urlscan.io logo urlscan.io
SecurityTrails logo

engage.welcome.us Open in urlscan Pro
52.85.92.61  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sponsoressentials.org/
Effective URL: https://engage.welcome.us/a/sponsorshipessentials
Submission: On December 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 22 HTTP transactions. The main IP is 52.85.92.61, located in United States and belongs to AMAZON-02, US. The main domain is engage.welcome.us.
TLS certificate: Issued by Amazon RSA 2048 M02 on May 18th 2023. Valid for: a year.
This is the only time engage.welcome.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2001:4860:480... 15169 (GOOGLE)
4 52.85.92.61 16509 (AMAZON-02)
4 2600:9000:201... 16509 (AMAZON-02)
1 20.60.58.97 8075 (MICROSOFT...)
1 52.85.92.98 16509 (AMAZON-02)
1 2606:2800:133... 15133 (EDGECAST)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 45.60.33.183 19551 (INCAPSULA)
2 2001:4860:480... 15169 (GOOGLE)
2 52.236.186.216 8075 (MICROSOFT...)
22 11
1    2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)
sponsoressentials.org
4    52.85.92.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-92-61.ham50.r.cloudfront.net
engage.welcome.us
4    2600:9000:2016:7a00:3:1d53:4780:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.everyaction.com
1    20.60.58.97 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
nvlupin.blob.core.windows.net
1    52.85.92.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-92-98.ham50.r.cloudfront.net
js.verygoodvault.com
1    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
1    2606:4700:10::ac43:44f (United States)

ASN13335 (CLOUDFLARENET, US)
assets.welcome.us
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    45.60.33.183 (United States)

ASN19551 (INCAPSULA, US)
profile.ngpvan.com
secure.everyaction.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    52.236.186.216 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Apex Domain
Subdomains		 Transfer
6 everyaction.com
static.everyaction.com — Cisco Umbrella Rank: 77610
secure.everyaction.com — Cisco Umbrella Rank: 52138
270 KB
5 welcome.us
engage.welcome.us
assets.welcome.us
102 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 786
281 B
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
309 B
2 ngpvan.com
profile.ngpvan.com — Cisco Umbrella Rank: 48147
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
135 KB
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 2370
47 KB
1 verygoodvault.com
js.verygoodvault.com — Cisco Umbrella Rank: 23665
44 KB
1 windows.net
nvlupin.blob.core.windows.net — Cisco Umbrella Rank: 53030
1 KB
1 sponsoressentials.org
sponsoressentials.org
244 B
22 10
Domain Requested by
4 static.everyaction.com engage.welcome.us
static.everyaction.com
4 engage.welcome.us engage.welcome.us
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 region1.google-analytics.com www.googletagmanager.com
2 secure.everyaction.com static.everyaction.com
engage.welcome.us
2 profile.ngpvan.com static.everyaction.com
az416426.vo.msecnd.net
2 www.googletagmanager.com engage.welcome.us
www.googletagmanager.com
1 assets.welcome.us nvlupin.blob.core.windows.net
1 az416426.vo.msecnd.net engage.welcome.us
1 js.verygoodvault.com engage.welcome.us
1 nvlupin.blob.core.windows.net engage.welcome.us
1 sponsoressentials.org 1 redirects
22 12

This site contains links to these domains. Also see Links.

Domain
learn.sponsoressentials.org
www.everyaction.com
Subject Issuer Validity Valid
welcomeus-oa.edge.targetedaction.net
Amazon RSA 2048 M02		 2023-05-18 -
2024-06-16		 a year crt.sh
static.everyaction.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-06		 a year crt.sh
*.blob.core.windows.net
Microsoft Azure TLS Issuing CA 05		 2023-11-16 -
2024-06-27		 7 months crt.sh
*.verygoodvault.com
Amazon RSA 2048 M02		 2023-12-19 -
2025-01-16		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2023-05-05 -
2024-04-28		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-06-27 -
2024-06-26		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.ngpvan.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-11-07 -
2024-11-06		 a year crt.sh
*.everyaction.com
RapidSSL TLS ECC CA G1		 2023-03-17 -
2024-04-10		 a year crt.sh
in.applicationinsights.azure.com
Microsoft Azure RSA TLS Issuing CA 03		 2023-09-02 -
2024-08-27		 a year crt.sh

