urlscan.io logo urlscan.io
SecurityTrails logo

help.welnys.com Open in urlscan Pro
204.141.42.74  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://url9612.welnys.com/ls/click?upn=Pej6tfKBIv-2FpAlrSI2iNZDibj0ysEingq6eFp3aW8dTFAKV-2BCX3SnwT9eL8nbTjaDvDPGwm0gmgTCD5...
Effective URL: https://help.welnys.com/portal/en/kb/welnys
Submission: On May 13 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 6 HTTP transactions. The main IP is 204.141.42.74, located in United States and belongs to ZOHO-AS, US. The main domain is help.welnys.com.
TLS certificate: Issued by R3 on May 1st 2021. Valid for: 3 months.
This is the only time help.welnys.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.118.52 11377 (SENDGRID)
1 204.141.42.74 2639 (ZOHO-AS)
4 2600:9000:219... 16509 (AMAZON-02)
1 204.141.42.123 2639 (ZOHO-AS)
6 3
Domain Requested by
4 d17nz991552y2g.cloudfront.net help.welnys.com
1 js.zohostatic.com help.welnys.com
1 help.welnys.com
1 url9612.welnys.com 1 redirects
6 4

This site contains no links.

Subject Issuer Validity Valid
support.whiglobal.com
R3		 2021-05-01 -
2021-07-30		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
*.zohostatic.com
Thawte RSA CA 2018		 2020-05-31 -
2021-05-31		 a year crt.sh

This page contains 1 frames:

Primary Page: https://help.welnys.com/portal/en/kb/welnys
Frame ID: 3DEB1611BFBDB71E2E905A8A829171F3
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://url9612.welnys.com/ls/click?upn=Pej6tfKBIv-2FpAlrSI2iNZDibj0ysEingq6eFp3aW8dTFAKV-2BCX3SnwT9eL8... HTTP 302
    https://help.welnys.com/portal/en/kb/welnys Page URL

Page Statistics

6
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

3
IPs

1
Countries

488 kB
Transfer

2023 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://url9612.welnys.com/ls/click?upn=Pej6tfKBIv-2FpAlrSI2iNZDibj0ysEingq6eFp3aW8dTFAKV-2BCX3SnwT9eL8nbTjaDvDPGwm0gmgTCD5Ps-2FMn4Q-3D-3DK19G_aE073a9sTKk-2B6I-2FiKxZRS1g7NnnzMclxkXUVqzrLtFdkokHDqOuXY3LLB46o-2FD-2F2bcoEoPjEk6mF-2FNkjimI-2FyheljRIQkTJuFEO1EM-2FpDcnpcS0zfVQYga0KaSPFlCVi1VgqGZn2wf-2FFiw4wRx0lKSn1HwoOiliVIxUcfc-2BmLIMnJnzc11biB77V6HsobDb11gYk6G7U9krVigboyOa3n5FjlrEObnW4T94HURLeMS0zoZP5vCZdoW9-2Fs371cA32NeK6WfNC8rdrG6mGudEmsjv0E5l7Dx-2FrkhzE4CgVQWS-2FB6HF21T7A-2FIzmTdDWdF9Cd0-2BElxKBqCMtHP4wIphH52-2BmMFAShAvRuXc1EZnzXUhs8uAER-2FPnF5YGTtGHtClkZSUVycN-2BaLxypm-2BthQpw4zQRqRS7K77B5ZdqpogIk1XxA0hpfBIiMpayLm4lhtX HTTP 302
    https://help.welnys.com/portal/en/kb/welnys Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set welnys
help.welnys.com/portal/en/kb/
Redirect Chain
  • http://url9612.welnys.com/ls/click?upn=Pej6tfKBIv-2FpAlrSI2iNZDibj0ysEingq6eFp3aW8dTFAKV-2BCX3SnwT9eL8nbTjaDvDPGwm0gmgTCD5Ps-2FMn4Q-3D-3DK19G_aE073a9sTKk-2B6I-2FiKxZRS1g7NnnzMclxkXUVqzrLtFdkokHDqOu...
  • https://help.welnys.com/portal/en/kb/welnys
17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://help.welnys.com/portal/en/kb/welnys
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.141.42.74 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
f590ca356e45b96ad2f2dd61adeb2b3bc33950a85e7d14e8012b6549526b82d9
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'strict-dynamic' js.zohostatic.com d17nz991552y2g.cloudfront.net salesiq.zoho.com dtzpfzv31buvf.cloudfront.net cdn.pagesense.io js.zohocdn.com widgets.zohosalesiq.com zohotagmanager.cdn.pagesense.io 'nonce-f2094a6c3708731dcd9a86626b8f2e77' 'unsafe-hashes' 'sha256-uxu43L3ae+5FAGQq28H4PfBwFx02U9nlMRh37t3YyzY=';report-uri https://logsapi.zoho.com/csplog?service=support;
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Host
help.welnys.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
ZGS
Date
Thu, 13 May 2021 20:36:36 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
a64cedc0bf=a4fcc8309fe6440520df1df07d4dcfcc; Path=/ crmcsr=5fcec05e-a74b-4503-9040-7f0fe0c83529;path=/;SameSite=None;Secure;priority=high _zcsr_tmp=5fcec05e-a74b-4503-9040-7f0fe0c83529;path=/;SameSite=Strict;Secure;priority=high JSESSIONID=B4806E0A411ABC3D3AECDE9E9B1F9463; Path=/; Secure
X-Content-Type-Options
nosniff
X-XSS-Protection
1
Pragma
no-cache
Cache-Control
private,no-cache,no-store,max-age=0,must-revalidate
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Security-Policy
script-src 'self' 'strict-dynamic' js.zohostatic.com d17nz991552y2g.cloudfront.net salesiq.zoho.com dtzpfzv31buvf.cloudfront.net cdn.pagesense.io js.zohocdn.com widgets.zohosalesiq.com zohotagmanager.cdn.pagesense.io 'nonce-f2094a6c3708731dcd9a86626b8f2e77' 'unsafe-hashes' 'sha256-uxu43L3ae+5FAGQq28H4PfBwFx02U9nlMRh37t3YyzY=';report-uri https://logsapi.zoho.com/csplog?service=support;
X-Frame-Options
SAMEORIGIN
vary
accept-encoding
Content-Encoding
gzip
Strict-Transport-Security
max-age=63072000

