute-1.amazonaws.com

Software

nginx /

Resource Hash

1126d1902bca58795df3b4ba0a4e66bea1e8d5e4df22e98bf665307dc11ddc8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

:path: /stylesheets/v2/base.css?v=7
pragma: no-cache
cookie: connect.sid=s%3A4k3NYHucJbbKeUdUCbHVVAKwOtvTyJob.Y0nTG7trntsSSRURu1SvDhRtm0pJQn%2Bngudivh4teX0; _csrf=eBfBYMc3vNG7FHBHcWfMMk7N
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: accounts.welcomesoftware.com
referer: https://accounts.welcomesoftware.com/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.welcomesoftware.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:34:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 09 Sep 2021 09:20:32 GMT
server: nginx
etag: W/"6139d1e0-2697"
x-frame-options: DENY
content-type: text/css
vary: Accept-Encoding
x-xss-protection: 1;mode=block

GET
H2 200 progressive-signup.css
accounts.welcomesoftware.com/stylesheets/v2/ 3 KB
1 KB 99ms
99ms Stylesheet
text/css 3.213.206.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.welcomesoftware.com/stylesheets/v2/progressive-signup.css?v=4

Requested by

Host: accounts.welcomesoftware.com
URL: https://accounts.welcomesoftware.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.213.206.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-213-206-188.compute-1.amazonaws.com

Software

nginx /

Resource Hash

dc2be883218611c67722c7039207b0ab66351d15f2aa4cea1686cb48491a5f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

:path: /stylesheets/v2/progressive-signup.css?v=4
pragma: no-cache
cookie: connect.sid=s%3A4k3NYHucJbbKeUdUCbHVVAKwOtvTyJob.Y0nTG7trntsSSRURu1SvDhRtm0pJQn%2Bngudivh4teX0; _csrf=eBfBYMc3vNG7FHBHcWfMMk7N
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: accounts.welcomesoftware.com
referer: https://accounts.welcomesoftware.com/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.welcomesoftware.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:34:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 09 Sep 2021 09:20:32 GMT
server: nginx
etag: W/"6139d1e0-dbe"
x-frame-options: DENY
content-type: text/css
vary: Accept-Encoding
x-xss-protection: 1;mode=block

GET
H2 200 illustrations.css
accounts.welcomesoftware.com/stylesheets/v2/ 886 B
1 KB 98ms
98ms Stylesheet
text/css 3.213.206.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.welcomesoftware.com/stylesheets/v2/illustrations.css?v=4

Requested by

Host: accounts.welcomesoftware.com
URL: https://accounts.welcomesoftware.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.213.206.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-213-206-188.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9be0b851ac83b40541e6641007a55dcd9841b12a4c7473562a56691e7e411226

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

:path: /stylesheets/v2/illustrations.css?v=4
pragma: no-cache
cookie: connect.sid=s%3A4k3NYHucJbbKeUdUCbHVVAKwOtvTyJob.Y0nTG7trntsSSRURu1SvDhRtm0pJQn%2Bngudivh4teX0; _csrf=eBfBYMc3vNG7FHBHcWfMMk7N
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: accounts.welcomesoftware.com
referer: https://accounts.welcomesoftware.com/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.welcomesoftware.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:34:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 23 Sep 2021 08:59:43 GMT
server: nginx
etag: "614c41ff-376"
x-frame-options: DENY
content-type: text/css
accept-ranges: bytes
content-length: 886
x-xss-protection: 1;mode=block

GET
H2 200 welcome-logo.png
accounts.welcomesoftware.com/images/welcome/ 15 KB
16 KB 297ms
294ms Image
image/png 3.213.206.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts.welcomesoftware.com/images/welcome/welcome-logo.png

Requested by

Host: accounts.welcomesoftware.com
URL: https://accounts.welcomesoftware.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.213.206.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-213-206-188.compute-1.amazonaws.com

Software

nginx /

Resource Hash

59c0de950d057fc702cca0f3656f8ec5c6c6ca532608e6b03dcc084fa3de9289

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

:path: /images/welcome/welcome-logo.png
pragma: no-cache
cookie: connect.sid=s%3A4k3NYHucJbbKeUdUCbHVVAKwOtvTyJob.Y0nTG7trntsSSRURu1SvDhRtm0pJQn%2Bngudivh4teX0; _csrf=eBfBYMc3vNG7FHBHcWfMMk7N; gaconnector2_id=ed6a3612-2087-e103-0d62-406cddff7b2c
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: accounts.welcomesoftware.com
referer: https://accounts.welcomesoftware.com/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.welcomesoftware.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:34:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 14:17:09 GMT
server: nginx
etag: "61152d65-3d1e"
x-frame-options: DENY
content-type: image/png
accept-ranges: bytes
content-length: 15646
x-xss-protection: 1;mode=block

GET
H2 200 tabbed-auth.js Show response
accounts.welcomesoftware.com/scripts/signup/ 1 KB
1 KB 101ms
100ms Script
application/javascript 3.213.206.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.welcomesoftware.com/scripts/signup/tabbed-auth.js

Requested by

Host: accounts.welcomesoftware.com
URL: https://accounts.welcomesoftware.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.213.206.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-213-206-188.compute-1.amazonaws.com

Software

Resource Hash

d963faf57d5a9069db1a0aabcaf6e101060054fb307b85f9285f826f1197197f

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .typekit.net .google.com .gstatic.com .zdassets.com track.gaconnector.com https://analytics.newscred.com https://fs.welcomesoftware.com; img-src 'self' data: .typekit.net .google.com .googleapis.com .newscred.com; frame-src https://www.google.com; connect-src .zdassets.com .zendesk.com track.gaconnector.com fs.welcomesoftware.com; font-src 'self' https: data:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /scripts/signup/tabbed-auth.js
pragma: no-cache
cookie: connect.sid=s%3A4k3NYHucJbbKeUdUCbHVVAKwOtvTyJob.Y0nTG7trntsSSRURu1SvDhRtm0pJQn%2Bngudivh4teX0; _csrf=eBfBYMc3vNG7FHBHcWfMMk7N
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: accounts.welcomesoftware.com
referer: https://accounts.welcomesoftware.com/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.welcomesoftware.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Sep 2021 19:34:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 14:17:09 GMT
etag: W/"5a5-17b3ab95288"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-cache,no-store,must-revalidate,private
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.typekit.net *.google.com *.gstatic.com *.zdassets.com track.gaconnector.com https://analytics.newscred.com https://fs.welcomesoftware.com; img-src 'self' data: *.typekit.net *.google.com *.googleapis.com *.newscred.com; frame-src https://www.google.com; connect-src *.zdassets.com *.zendesk.com track.gaconnector.com fs.welcomesoftware.com; font-src 'self' https: data:
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 signup.svg
accounts.welcomesoftware.com/svgs/illustrations/ 169 KB
170 KB 190ms
189ms Image
image/svg+xml 3.213.206.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://accounts.welcomesoftware.com/svgs/illustrations/signup.svg