This page contains 1 frames:

Primary Page: https://engage.welcome.us/a/sponsorshipessentials
Frame ID: 4BCEB7C9B87BCBFB5202274E91489D8F
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sponsorship Essentials Trainings Sign Up

Page URL History Show full URLs

  1. http://sponsoressentials.org/ HTTP 302
    https://engage.welcome.us/a/sponsorshipessentials Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource

Page Statistics

22
Requests

100 %
HTTPS

55 %
IPv6

10
Domains

12
Subdomains

11
IPs

3
Countries

601 kB
Transfer

1865 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sponsoressentials.org/ HTTP 302
    https://engage.welcome.us/a/sponsorshipessentials Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sponsorshipessentials
engage.welcome.us/a/
Redirect Chain
  • http://sponsoressentials.org/
  • https://engage.welcome.us/a/sponsorshipessentials
11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://engage.welcome.us/a/sponsorshipessentials
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.92.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-92-61.ham50.r.cloudfront.net
Software
/
Resource Hash
76aca7f972df9afe29c6d5b8684c2ccb1f5078652d716855d52f0276a6f47616
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-expose-headers
Request-Context
cache-control
public, max-age=10
content-encoding
gzip
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
content-type
text/html; charset=utf-8
date
Thu, 28 Dec 2023 00:32:21 GMT
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 5fbb28bff7a0b15518cded51f089f258.cloudfront.net (CloudFront)
x-amz-cf-id
tul2cQKFP7y9Ru17w-_FA_d0ukQiH62ScQIvPJO-ZN4Ki010bKslVg==
x-amz-cf-pop
HAM50-C1
x-cache
Miss from cloudfront
x-cdn
Imperva
x-content-type-options
nosniff
x-iinfo
10-189880663-189868709 2NNN RT(1703723540839 2) q(0 0 0 0) r(1 1)
x-xss-protection
1; mode=block

Redirect headers

Content-Length
246
Content-Type
text/html; charset=UTF-8
Date
Thu, 28 Dec 2023 00:32:20 GMT
Location
https://engage.welcome.us/a/sponsorshipessentials
Server
ghs
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
0
published.css
engage.welcome.us/Content/css/forms/ 		499 B
977 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://engage.welcome.us/Content/css/forms/published.css
Requested by
Host: engage.welcome.us
URL: https://engage.welcome.us/a/sponsorshipessentials
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.92.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-92-61.ham50.r.cloudfront.net
Software
/
Resource Hash
5282adf860a0adb36eaa493d236cf7203c0fd5a2492af96f92dd47ad6848190f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://engage.welcome.us/a/sponsorshipessentials
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 00:32:20 GMT
content-encoding
gzip
via
1.1 5fbb28bff7a0b15518cded51f089f258.cloudfront.net (CloudFront)
last-modified
Tue, 19 Dec 2023 21:44:32 GMT
x-cdn
Imperva
x-amz-cf-pop
HAM50-C1
etag
"060ea8cc432da1:0"
x-cache
Miss from cloudfront
content-type
text/css
x-iinfo
10-184593505-0 0CNN RT(1703723539452 1472) q(0 -1 -1 0) r(0 -1)
content-length
351
x-amz-cf-id
Vtnygcas8DKWqlqLyPSv6joswaLvj5RyvUVKrDi00NMWYGliNCpkpA==
at.js
static.everyaction.com/ea-actiontag/ 		849 KB
238 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.everyaction.com/ea-actiontag/at.js
Requested by
Host: engage.welcome.us
URL: https://engage.welcome.us/a/sponsorshipessentials
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2016:7a00:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1f50f029df562866651e369bf859ec729b73476b81dd0810822a5db99990838