Redirect headers

Server
nginx
Date
Thu, 13 May 2021 20:36:36 GMT
Content-Type
text/html; charset=utf-8
Content-Length
66
Connection
keep-alive
Location
https://help.welnys.com/portal/en/kb/welnys
X-Robots-Tag
noindex, nofollow
react.vendor.js
d17nz991552y2g.cloudfront.net/05_10_2021_11618/js/ 		174 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d17nz991552y2g.cloudfront.net/05_10_2021_11618/js/react.vendor.js
Requested by
Host: help.welnys.com
URL: https://help.welnys.com/portal/en/kb/welnys
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:e00:1f:1ef0:7e00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ZGS /
Resource Hash
c9baf2d1d07f3825a185dfcc4f8130e87324b7bd06d72126da2055edc807c6b5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://help.welnys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 07:50:25 GMT
content-encoding
gzip
age
132372
x-cache
Hit from cloudfront
content-length
51692
access-control-allow-origin
*
last-modified
Tue, 11 May 2021 13:08:33 GMT
server
ZGS
etag
"609a81d1-c9ec"
strict-transport-security
max-age=63072000
content-type
application/javascript
via
1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
ML4wkcrM7LA_kxFvq4Tnr12W6P6Nk1nYiYqatcPh2BzaGqRhdTjW4A==
expires
Thu, 12 May 2022 07:50:25 GMT
vendor.js
d17nz991552y2g.cloudfront.net/05_10_2021_11618/js/ 		358 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d17nz991552y2g.cloudfront.net/05_10_2021_11618/js/vendor.js
Requested by
Host: help.welnys.com
URL: https://help.welnys.com/portal/en/kb/welnys
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:e00:1f:1ef0:7e00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ZGS /
Resource Hash
bb48017edbb77d3c0262be58b1299253ec1db9f642cc2c99368ab1928889917f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://help.welnys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 07:50:25 GMT
content-encoding
gzip
age
132372
x-cache
Hit from cloudfront
content-length
85119
access-control-allow-origin
*
last-modified
Tue, 11 May 2021 13:08:33 GMT
server
ZGS
etag
"609a81d1-14c7f"
strict-transport-security
max-age=63072000
content-type
application/javascript
via
1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
EDiaBhFMpRwNwY5x8iMwkLrlL5bFuczy7PeBXg4l6ml2cpqSK-GR0g==
expires
Thu, 12 May 2022 07:50:25 GMT
main.js
d17nz991552y2g.cloudfront.net/05_10_2021_11618/js/ 		1 MB
320 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d17nz991552y2g.cloudfront.net/05_10_2021_11618/js/main.js
Requested by
Host: help.welnys.com
URL: https://help.welnys.com/portal/en/kb/welnys
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:e00:1f:1ef0:7e00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ZGS /
Resource Hash
a7900c9e6d27b17b2399b391c5ccb0001dd477dfdd451f7f59a03417a9ae4022
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://help.welnys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 07:50:25 GMT
content-encoding
gzip
age
132372
x-cache
Hit from cloudfront
content-length
326813
access-control-allow-origin
*
last-modified
Tue, 11 May 2021 13:08:33 GMT
server
ZGS
etag
"609a81d1-4fc9d"
strict-transport-security
max-age=63072000
content-type
application/javascript
via
1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
CzKsLXt2LXEZ_7xmsQmSLiRmT-nFM7gHsH1A-w0F4vpyvLqDuts4xA==
expires
Thu, 12 May 2022 07:50:25 GMT
en_US.js
d17nz991552y2g.cloudfront.net/05_10_2021_11618/i18n/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d17nz991552y2g.cloudfront.net/05_10_2021_11618/i18n/en_US.js
Requested by
Host: help.welnys.com
URL: https://help.welnys.com/portal/en/kb/welnys
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:e00:1f:1ef0:7e00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ZGS /
Resource Hash
ffb28b785eddcd6c61ebabb3981fa825f6c23a845d431965a141cc67c9a9d480
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://help.welnys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 07:50:25 GMT
content-encoding
gzip
age
132372
x-cache
Hit from cloudfront
content-length
11520
access-control-allow-origin
*
last-modified
Tue, 11 May 2021 13:08:33 GMT
server
ZGS
etag
"609a81d1-2d00"
strict-transport-security
max-age=63072000
content-type
application/javascript
via
1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
Ir-uuEQ1wGVKmaNV-etAp2enBbXBwDE6zdFnaZK9JAcEhgMk-2EqQQ==
expires
Thu, 12 May 2022 07:50:25 GMT
security.min.js
js.zohostatic.com/zohosecurity/v4.4/js/ 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.zohostatic.com/zohosecurity/v4.4/js/security.min.js
Requested by
Host: help.welnys.com
URL: https://help.welnys.com/portal/en/kb/welnys
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.141.42.123 , United States, ASN2639 (ZOHO-AS, US),
Reverse DNS
Software
ZGS /
Resource Hash
971695f2f3ae22dcca57f9653b9efd2095508406dfd8b3ffd481623388085ae2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://help.welnys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 13 May 2021 20:36:37 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Nov 2019 12:35:57 GMT
Server
ZGS
ETag
"5dc16cad-3df5"
Strict-Transport-Security
max-age=63072000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
Content-Length
15861
Expires
Fri, 13 May 2022 20:36:37 GMT