Requested by

Host: accounts.welcomesoftware.com
URL: https://accounts.welcomesoftware.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.213.206.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-213-206-188.compute-1.amazonaws.com

Software

Resource Hash

a01cda71d89bb570f1ac7f4087d0bb6cb8959ada9639d21c570832467a7aa792

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .typekit.net .google.com .gstatic.com .zdassets.com track.gaconnector.com https://analytics.newscred.com https://fs.welcomesoftware.com; img-src 'self' data: .typekit.net .google.com .googleapis.com .newscred.com; frame-src https://www.google.com; connect-src .zdassets.com .zendesk.com track.gaconnector.com fs.welcomesoftware.com; font-src 'self' https: data:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /svgs/illustrations/signup.svg
pragma: no-cache
cookie: connect.sid=s%3A4k3NYHucJbbKeUdUCbHVVAKwOtvTyJob.Y0nTG7trntsSSRURu1SvDhRtm0pJQn%2Bngudivh4teX0; _csrf=eBfBYMc3vNG7FHBHcWfMMk7N; gaconnector2_id=ed6a3612-2087-e103-0d62-406cddff7b2c
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: accounts.welcomesoftware.com
referer: https://accounts.welcomesoftware.com/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.welcomesoftware.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Sep 2021 19:34:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 09 Sep 2021 09:20:32 GMT
etag: W/"2a341-17bc9dbd300"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: no-cache,no-store,must-revalidate,private
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.typekit.net *.google.com *.gstatic.com *.zdassets.com track.gaconnector.com https://analytics.newscred.com https://fs.welcomesoftware.com; img-src 'self' data: *.typekit.net *.google.com *.googleapis.com *.newscred.com; frame-src https://www.google.com; connect-src *.zdassets.com *.zendesk.com track.gaconnector.com fs.welcomesoftware.com; font-src 'self' https: data:
strict-transport-security: max-age=15552000; includeSubDomains
accept-ranges: bytes
x-dns-prefetch-control: off
content-length: 172865
x-xss-protection: 1; mode=block

GET
H2 200 zgp5hzh.js Show response
use.typekit.net/ 20 KB
7 KB 76ms
27ms Script
text/javascript 2.16.186.59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/zgp5hzh.js

Requested by

Host: accounts.welcomesoftware.com
URL: https://accounts.welcomesoftware.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-59.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

7fd546b56cfcb250366cb3aee2f64c3d9ddef531b2735037c87433037fa05a05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.welcomesoftware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Thu, 30 Sep 2021 19:34:26 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7128

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 20 KB
6 KB 46ms
21ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=593e245b-6c35-4ab9-a404-23934684ddfe

Requested by

Host: accounts.welcomesoftware.com
URL: https://accounts.welcomesoftware.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16cc547456ffa0052c3679e6c5ece2e14ad57c92b93562deb7bcb5829b7afcb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.welcomesoftware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:34:26 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: X27JTDQE0TK8AHG8
x-amz-id-2: AnRGvaEQQyb0fKy9QaXP+U/l33wi+qVguIgEx8mz24VYgUcb9SYfAu2dEKnOGLGf2OtuPbVOVOI=
last-modified: Wed, 09 Jun 2021 00:08:59 GMT
server: cloudflare
etag: W/"cc904f41324148b571599b3b02fdec0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vG46fTobYiiPbHWNBkRKZASQjCkF4SIz42M7QzZLo9XL6m7WY7NtwfLc%2B1YZ00bsrGbyRJlaNq9CKiCtRy2h57Bj4MR2EYYEU8kXtR4o6uKXexgoYxq4LLuPEPh4rmZLJO%2FMOTE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: VFukQxfz8SFs4LT0u8yzm_CAm2zq09sT
cf-ray: 696fe3816b3cbed8-FRA

GET
H2 200 ie-banner.js Show response
accounts.welcomesoftware.com/scripts/ 715 B
1 KB 102ms
101ms Script
application/javascript 3.213.206.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.welcomesoftware.com/scripts/ie-banner.js

Requested by

Host: accounts.welcomesoftware.com
URL: https://accounts.welcomesoftware.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.213.206.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-213-206-188.compute-1.amazonaws.com

Software

Resource Hash

8ce619cc9c0b385123bd70969d4d660ea5a34fcbb0d48e8d2a788e394881ad14

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .typekit.net .google.com .gstatic.com .zdassets.com track.gaconnector.com https://analytics.newscred.com https://fs.welcomesoftware.com; img-src 'self' data: .typekit.net .google.com .googleapis.com .newscred.com; frame-src https://www.google.com; connect-src .zdassets.com .zendesk.com track.gaconnector.com fs.welcomesoftware.com; font-src 'self' https: data:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /scripts/ie-banner.js
pragma: no-cache
cookie: connect.sid=s%3A4k3NYHucJbbKeUdUCbHVVAKwOtvTyJob.Y0nTG7trntsSSRURu1SvDhRtm0pJQn%2Bngudivh4teX0; _csrf=eBfBYMc3vNG7FHBHcWfMMk7N
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: accounts.welcomesoftware.com
referer: https://accounts.welcomesoftware.com/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.welcomesoftware.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Sep 2021 19:34:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 14:17:09 GMT
etag: W/"2cb-17b3ab95288"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-cache,no-store,must-revalidate,private
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.typekit.net *.google.com *.gstatic.com *.zdassets.com track.gaconnector.com https://analytics.newscred.com https://fs.welcomesoftware.com; img-src 'self' data: *.typekit.net *.google.com *.googleapis.com *.newscred.com; frame-src https://www.google.com; connect-src *.zdassets.com *.zendesk.com track.gaconnector.com fs.welcomesoftware.com; font-src 'self' https: data:
strict-transport-security: max-age=15552000; includeSubDomains
accept-ranges: bytes
x-dns-prefetch-control: off
content-length: 715
x-xss-protection: 1; mode=block

GET
H2 200 fullstory.js Show response
accounts.welcomesoftware.com/scripts/ 5 KB
2 KB 103ms
100ms Script
application/javascript 3.213.206.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.welcomesoftware.com/scripts/fullstory.js

Requested by

Host: accounts.welcomesoftware.com
URL: https://accounts.welcomesoftware.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.213.206.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-213-206-188.compute-1.amazonaws.com