Request headers

Referer
https://engage.welcome.us/
Origin
https://engage.welcome.us
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 15:43:36 GMT
content-encoding
gzip
via
1.1 ee2b06ec36961da809e0377705d74e04.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C2
age
54086
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
243230
last-modified
Tue, 19 Dec 2023 15:35:24 GMT
server
AmazonS3
etag
"c4f797f652bf83bec34405f4b81492e1"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900, s-maxage=86400, public
accept-ranges
bytes
x-amz-cf-id
zjXBjQemdSokxzR9pw_0Vg9fFhL389d2BCUBHZwsM_owXHlq61L-_A==
at.min.css
static.everyaction.com/ea-actiontag/ 		59 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.everyaction.com/ea-actiontag/at.min.css
Requested by
Host: engage.welcome.us
URL: https://engage.welcome.us/a/sponsorshipessentials
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2016:7a00:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c102676be7b94c1aa8dcee518fcd69fd214f21bfb88e4e2bef50f32819d2be77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://engage.welcome.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 23:01:17 GMT
content-encoding
gzip
via
1.1 d148104ad832292f01e6a1dab7079d58.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C2
age
6878
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
11610
last-modified
Tue, 19 Dec 2023 15:35:24 GMT
server
AmazonS3
etag
"f661d7c45f823ceb3b32912bca751286"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900, s-maxage=86400, public
accept-ranges
bytes
x-amz-cf-id
Q991igjcRgMUUpcXD__kUS1xtg0pjfob_qB--BFCBOTHaREEi9OYFQ==
essentials-style.css
nvlupin.blob.core.windows.net/images/van/WELUS/WELUS/1/94925/images/css/ 		469 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nvlupin.blob.core.windows.net/images/van/WELUS/WELUS/1/94925/images/css/essentials-style.css
Requested by
Host: engage.welcome.us
URL: https://engage.welcome.us/a/sponsorshipessentials
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
cd6734c9744eeb21e07eeeb02a7f8413b0e7bb599ef6644229626dd7b745f5d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://engage.welcome.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 28 Dec 2023 00:32:21 GMT
Last-Modified
Tue, 19 Sep 2023 16:25:11 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8DBB92CFF587E72
Content-Type
text/css
Access-Control-Allow-Origin
*
x-ms-request-id
15e60969-d01e-001b-2e25-397952000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
469
vgs-collect.js
js.verygoodvault.com/vgs-collect/2.18.4/ 		134 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.verygoodvault.com/vgs-collect/2.18.4/vgs-collect.js
Requested by
Host: engage.welcome.us
URL: https://engage.welcome.us/a/sponsorshipessentials
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.85.92.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-92-98.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda

Request headers

Referer
https://engage.welcome.us/
Origin
https://engage.welcome.us
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
jfBMjoXBTwBLxrf4sD.h_N_F9QJn5gdY
Content-Encoding
gzip
Via
1.1 5d217f1e3e1cc27be2d78854345b4f24.cloudfront.net (CloudFront)
Date
Thu, 28 Dec 2023 00:32:21 GMT
X-Amz-Cf-Pop
HAM50-C1
Age
41
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 16 Mar 2023 10:29:55 GMT
Server
AmazonS3
ETag
W/"156be461dd96d02fce3792c020f7748a"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=60
X-Amz-Cf-Id
fu1s6rDkFB46dDJBxRbWyP_gf1vkf_4sIXECJ2LFDSJbD61omSNT3g==
_Incapsula_Resource
engage.welcome.us/ 		143 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://engage.welcome.us/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1101460934
Requested by
Host: engage.welcome.us
URL: https://engage.welcome.us/a/sponsorshipessentials
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.92.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-92-61.ham50.r.cloudfront.net
Software
/
Resource Hash
1656c9e9bb9ee8e28b39fb13fd02408b193f0fe0dfdd5d930acd8af9ccc950c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://engage.welcome.us/a/sponsorshipessentials
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 00:32:21 GMT
content-encoding
gzip
via
1.1 5fbb28bff7a0b15518cded51f089f258.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C1
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
20704
x-amz-cf-id
0WvWH3ceqIADutoCseZOw64vNZyEhKUZU4sh9IRcRJXbuOLnVS54NA==
ai.2.min.js
az416426.vo.msecnd.net/scripts/b/ 		120 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by
Host: engage.welcome.us
URL: https://engage.welcome.us/a/sponsorshipessentials
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CFD) /
Resource Hash
6c14d731b13bcdec4325028eb0d8d2cb0190b3b1e65e0fcb52907fe6f55c2707