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| PortalInfo function| inIframe boolean| loadingInIframe undefined| parentWindow undefined| portalPortalInfo undefined| parentHelpcenterInfo undefined| parentPortalUrl undefined| helpCenterInfo undefined| hcCustomizationTemp string| deploymentType string| isPortalMarketPlaceEnabled object| cdnDomain object| awsDomain object| themesVersion undefined| setTimeoutFunc undefined| _proto undefined| headerHtmlPromise undefined| footerHtmlPromise object| customizationObj undefined| noop undefined| bind undefined| handle undefined| resolve undefined| reject undefined| finale undefined| Handler undefined| doResolve boolean| isAWSEnabled function| addCDNExpireCookie function| isAWSCDNUrl function| onNotifyError function| isAWSCDNFailed function| getStaticDomain function| makeRequest object| staticDomain function| jsonpHelpCenterTheme2 function| publicPath object| __core-js_shared__ function| getCSRFCookie function| closeGroupPopups function| handleFormURl function| renderApp function| getLogoutURL function| getLoginURL function| getForgetPwdURL function| getInvitationURL function| handleCustomize function| getWidgetsByPage function| toggleResponse function| showHideThreadContent object| i18n function| defineProperty function| addToSet function| addObjsToSet function| removeFromSet undefined| codePointAt undefined| stringFromCharCode undefined| floor undefined| fromCodePoint function| DOMPurify

4 Cookies

Domain/Path Name / Value
help.welnys.com/ Name: _zcsr_tmp
Value: 5fcec05e-a74b-4503-9040-7f0fe0c83529
help.welnys.com/ Name: JSESSIONID
Value: B4806E0A411ABC3D3AECDE9E9B1F9463
help.welnys.com/ Name: crmcsr
Value: 5fcec05e-a74b-4503-9040-7f0fe0c83529
help.welnys.com/ Name: a64cedc0bf
Value: a4fcc8309fe6440520df1df07d4dcfcc

2 Console Messages

Source Level URL
Text
console-api log URL: https://js.zohostatic.com/zohosecurity/v4.4/js/security.min.js(Line 1)
Message:
%cSTOP! color:red;font-size:xx-large;font-weight:bold;
console-api log URL: https://js.zohostatic.com/zohosecurity/v4.4/js/security.min.js(Line 1)
Message:
%cThis is a browser feature intended for developers. Do not enter or paste code which you don't understand. It may allow attackers to steal your information or impersonate you. See https://en.wikipedia.org/wiki/Self-XSS for more details font-size:large;

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' 'strict-dynamic' js.zohostatic.com d17nz991552y2g.cloudfront.net salesiq.zoho.com dtzpfzv31buvf.cloudfront.net cdn.pagesense.io js.zohocdn.com widgets.zohosalesiq.com zohotagmanager.cdn.pagesense.io 'nonce-f2094a6c3708731dcd9a86626b8f2e77' 'unsafe-hashes' 'sha256-uxu43L3ae+5FAGQq28H4PfBwFx02U9nlMRh37t3YyzY=';report-uri https://logsapi.zoho.com/csplog?service=support;
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1