Software

Resource Hash

8cd5fa56158aba36c4f0e85e12b8fdf0ac75577e386b9d7b57c82c1b96e352de

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .typekit.net .google.com .gstatic.com .zdassets.com track.gaconnector.com https://analytics.newscred.com https://fs.welcomesoftware.com; img-src 'self' data: .typekit.net .google.com .googleapis.com .newscred.com; frame-src https://www.google.com; connect-src .zdassets.com .zendesk.com track.gaconnector.com fs.welcomesoftware.com; font-src 'self' https: data:
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /scripts/fullstory.js
pragma: no-cache
cookie: connect.sid=s%3A4k3NYHucJbbKeUdUCbHVVAKwOtvTyJob.Y0nTG7trntsSSRURu1SvDhRtm0pJQn%2Bngudivh4teX0; _csrf=eBfBYMc3vNG7FHBHcWfMMk7N; gaconnector2_id=ed6a3612-2087-e103-0d62-406cddff7b2c
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: accounts.welcomesoftware.com
referer: https://accounts.welcomesoftware.com/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.welcomesoftware.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Sep 2021 19:34:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 17 Aug 2021 13:35:22 GMT
etag: W/"135f-17b5452dd90"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-cache,no-store,must-revalidate,private
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.typekit.net *.google.com *.gstatic.com *.zdassets.com track.gaconnector.com https://analytics.newscred.com https://fs.welcomesoftware.com; img-src 'self' data: *.typekit.net *.google.com *.googleapis.com *.newscred.com; frame-src https://www.google.com; connect-src *.zdassets.com *.zendesk.com track.gaconnector.com fs.welcomesoftware.com; font-src 'self' https: data:
strict-transport-security: max-age=15552000; includeSubDomains
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ 342 KB
134 KB 30ms
7ms Script
text/javascript 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f99.1e100.net

Software

sffe /

Resource Hash

b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.welcomesoftware.com/
Origin: https://accounts.welcomesoftware.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 17:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136719
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 18:01:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Fri, 30 Sep 2022 17:56:01 GMT

GET
H2 200 track_pageview Show response
track.gaconnector.com/ 33 B
212 B 305ms
103ms XHR
text/plain 107.23.169.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track.gaconnector.com/track_pageview?gaconnector_id=ed6a3612-2087-e103-0d62-406cddff7b2c&account_id=0d80ef4073fa3d62ff3a109bc0388d05&referer=http%3A%2F%2Fgo.welcomesoftware.com%2F&GA_Client_ID=undefined&page_url=https%3A%2F%2Faccounts.welcomesoftware.com%2Flogin&gclid=&utm_campaign=&utm_term=&utm_content=&utm_source=&utm_medium=
Requested by: Host: track.gaconnector.com
URL: https://track.gaconnector.com/gaconnector.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.169.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-169-149.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 4f4284fce2ac8ec0761d518a829a183b8d967631844d754c3e80fcfcd7bc5b79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.welcomesoftware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 30 Sep 2021 19:34:27 GMT
access-control-request-method: *
server: nginx/1.18.0
access-control-allow-headers: *
content-length: 33
access-control-allow-methods: OPTIONS, GET

GET
H2 200 l
use.typekit.net/af/c9cde8/00000000000000003b9ad1b9/27/ 18 KB
18 KB 38ms
6ms Font
application/font-woff2 2.16.186.59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/c9cde8/00000000000000003b9ad1b9/27/l?subset_id=2&fvd=n4&v=3
Requested by: Host: accounts.welcomesoftware.com
URL: https://accounts.welcomesoftware.com/stylesheets/v2/base.css?v=7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-59.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 22a314e594c21b9ad2d42fe9f2f5218d96d663d4d708ad89b0aa9efb5fac730a

Request headers

Referer: https://accounts.welcomesoftware.com/
Origin: https://accounts.welcomesoftware.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:34:26 GMT
server: nginx
etag: "f9e85be3f0c8dcdcbd6f0a8471a46280ab7bf664"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18496

GET
H2 200 l
use.typekit.net/af/7d485b/00000000000000003b9ad1b1/27/ 19 KB
19 KB 33ms
14ms Font
application/font-woff2 2.16.186.59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/7d485b/00000000000000003b9ad1b1/27/l?subset_id=2&fvd=n7&v=3
Requested by: Host: accounts.welcomesoftware.com
URL: https://accounts.welcomesoftware.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-59.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 20044d1017ca3a097a1e46610acd109bc4d275f281c31b960d045c3d2fbdb2da

Request headers

Referer: https://accounts.welcomesoftware.com/
Origin: https://accounts.welcomesoftware.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:34:26 GMT
server: nginx
etag: "518c5f781d51642b3cf2290d365b9b8257de6e1f"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19052

GET
H2 200 l
use.typekit.net/af/347aea/00000000000000003b9ad1b2/27/ 19 KB
19 KB 34ms
16ms Font
application/font-woff2 2.16.186.59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/347aea/00000000000000003b9ad1b2/27/l?subset_id=2&fvd=i7&v=3
Requested by: Host: accounts.welcomesoftware.com
URL: https://accounts.welcomesoftware.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-59.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 695e7e03e884a1324cade32f94ad1b2225349b8c07ae302e9efa9bfa342b3768

Request headers

Referer: https://accounts.welcomesoftware.com/
Origin: https://accounts.welcomesoftware.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:34:26 GMT
server: nginx
etag: "c85de2b0c8d27e8ecb10964d9c709a0e5397550c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19520

GET
H2 200 l
use.typekit.net/af/04b81b/00000000000000003b9ad1bb/27/ 18 KB
18 KB 27ms
8ms Font
application/font-woff2 2.16.186.59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/04b81b/00000000000000003b9ad1bb/27/l?subset_id=2&fvd=n6&v=3
Requested by: Host: accounts.welcomesoftware.com
URL: https://accounts.welcomesoftware.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-59.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4da8206845b9e15e5d86ce7e661c5c18666ce56c2377131aaec2a612e58804a5

Request headers

Referer: https://accounts.welcomesoftware.com/
Origin: https://accounts.welcomesoftware.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:34:26 GMT
server: nginx
etag: "80987524f2c82c2a36d727971941de8401d3f316"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18688

GET
H2 200 l
use.typekit.net/af/83c55b/00000000000000003b9ad1bc/27/ 19 KB
19 KB 37ms
19ms Font
application/font-woff2 2.16.186.59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/83c55b/00000000000000003b9ad1bc/27/l?subset_id=2&fvd=i6&v=3
Requested by: Host: accounts.welcomesoftware.com
URL: https://accounts.welcomesoftware.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-59.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 837b2097f1673336fb1f255e1d6dfa12c9fac4c65d330fe5184f5516720e8337

Request headers

Referer: https://accounts.welcomesoftware.com/
Origin: https://accounts.welcomesoftware.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:34:26 GMT
server: nginx
etag: "131c73b236b0a451c55436b26d3b7857d5a10680"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19056