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://engage.welcome.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 28 Dec 2023 00:32:21 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-07 00:07:47
content-md5
OTYl0s1WUyP5rZ8mTmvbyA==
age
916
x-cache
HIT
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.8.16.min.js
content-length
47958
x-ms-lease-status
unlocked
last-modified
Wed, 20 Sep 2023 16:12:29 GMT
server
ECAcc (frc/4CFD)
x-ms-meta-aijssdkver
2.8.16
etag
0x8DBB9F46341BD96
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
e59c876a-001e-00de-5123-390ef0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
expires
Thu, 28 Dec 2023 01:02:21 GMT
EA_bg_dbfe51c432.jpg
assets.welcome.us/prd/ 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.welcome.us/prd/EA_bg_dbfe51c432.jpg?updated_at=2023-09-19T16:09:31.997Z
Requested by
Host: nvlupin.blob.core.windows.net
URL: https://nvlupin.blob.core.windows.net/images/van/WELUS/WELUS/1/94925/images/css/essentials-style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:44f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e45ac8c32901b69d7b4d0455e1dbf7117f9b283895137eb01155ec002fb6ef29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nvlupin.blob.core.windows.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 00:32:21 GMT
via
1.1 841da31399fe7f7e7065c840a22fae0a.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
x-amz-cf-pop
ZRH55-P1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
76445
last-modified
Tue, 19 Sep 2023 16:09:32 GMT
server
cloudflare
etag
"b56165fede797aea33b9d0c45be8f97a"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
83c5b4a82bcc8fe0-FRA
x-amz-cf-id
Y49e247Toa-7SnCgYny4sohhDrAUJetPTFMGMxYOsoNybo-vGbf-Og==
js
www.googletagmanager.com/gtag/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=%27G-RKEPDQ7P0N%27
Requested by
Host: engage.welcome.us
URL: https://engage.welcome.us/a/sponsorshipessentials
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7edbaf44f57e360b4f07d3f7fe9792269d7ea4356f5bde8be20d26a66b57b08f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://engage.welcome.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 00:32:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44248
x-xss-protection
0
last-modified
Thu, 28 Dec 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 28 Dec 2023 00:32:21 GMT
_Incapsula_Resource
engage.welcome.us/ 		1 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://engage.welcome.us/_Incapsula_Resource?SWKMTFSR=1&e=0.6900867728160514
Requested by
Host: engage.welcome.us
URL: https://engage.welcome.us/a/sponsorshipessentials
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.92.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-92-61.ham50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://engage.welcome.us/a/sponsorshipessentials
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 00:32:21 GMT
via
1.1 5fbb28bff7a0b15518cded51f089f258.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C1
x-cache
Miss from cloudfront
content-type
text/plain
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
x-amz-cf-id
7ncwLA6RiQhNZPwkcqnQquE0rcdByhCmFhDPAZRoPZGLSbds-K8QWw==
extra.min.css
static.everyaction.com/ea-actiontag/ 		78 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.everyaction.com/ea-actiontag/extra.min.css
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2016:7a00:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d9ec2709386fa38334f38356cb5d47019358ce32969b48c68477b89b50abc84a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://engage.welcome.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 15:43:36 GMT
content-encoding
gzip
via
1.1 d148104ad832292f01e6a1dab7079d58.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C2
age
42284
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
14162
last-modified
Tue, 19 Dec 2023 15:35:24 GMT
server
AmazonS3
etag
"d9559e724b002fee4152a16e5246f28d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900, s-maxage=86400, public
accept-ranges
bytes
x-amz-cf-id
D2PZpIGgbZ1v2mOBtvcGFPyWxRUuclwYsQs-3ABd6G4rj6G7hyhhwA==
identity
profile.ngpvan.com/ 		72 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://profile.ngpvan.com/identity?callback=_jqjsp
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
d7a2b63d254d0d38a2e8960dc027721418adcac181b82660ea0b5651e9196273
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://engage.welcome.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 00:32:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Microsoft-IIS/10.0
x-cdn
Imperva
etag
W/"48-TE8oUI1dfX9jKaUW+ofVl9XdZc0"
x-powered-by
Express, ASP.NET
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
p3p
CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
x-iinfo
10-53688418-53688421 NNNN CT(86 187 0) RT(1703723541323 22) q(0 0 3 0) r(4 4) U24
x-incap-sess-cookie-hdr
R9RhZJ3QmBq16LbSwvhpAxXCjGUAAAAANMgYYPeKVjtSs+av9+TeRQ==
content-length
192
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
554C8KkdLUiNYJZD_R0cFA2
secure.everyaction.com/v1/Forms/ 		10 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.everyaction.com/v1/Forms/554C8KkdLUiNYJZD_R0cFA2
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e9a92de911e7100ef214881adf6c4b5152c35625905992670e4885fd27d4ecca
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://engage.welcome.us/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 00:32:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-cdn
Imperva
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-iinfo
10-53688419-53688427 2NNN RT(1703723541336 23) q(0 0 0 0) r(1 1)
content-length
3613
x-xss-protection
1; mode=block
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
vary
Origin,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://engage.welcome.us