GET
H2 200 l
use.typekit.net/af/4ba64f/00000000000000003b9ad1ba/27/ 19 KB
19 KB 26ms
7ms Font
application/font-woff2 2.16.186.59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4ba64f/00000000000000003b9ad1ba/27/l?subset_id=2&fvd=i4&v=3
Requested by: Host: accounts.welcomesoftware.com
URL: https://accounts.welcomesoftware.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-59.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4041f04f35d9b82a27d87141ef0f6b2c8c8f858ed51f4fa0170f266aa003a8fc

Request headers

Referer: https://accounts.welcomesoftware.com/
Origin: https://accounts.welcomesoftware.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:34:26 GMT
server: nginx
etag: "8887aa07a5e31ddeba60d1317cef52532c1e4862"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19188

GET
H2 200 l
use.typekit.net/af/3333ef/00000000000000003b9ad1b5/27/ 18 KB
18 KB 31ms
13ms Font
application/font-woff2 2.16.186.59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3333ef/00000000000000003b9ad1b5/27/l?subset_id=2&fvd=n3&v=3
Requested by: Host: accounts.welcomesoftware.com
URL: https://accounts.welcomesoftware.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-59.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1d8d5156122647b1efe2df3b945e7674621f8f8cc9ee5ea2bbe1f24cc8c1c5c3

Request headers

Referer: https://accounts.welcomesoftware.com/
Origin: https://accounts.welcomesoftware.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:34:26 GMT
server: nginx
etag: "53497a4c5bfe1988b36f82f4d92f806e8f60ed2a"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18460

GET
H2 200 l
use.typekit.net/af/b5c037/00000000000000003b9ad1b6/27/ 19 KB
19 KB 37ms
19ms Font
application/font-woff2 2.16.186.59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/b5c037/00000000000000003b9ad1b6/27/l?subset_id=2&fvd=i3&v=3
Requested by: Host: accounts.welcomesoftware.com
URL: https://accounts.welcomesoftware.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-59.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: eb709eb9020007407b278da23529b5f434dcab330d3a07f749a28f5fb34bfd38

Request headers

Referer: https://accounts.welcomesoftware.com/
Origin: https://accounts.welcomesoftware.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:34:26 GMT
server: nginx
etag: "310ad429a0939667a546dec619105e3becb5f16a"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19048

GET
H2 200 l
use.typekit.net/af/9faf92/00000000000000003b9ad1b7/27/ 18 KB
18 KB 52ms
34ms Font
application/font-woff2 2.16.186.59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/9faf92/00000000000000003b9ad1b7/27/l?subset_id=2&fvd=n5&v=3
Requested by: Host: accounts.welcomesoftware.com
URL: https://accounts.welcomesoftware.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-59.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ba231ecd207ba0974d6d6bc57cc6cb73b7fe3f96456d3e3d52c75ab3b2b238e2

Request headers

Referer: https://accounts.welcomesoftware.com/
Origin: https://accounts.welcomesoftware.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:34:26 GMT
server: nginx
etag: "eff2a0ded0ab2ed959041dc23f00f867069c4d59"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18624

GET
H2 200 l
use.typekit.net/af/cddac3/00000000000000003b9ad1b8/27/ 19 KB
19 KB 41ms
23ms Font
application/font-woff2 2.16.186.59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/cddac3/00000000000000003b9ad1b8/27/l?subset_id=2&fvd=i5&v=3
Requested by: Host: accounts.welcomesoftware.com
URL: https://accounts.welcomesoftware.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-59.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0a899f418e93b41ca7fb6e3a6ad6b89dc26bc952b965142d44809458cc59e94b

Request headers

Referer: https://accounts.welcomesoftware.com/
Origin: https://accounts.welcomesoftware.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:34:26 GMT
server: nginx
etag: "509ce7dd0126da2f3562094cda45b6f4af568183"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19084

GET
H2 200 l
use.typekit.net/af/572e5b/00000000000000000001786f/27/ 30 KB
31 KB 38ms
21ms Font
application/font-woff2 2.16.186.59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/572e5b/00000000000000000001786f/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: accounts.welcomesoftware.com
URL: https://accounts.welcomesoftware.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-59.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2c81d97ee1676c0b34c834c18a1188a01a8c4ece887e32befeeee24644aff668

Request headers

Referer: https://accounts.welcomesoftware.com/
Origin: https://accounts.welcomesoftware.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:34:26 GMT
server: nginx
etag: "3950b34ee81ba1db334ac725706cb91638f22e0e"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 31048

GET
H2 200 l
use.typekit.net/af/a5aede/000000000000000000017873/27/ 30 KB
30 KB 36ms
19ms Font
application/font-woff2 2.16.186.59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/a5aede/000000000000000000017873/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: accounts.welcomesoftware.com
URL: https://accounts.welcomesoftware.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-59.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 70a5d77d9ede70a0cd2f0e26e738b985422bbc066db35714359d606afa29696a

Request headers

Referer: https://accounts.welcomesoftware.com/
Origin: https://accounts.welcomesoftware.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:34:26 GMT
server: nginx
etag: "9398c887e4db95279e82701645848bad1fbe9b9b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30796

GET
H2 200 Hurme-SemiBold.woff2
accounts.welcomesoftware.com/fonts/ 73 KB
73 KB 279ms
279ms Font
font/woff2 3.213.206.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.welcomesoftware.com/fonts/Hurme-SemiBold.woff2

Requested by

Host: accounts.welcomesoftware.com
URL: https://accounts.welcomesoftware.com/stylesheets/v2/base.css?v=7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.213.206.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-213-206-188.compute-1.amazonaws.com

Software

nginx /

Resource Hash

16071b886074be9bd84af82ad4905247c65bb01b2e2889718c361f2109ac816e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

sec-fetch-mode: cors
origin: https://accounts.welcomesoftware.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: connect.sid=s%3A4k3NYHucJbbKeUdUCbHVVAKwOtvTyJob.Y0nTG7trntsSSRURu1SvDhRtm0pJQn%2Bngudivh4teX0; _csrf=eBfBYMc3vNG7FHBHcWfMMk7N; gaconnector2_id=ed6a3612-2087-e103-0d62-406cddff7b2c
:path: /fonts/Hurme-SemiBold.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: accounts.welcomesoftware.com
referer: https://accounts.welcomesoftware.com/stylesheets/v2/base.css?v=7
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://accounts.welcomesoftware.com/stylesheets/v2/base.css?v=7
Origin: https://accounts.welcomesoftware.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:34:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 14:17:08 GMT
server: nginx
etag: "61152d64-122d8"
x-frame-options: DENY
content-type: font/woff2
accept-ranges: bytes
content-length: 74456
x-xss-protection: 1;mode=block

GET
H2 200 593e245b-6c35-4ab9-a404-23934684ddfe Show response
ekr.zdassets.com/compose/ 454 B
1010 B 211ms
181ms XHR
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/593e245b-6c35-4ab9-a404-23934684ddfe

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=593e245b-6c35-4ab9-a404-23934684ddfe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8be47ee99e4396913348f864345541d7279143c2f6ae6d3ef82625632a152be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.welcomesoftware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:34:27 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
status: 200 OK
access-control-allow-methods: GET, POST, OPTIONS
strict-transport-security: max-age=0
x-request-id: b08f28fa-2a8d-419f-8501-7f1af2aeda37
x-runtime: 0.002900
server: cloudflare
etag: W/"8be47ee99e4396913348f864345541d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UojSxcthuG%2Fz9IkcUXso5oMTp30%2FRLF5lspXaK6JXbtZnyGlaPRJ4f8mYA%2B%2B9M9wKc4HtL6yP98TD97MJTEa5ZHVEjq9n8kGl%2B4byOceyUd9qCk2EYigOl7LlHFmFpAg56k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 696fe381d81e693a-FRA

GET
H2 200 p.gif
p.typekit.net/ 35 B
214 B 36ms
7ms Image
image/gif 104.111.215.74
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=zgp5hzh&ht=tk&h=accounts.welcomesoftware.com&f=139.140.173.174.175.176.5474.5475.25136.25137.14032.14034&a=803271&js=1.20.0&app=typekit&e=js&_=1633030466875
Requested by: Host: accounts.welcomesoftware.com
URL: https://accounts.welcomesoftware.com/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-74.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.welcomesoftware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:34:26 GMT
last-modified: Wed, 02 Sep 2020 03:58:21 GMT
server: nginx
etag: "5f4f185d-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 fs.js Show response
fs.welcomesoftware.com/s/ 210 KB
64 KB 437ms
213ms Script
application/javascript 100.26.83.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.welcomesoftware.com/s/fs.js
Requested by: Host: accounts.welcomesoftware.com
URL: https://accounts.welcomesoftware.com/scripts/fullstory.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.26.83.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-26-83-143.compute-1.amazonaws.com
Software: UploadServer /
Resource Hash: 9456718fc26c849fed63242644edd3e100b5eec82089d8eac271efe6614db6c6

Request headers

Referer: https://accounts.welcomesoftware.com/
Origin: https://accounts.welcomesoftware.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:34:27 GMT
content-encoding: gzip
age: 1961
x-guploader-uploadid: ADPycdtvR1TgIBpkGC0sR6I-JLpuo4aEB3UoUOJB8LmK3xVgQb7Y2rMzwmmxYd4sYbXpDe4aB4nT9kov8Qhss9vAC4duZnQ8aA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 64528
last-modified: Thu, 30 Sep 2021 15:15:29 GMT
server: UploadServer
etag: "4292511c0df57722d38e68642d069012"
x-goog-hash: crc32c=Yrzbyw==, md5=QpJRHA31dyLTjmhkLQaQEg==
x-goog-generation: 1633014929798356
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 64528
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 30 Sep 2021 20:01:46 GMT

GET
H2 200 web-widget-preload-c1fb2a0837baf967e156.js Show response
static.zdassets.com/web_widget/latest/ Frame 49BD 88 KB
32 KB 45ms
44ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-preload-c1fb2a0837baf967e156.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=593e245b-6c35-4ab9-a404-23934684ddfe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b1e8bd0d202847c09a70ce522871b575f6790dfba0349e3f04aa39faf102e94

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:34:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49489
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: SRAMJ5R2CBVQ8F2G
x-amz-id-2: RcRsXp73a/uslxF9Bwk7Zn/229NClYF51OoIEWEv6pdOSV64DFZTzPthf4ylK9IZ/8Fez/K5JJQ=
last-modified: Thu, 30 Sep 2021 05:11:26 GMT
server: cloudflare
etag: W/"d82892990df15d7a890f0594d4771d3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HjWwieT1uh6viVqQ4UTQPUO51p9Bci137s5B0AWPiaRNLfyL8ACVc7CT6gFGkzLf02OrgTMF7DBV7tWCEFQ5XV2OowX9PLTJ3o%2FG4puWTvqMDcG1p1FtUwRojnWET3dG6vroXLs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: gViK1WbVgElHedY.WZ495E8f3cVgYdYT
cf-ray: 696fe3831bbdbed8-FRA
expires: Fri, 30 Sep 2022 05:11:25 GMT

GET
H2 200 web-widget-framework-ddfac88d1a8b2b27938d.js Show response
static.zdassets.com/web_widget/latest/ Frame 49BD 184 KB
59 KB 37ms
37ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-ddfac88d1a8b2b27938d.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=593e245b-6c35-4ab9-a404-23934684ddfe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10fb99296af683a86ff74a63eed3e9763e6b56f327b1892587d418b9887482e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:34:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49489
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: SRAX4BGZD45WEXA8
x-amz-id-2: S8fzhBlMfi0jqGhNlA7kwFAHPXIRfM//vjkcQEGW00AzLtK2og0qFmywr1gTMWJcdGfjmRq1T8k=
last-modified: Thu, 30 Sep 2021 05:11:26 GMT
server: cloudflare
etag: W/"abe42628a5ecf7515505094cbfafedcd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3Q%2BAQ%2BuZ%2Bo6JRzB4v1bFx5WMQ6UcajzncKh9lrf3Piw85P%2FJDZ9hEr3ImDxpJQL28%2FAA6Wy2mNWdsrB4tN%2FUlqefkFkZ3GXq5Tgf9U6kBd%2F3JXAaps8hoL77JUPUrNubpqeNxQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: g8xYOIrjfX07TsKiq8.ZaAqMqfThZP7I
cf-ray: 696fe3831bbebed8-FRA
expires: Fri, 30 Sep 2022 05:11:25 GMT

GET
H2 200 config Show response
newscred.zendesk.com/embeddable/ 351 B
1 KB 229ms
202ms XHR
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newscred.zendesk.com/embeddable/config

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=593e245b-6c35-4ab9-a404-23934684ddfe

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffeb463ae5121ba0a1b7b332783e3ea2d1400dbe47b525ac45140cd42ed2c60b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.welcomesoftware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:34:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-zorg: yes
x-zendesk-origin-server: embeddable-app-server-56cf6865cb-w5h7f
access-control-allow-methods: GET
vary: Origin, Accept-Encoding
x-cached: MISS
x-request-id: 696fe383ab072ba1-SEA, 696fe383ab072ba1-SEA
x-runtime: 0.001416
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fkDbgT1FzHtpRDQJT3bmSe4LaOR3%2FRPPdvzXBCfrQPuLZber6kNH6fWMzLf6%2BflwCUu7qrC7swWFyQFI8XLv%2BY7HwTSfIURYjUZOi7kEuc5nDRqmFXWxfVJ7xxbKWF7J1A6RTIoS"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 696fe383ab072ba1-FRA