access-control-expose-headers
Request-Context
cache-control
public, max-age=10
access-control-allow-credentials
true
x-incap-sess-cookie-hdr
HmTtH/rnYlG56LbSwvhpAxXCjGUAAAAAxqhh7aPdkZ448o3lEHaXCA==
ngpvan-logo-16.png
static.everyaction.com/ea-actiontag/assets/images/ 		617 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.everyaction.com/ea-actiontag/assets/images/ngpvan-logo-16.png
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/extra.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2016:7a00:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2decb492a5b143c935ba3f8b6a9a1dc970335e8981fb5f42b3ee7966735eeb16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.everyaction.com/ea-actiontag/extra.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 21:42:42 GMT
via
1.1 d148104ad832292f01e6a1dab7079d58.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-C2
age
2342980
x-cache
Hit from cloudfront
content-length
617
last-modified
Tue, 07 Dec 2021 15:33:44 GMT
server
AmazonS3
etag
"3d6f9aab1e809b87c195e78264cb01f8"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
x-amz-cf-id
rDyefaISGzmjguSeKIL2axxrmpECKdB3XyAncptXy_QPxjbsBRQefQ==
js
www.googletagmanager.com/gtag/ 		273 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RKEPDQ7P0N&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=%27G-RKEPDQ7P0N%27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
801afb61970432f35b86a4fafae2556dc0c51ba695c23bc940d0f54eef73cbcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://engage.welcome.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 00:32:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93077
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 28 Dec 2023 00:32:21 GMT
collect
region1.google-analytics.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RKEPDQ7P0N&gtm=45je3bt0v886507522&_p=1703723541720&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=192215843.1703723542&ul=en-us&_geo=1&_rdi=1&_s=1&sid=1703723541&sct=1&seg=0&dl=https%3A%2F%2Fengage.welcome.us%2Fa%2Fsponsorshipessentials&dt=Sponsorship%20Essentials%20Trainings%20Sign%20Up&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1171
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RKEPDQ7P0N&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://engage.welcome.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 00:32:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://engage.welcome.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RKEPDQ7P0N&gtm=45je3bt0v886507522&_p=1703723541720&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=192215843.1703723542&ul=en-us&_eu=AEA&_geo=1&_rdi=1&_s=2&sid=1703723541&sct=1&seg=0&dl=https%3A%2F%2Fengage.welcome.us%2Fa%2Fsponsorshipessentials&dt=Sponsorship%20Essentials%20Trainings%20Sign%20Up&en=scroll&epn.percent_scrolled=90&_et=6&tfd=1199
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RKEPDQ7P0N&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://engage.welcome.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Dec 2023 00:32:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://engage.welcome.us
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		784 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/svg+xml
554C8KkdLUiNYJZD_R0cFA2
secure.everyaction.com/v1/Track/ 		0
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.everyaction.com/v1/Track/554C8KkdLUiNYJZD_R0cFA2?formSessionId=6dfebff8-4bc2-45fa-8c3f-b0dd3141b1e2&bName=chrome&dType=desktop&formVersion=11/28/2023%207:19:18%20PM|&fUrl=aHR0cHM6Ly9lbmdhZ2Uud2VsY29tZS51cy9hL3Nwb25zb3JzaGlwZXNzZW50aWFscw%3D%3D&fRef=
Requested by
Host: engage.welcome.us
URL: https://engage.welcome.us/a/sponsorshipessentials
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://engage.welcome.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
-1
pragma
no-cache
date
Thu, 28 Dec 2023 00:32:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn
Imperva
x-frame-options
SAMEORIGIN
x-iinfo
10-53688419-53688438 NNNN CT(86 186 0) RT(1703723541336 184) q(0 0 2 -1) r(3 3) U2
access-control-expose-headers
Request-Context
cache-control
no-cache
x-incap-sess-cookie-hdr
CZErIvbr2CS56LbSwvhpAxXCjGUAAAAAVnhjuiD75fJbkurRpEbH3Q==
content-length
0
x-xss-protection
1; mode=block
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
nvtag
profile.ngpvan.com/v2/data/gg5J1kcjUpeFKkMzHxfr5b3F/ 		2 B
823 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://profile.ngpvan.com/v2/data/gg5J1kcjUpeFKkMzHxfr5b3F/nvtag
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://engage.welcome.us/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 00:32:21 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-cdn
Imperva
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-powered-by
Express, ASP.NET
vary
Origin,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://engage.welcome.us
x-iinfo
10-53688447-53688421 PNNN RT(1703723541759 24) q(0 0 0 -1) r(1 1) U24
access-control-allow-credentials
true
x-incap-sess-cookie-hdr
lfjRQ1eKHj+16LbSwvhpAxXCjGUAAAAAl7weRTy+DsoM1z7jHmLoUA==
content-length
123
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.236.186.216 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://engage.welcome.us
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Thu, 28 Dec 2023 00:32:22 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ 		96 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.236.186.216 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d2be42c5a8a5fb6841b10fb0af34a62a9cf554ff3a6cb42be8f6d5673572da96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://engage.welcome.us/
accept-language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
19D453C3-A5E1-4B08-B756-E668193DBF9D
strict-transport-security
max-age=31536000
date
Thu, 28 Dec 2023 00:32:22 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
96