GET
H2 200 de-de-json-d7ee6cb4b3f57aabe16b.js Show response
static.zdassets.com/web_widget/latest/web-widget-locales/ Frame 49BD 37 KB
8 KB 22ms
21ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-locales/de-de-json-d7ee6cb4b3f57aabe16b.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-c1fb2a0837baf967e156.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eec770ee4b030f00ca9d9eb8bc28d9e7c7e858e3ac315cb92a05ff9f0e6b990a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:34:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 919729
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: C54RYEY0GNGYVB0W
x-amz-id-2: RThDjIV8MVLASR36XpDFYEPBQhHWm7FHdST+ml6bpeGCoY8XABbZLywvvIHMmoMB+YnGjbtNFY8=
last-modified: Mon, 20 Sep 2021 03:46:48 GMT
server: cloudflare
etag: W/"811ba5198de03eb639ced23b0c55e764"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UGxzltir%2BR0pOdxiasOe0mlVjYhssk3I0OU5lsrzEjDVIOkS2lXaB0USqA%2FRvxs6cX0bQCPyeXF%2BSz5t6qhDvKN7y%2F0K9MJnFj6c%2FrxSeoDn7zayGYi2DCEpYsyMVMVGm1Hhm2w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: Ad26HWM94n9oSNA2XO5q9d8tXRaFBL8q
cf-ray: 696fe384fc7cbed8-FRA
expires: Tue, 20 Sep 2022 03:46:47 GMT

GET
H2 200 web-widget-7487-813b8c77d5c0e8d0d00a.js Show response
static.zdassets.com/web_widget/latest/ Frame 49BD 340 KB
103 KB 36ms
36ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-7487-813b8c77d5c0e8d0d00a.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-c1fb2a0837baf967e156.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce84019b653e1ad1664c5a85b1d0263a4e4e9223d5070f3a60c65e363406719a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:34:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1369248
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: QYQM0E70QGHCFB2W
x-amz-id-2: 73YkqsuaQuQouNKAJNmd9CYRpz95lz5ew7jn31aI//rFfG4WhCepV9jPj5+j+trCfNeAKAro5KM=
last-modified: Mon, 13 Sep 2021 23:45:48 GMT
server: cloudflare
etag: W/"b09bbdba067caac0d4cefb3cc1142b84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RaRQlW6EiBoXg%2Fc2YdrMDi09Bfd2eAvgdk4Ut6THNfSC7vIvdEt2LRmNd3CQgZ1TzmbfSJytFooLNADo5BnsPiw8d8nwwBCBYQwS%2BlaWEVMUCcZIgGOaJKOqfjXmS39GA1oMQ94%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: uS5dZl.YNc6jj_t0cS60aE2lFJFk5MUV
cf-ray: 696fe384fc7ebed8-FRA
expires: Tue, 13 Sep 2022 23:45:47 GMT

GET
H2 200 web-widget-2765-b06562d67a25c346a78a.js Show response
static.zdassets.com/web_widget/latest/ Frame 49BD 81 KB
22 KB 44ms
44ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-2765-b06562d67a25c346a78a.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-c1fb2a0837baf967e156.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96d1cd4d430e5cef6f3e30e994df78ab3b937295b5bc69900a3f05e73424fb9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:34:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1369248
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: QYQHM1QNYA499P06
x-amz-id-2: pa0g6ApCgS/+jXCeilPIWv7QwYYuEvV5aW001nS6JgjsCWL+ovvF0P60U1v0o1SoJDD/9i6ALrI=
last-modified: Mon, 13 Sep 2021 23:45:49 GMT
server: cloudflare
etag: W/"0bc1a1b4bd1a31033986b000da94d291"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hYPIF%2F4rh5u0ZRONNAkiYhfpqNG3s86wnmjQo9P7cqiOGBRe9rh%2F4PcYdU88zK9Ese0GJGhOw7smuu0uWLKjgU%2BDVSWHwyYWn0qgbJ%2FqNfoqtz4HmOj8D5lyFvUs3zFUgcalYnE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: A1v2De1d.Np63il34KlS.L5PoKQUdcZa
cf-ray: 696fe384fc7fbed8-FRA
expires: Tue, 13 Sep 2022 23:45:47 GMT

GET
H2 200 web_widget-d60a34daa74114917cb5.js Show response
static.zdassets.com/web_widget/latest/web-widget-lazy/ Frame 49BD 420 KB
90 KB 27ms
27ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-lazy/web_widget-d60a34daa74114917cb5.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-c1fb2a0837baf967e156.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d5c2328b34bf9c0f4aebeaf011485fb5e5912376ea385fda4df8b03f3ced72d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:34:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49488
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: SRAV3EZWVX6JAH1B
x-amz-id-2: sbDiOPvb7rmikdQ5zYJOkbOcu5X/5nE+pfQl5y0DC3WYd/rCxghlose2nF/QCrjnJJp3eV4wNQA=
last-modified: Thu, 30 Sep 2021 05:09:46 GMT
server: cloudflare
etag: W/"94c566b162aa0fc8028d62fbc6392e6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S3iFDeNutyF7dJVwdKxmLhrAzaqPytZ6bIks5HEZrbPzrFwHKbTVWxff%2BaqV2MpyAcsvKDMjF%2Bf9cFIhQUaiIaUTfq8d9xNjxFIsB06llwPbiTYSsCI7s%2F18sed%2FO3TjtMCUeLI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: fM6kWnTVP6ioeevgJVGLledZBb6enJ.V
cf-ray: 696fe384fc80bed8-FRA
expires: Fri, 30 Sep 2022 05:09:45 GMT

GET
H2 200 embeddable_blip Show response
newscred.zendesk.com/ Frame 49BD 0
334 B 182ms
182ms XHR
text/plain 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newscred.zendesk.com/embeddable_blip?type=analytics&data=eyJhbmFseXRpY3MiOnsidmFsdWUiOnsicmF3Q2xpZW50TG9jYWxlIjoiZW4tVVMiLCJyYXdTZXJ2ZXJMb2NhbGUiOiJkZS1ERSIsImNsaWVudExvY2FsZSI6ImVuLXVzIiwic2VydmVyTG9jYWxlIjoiZGUtZGUiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTMuMC40NTc3LjYzIFNhZmFyaS81MzcuMzYiLCJpc01vYmlsZSI6ZmFsc2V9LCJhY3Rpb24iOiJsb2NhbGVNaXNtYXRjaCIsImNhdGVnb3J5IjoibG9jYWxlIn0sImJ1aWQiOiI2YmVkY2YxMmVjYzJmZGUwYjI4ZWI1NTIwMThmYTY2NCIsInN1aWQiOiI5NjQ2ZjA1MzQxZGE4MmVlZjJlNGVlODY5MzlkMThkYSIsInZlcnNpb24iOiI0YWVjMmU4NzciLCJ0aW1lc3RhbXAiOiIyMDIxLTA5LTMwVDE5OjM0OjI3LjQ3OVoiLCJ1cmwiOiJodHRwczovL2FjY291bnRzLndlbGNvbWVzb2Z0d2FyZS5jb20vbG9naW4ifQ%3D%3D

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-ddfac88d1a8b2b27938d.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:34:27 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1fZkUb4903Eh%2FfBN3n%2FkLFYvopKoNRWJ2BkStEdOwhodJqK1yZenU0R3O2zm1QkTAqwN%2Fi%2Fg%2Bt2GWL1rjys5uA0TX799jCL%2Bok9N1DBl82i%2FScdnlcoWEtAPksfKEeKNkr8RWVQ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://accounts.welcomesoftware.com
accept-ranges: bytes
cf-ray: 696fe385dfad2ba1-FRA
vary: Accept-Encoding
content-length: 0
x-request-id: d71c1511611ead43a7a7587ddbd648a1

GET
H2 200 embeddable_blip Show response
newscred.zendesk.com/ Frame 49BD 0
281 B 173ms
173ms XHR
text/plain 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newscred.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InJlZmVycmVyIjoiaHR0cDovL2dvLndlbGNvbWVzb2Z0d2FyZS5jb20vIiwidGltZSI6MCwibG9hZFRpbWUiOjUwLjUsIm5hdmlnYXRvckxhbmd1YWdlIjoiZW4tVVMiLCJwYWdlVGl0bGUiOiJXZWxjb21lIiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkzLjAuNDU3Ny42MyBTYWZhcmkvNTM3LjM2IiwiaXNNb2JpbGUiOmZhbHNlLCJpc1Jlc3BvbnNpdmUiOnRydWUsInZpZXdwb3J0TWV0YSI6IndpZHRoPWRldmljZS13aWR0aCwgaW5pdGlhbC1zY2FsZT0xLjAiLCJoZWxwQ2VudGVyRGVkdXAiOmZhbHNlfSwiYnVpZCI6IjZiZWRjZjEyZWNjMmZkZTBiMjhlYjU1MjAxOGZhNjY0Iiwic3VpZCI6Ijk2NDZmMDUzNDFkYTgyZWVmMmU0ZWU4NjkzOWQxOGRhIiwidmVyc2lvbiI6IjRhZWMyZTg3NyIsInRpbWVzdGFtcCI6IjIwMjEtMDktMzBUMTk6MzQ6MjcuNTExWiIsInVybCI6Imh0dHBzOi8vYWNjb3VudHMud2VsY29tZXNvZnR3YXJlLmNvbS9sb2dpbiJ9

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-ddfac88d1a8b2b27938d.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:34:27 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AurDPYTclao%2BcsgDiNuvBCNyLGCGdW8g5PZ%2FviaxVCFpi5RWMVaNN3YxeVBnjW4AURzT%2BvCGwfpsypUY9xEbbG8DyuMkdaWh1EyzRXD32ajugdKpwiE7OYipxhIDjVPF%2FO3lmnca"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://accounts.welcomesoftware.com
accept-ranges: bytes
cf-ray: 696fe385f8022ba1-FRA
vary: Accept-Encoding
content-length: 0
x-request-id: a9c70e3493d1e839d330c28508e5f252

POST
H2 200 page Show response
fs.welcomesoftware.com/rec/ 2 KB
1 KB 564ms
377ms XHR
application/json 100.26.83.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.welcomesoftware.com/rec/page
Requested by: Host: fs.welcomesoftware.com
URL: https://fs.welcomesoftware.com/s/fs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.26.83.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-26-83-143.compute-1.amazonaws.com
Software: /
Resource Hash: 95963fbfa362d2ffc608a4c7d94d70ce90f030e643b7f81d06159d3a02322728

Request headers

Referer: https://accounts.welcomesoftware.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 30 Sep 2021 19:34:28 GMT
content-encoding: gzip
content-type: application/json; charset=utf-8
access-control-allow-origin: https://accounts.welcomesoftware.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 1018
via: 1.1 google

GET
H2 200 integrations Show response
fs.welcomesoftware.com/rec/ 2 KB
3 KB 145ms
144ms Script
text/javascript 100.26.83.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.welcomesoftware.com/rec/integrations?OrgId=LjU
Requested by: Host: fs.welcomesoftware.com
URL: https://fs.welcomesoftware.com/s/fs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.26.83.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-26-83-143.compute-1.amazonaws.com
Software: /
Resource Hash: 493fb6cb8948ddd721cc234e7ccfbdc2b3883d5cc38e3858dbf67265673e52f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://accounts.welcomesoftware.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:34:28 GMT
via: 1.1 google
alt-svc: clear
content-type: text/javascript; charset=utf-8

GET
H2 200 fs.js Show response
fs.welcomesoftware.com/s/ Frame 15A8 210 KB
64 KB 110ms
109ms Script
application/javascript 100.26.83.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.welcomesoftware.com/s/fs.js
Requested by: Host: fs.welcomesoftware.com
URL: https://fs.welcomesoftware.com/s/fs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.26.83.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-26-83-143.compute-1.amazonaws.com
Software: UploadServer /
Resource Hash: 9456718fc26c849fed63242644edd3e100b5eec82089d8eac271efe6614db6c6

Request headers

Referer
Origin: https://accounts.welcomesoftware.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 19:34:28 GMT
content-encoding: gzip
age: 1962
x-guploader-uploadid: ADPycdtvR1TgIBpkGC0sR6I-JLpuo4aEB3UoUOJB8LmK3xVgQb7Y2rMzwmmxYd4sYbXpDe4aB4nT9kov8Qhss9vAC4duZnQ8aA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 64528
last-modified: Thu, 30 Sep 2021 15:15:29 GMT
server: UploadServer
etag: "4292511c0df57722d38e68642d069012"
x-goog-hash: crc32c=Yrzbyw==, md5=QpJRHA31dyLTjmhkLQaQEg==
x-goog-generation: 1633014929798356
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 64528
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 30 Sep 2021 20:01:46 GMT

POST
H2 200 bundle Show response
fs.welcomesoftware.com/rec/ 29 B
209 B 271ms
271ms XHR
application/json 100.26.83.143
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fs.welcomesoftware.com/rec/bundle?OrgId=LjU&UserId=6383553184964608&SessionId=4952512591208448&PageId=6025153330913280&Seq=1&PageStart=1633030467828&PrevBundleTime=0&LastActivity=585&IsNewSession=true
Requested by: Host: fs.welcomesoftware.com
URL: https://fs.welcomesoftware.com/s/fs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.26.83.143 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-26-83-143.compute-1.amazonaws.com
Software: /
Resource Hash: 682f1959cef50cbbad65e1c9aa6a25c59e1447cbfd569bad1d9cbed02d391762

Request headers

Referer: https://accounts.welcomesoftware.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://accounts.welcomesoftware.com
date: Thu, 30 Sep 2021 19:34:28 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-length: 29
content-type: application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
go.welcomesoftware.com/	1969-12-31 23:59:59	Name: BIGipServersj_mailtracking_http Value: !FRrxPVlm6/97rqglU8cyx3LfarvBcfWfVFDQqq7rE+RmJ3MLeiwjWlVcG2qvuczup3SgeK+Q6hVivcE=
support.welcomesoftware.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: v53dnebl6qthqi4etct4j600v9
accounts.welcomesoftware.com/	1970-01-19 22:20:22	Name: connect.sid Value: s%3A4k3NYHucJbbKeUdUCbHVVAKwOtvTyJob.Y0nTG7trntsSSRURu1SvDhRtm0pJQn%2Bngudivh4teX0
accounts.welcomesoftware.com/	1969-12-31 23:59:59	Name: _csrf Value: eBfBYMc3vNG7FHBHcWfMMk7N
.welcomesoftware.com/	1970-01-20 06:22:46	Name: gaconnector2_id Value: ed6a3612-2087-e103-0d62-406cddff7b2c
.welcomesoftware.com/	1970-01-20 06:22:46	Name: fs_uid Value: fs.welcomesoftware.com#LjU#6383553184964608:4952512591208448/1664566467

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.welcomesoftware.com
ekr.zdassets.com
fs.welcomesoftware.com
go.welcomesoftware.com
newscred.zendesk.com
p.typekit.net
static.zdassets.com
support.newscred.com
support.welcomesoftware.com
track.gaconnector.com
use.typekit.net
www.google.com
www.gstatic.com
100.26.83.143
104.111.215.74
104.16.51.111
104.17.70.206
104.18.70.113
104.18.72.113
107.23.169.149
142.250.185.228
167.172.146.208
172.217.18.99
2.16.186.59
3.213.206.188
056cf1ad4d84c1438bd0efea62a6a10a21acab4f1adae279e87bd401ba83cd99
0a899f418e93b41ca7fb6e3a6ad6b89dc26bc952b965142d44809458cc59e94b
10fb99296af683a86ff74a63eed3e9763e6b56f327b1892587d418b9887482e2
1126d1902bca58795df3b4ba0a4e66bea1e8d5e4df22e98bf665307dc11ddc8a
16071b886074be9bd84af82ad4905247c65bb01b2e2889718c361f2109ac816e
16cc547456ffa0052c3679e6c5ece2e14ad57c92b93562deb7bcb5829b7afcb7
1c9eab627784ec862dd97635d015b259fa3fdc1f58d7fd198ae0a449e6790848
1d8d5156122647b1efe2df3b945e7674621f8f8cc9ee5ea2bbe1f24cc8c1c5c3
20044d1017ca3a097a1e46610acd109bc4d275f281c31b960d045c3d2fbdb2da
22a314e594c21b9ad2d42fe9f2f5218d96d663d4d708ad89b0aa9efb5fac730a
2c81d97ee1676c0b34c834c18a1188a01a8c4ece887e32befeeee24644aff668
4041f04f35d9b82a27d87141ef0f6b2c8c8f858ed51f4fa0170f266aa003a8fc
493fb6cb8948ddd721cc234e7ccfbdc2b3883d5cc38e3858dbf67265673e52f8
4d5c2328b34bf9c0f4aebeaf011485fb5e5912376ea385fda4df8b03f3ced72d
4da8206845b9e15e5d86ce7e661c5c18666ce56c2377131aaec2a612e58804a5
4f4284fce2ac8ec0761d518a829a183b8d967631844d754c3e80fcfcd7bc5b79
59c0de950d057fc702cca0f3656f8ec5c6c6ca532608e6b03dcc084fa3de9289
682f1959cef50cbbad65e1c9aa6a25c59e1447cbfd569bad1d9cbed02d391762
695e7e03e884a1324cade32f94ad1b2225349b8c07ae302e9efa9bfa342b3768
6b1e8bd0d202847c09a70ce522871b575f6790dfba0349e3f04aa39faf102e94
70a5d77d9ede70a0cd2f0e26e738b985422bbc066db35714359d606afa29696a
7fd546b56cfcb250366cb3aee2f64c3d9ddef531b2735037c87433037fa05a05
837b2097f1673336fb1f255e1d6dfa12c9fac4c65d330fe5184f5516720e8337
8be47ee99e4396913348f864345541d7279143c2f6ae6d3ef82625632a152be5
8cd5fa56158aba36c4f0e85e12b8fdf0ac75577e386b9d7b57c82c1b96e352de
8ce619cc9c0b385123bd70969d4d660ea5a34fcbb0d48e8d2a788e394881ad14
9456718fc26c849fed63242644edd3e100b5eec82089d8eac271efe6614db6c6
95963fbfa362d2ffc608a4c7d94d70ce90f030e643b7f81d06159d3a02322728
96d1cd4d430e5cef6f3e30e994df78ab3b937295b5bc69900a3f05e73424fb9e
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9be0b851ac83b40541e6641007a55dcd9841b12a4c7473562a56691e7e411226
a01cda71d89bb570f1ac7f4087d0bb6cb8959ada9639d21c570832467a7aa792
b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0
ba231ecd207ba0974d6d6bc57cc6cb73b7fe3f96456d3e3d52c75ab3b2b238e2
c25eba5b127a3e956ed30bccaa47be3d05072dec2e17cbeb64cbde0b2586ae08
ce84019b653e1ad1664c5a85b1d0263a4e4e9223d5070f3a60c65e363406719a
d1f06f1da342a6ec8cbf6c8e10425e6f87f848419cac9bda1c2b68b990ffc7b6
d963faf57d5a9069db1a0aabcaf6e101060054fb307b85f9285f826f1197197f
dc2be883218611c67722c7039207b0ab66351d15f2aa4cea1686cb48491a5f33
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb709eb9020007407b278da23529b5f434dcab330d3a07f749a28f5fb34bfd38
eec770ee4b030f00ca9d9eb8bc28d9e7c7e858e3ac315cb92a05ff9f0e6b990a
ffeb463ae5121ba0a1b7b332783e3ea2d1400dbe47b525ac45140cd42ed2c60b

accounts.welcomesoftware.com Open in urlscan Pro 3.213.206.188 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

98 %HTTPS

0 %IPv6

8 Domains

13 Subdomains

11 IPs

3 Countries

1122 kBTransfer

2497 kBSize

6 Cookies

2 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

accounts.welcomesoftware.com Open in urlscan Pro
3.213.206.188 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

98 %
HTTPS

0 %
IPv6

8
Domains

13
Subdomains

11
IPs

3
Countries

1122 kB
Transfer

2497 kB
Size

6
Cookies

45 HTTP transactions
0 data transactions