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| cookieSettingsAcceptCookiesAi string| appInsightsSDK object| appInsights function| handleScriptLoadError boolean| exileHeaderAndFooter object| VgForm object| SecureForm object| VGSCollect function| _ object| CSSModal object| nvtag boolean| didSetTracking function| initiateGA4 function| cookieSettingsAcceptAnalyticsCookies function| cookieSettingsRevokeAnalyticsCookies object| dataLayer function| gtag object| Backbone object| _gaq function| _jqjsp object| user object| nvtag_plugins function| cardFromNumber function| cardFromType function| luhnCheck function| hasTextSelected function| safeVal function| replaceFullWidthChars function| reFormatNumeric function| reFormatCardNumber function| formatCardNumber function| formatBackCardNumber function| reFormatExpiry function| formatExpiry function| formatForwardExpiry function| formatForwardSlashAndSpace function| formatBackExpiry function| reFormatCVC function| restrictNumeric function| restrictCardNumber function| restrictExpiry function| restrictCVC function| setCardType object| Microsoft object| __dynProto$Gbl object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| formview

10 Cookies

Domain/Path Name / Value
engage.welcome.us/ Name: SessionKeyCookie
Value:
engage.welcome.us/ Name: ___utmvc
Value: cZAJCzrGx+//BpsVIvq1vvr0zIv2mh43gYlDxV91oDYzDWkHrBDd4TQWjO179jhjADPqMM1ZsNDI5rXyvig3UZe8X1/ovH41fenf8Vw/Vjbn7v97VUOTGvkVrxyv2YW3VQQe+EQnRNnVsP1AEVSzGSE/imugR5tAtAt1Q3Nh5QpQv1dhIhmDMIpZQ/m/scu5rOtpinVhU9yjWZ1z8yNOj0WKLy1GdqEgooumVeZvArZe5rmJdPto+xCtNcKSskfoDsMQaNhlVEdEdpAM1URtfB5GUfkTG4deiVzMZyDe4lZG0D+IsAamwYw1E5t5UIzAnD+DO1wsiEHxw/oDfVBGkJbM0oJLlIRhyDA3z4+fCxTstVtCRMhXHNXCO1AfbvFQWQkspxRBACp+Z2z2/W3Al79Hc+A30I9Yb0jJ2CBJPePXQsNR1+Fdws99gb6XKteLHqfX/Z275e2oI1pPkLatVP9Lqik5p5yUE1xxBnPyxatcvDlp6bnhjHICYnhkq25xWOsFZdVP1e32mXiE34GC2ds15lPYVxEgLrCDtmbFp7YsolwzKZjmfuUjd+V7M5VEhxo5E3XI3OKtHkWlFv8kcPD8OXL5pVwY4VjxlG/O8tWOevIZtIrQrwy0JiikOx3rJMaDBAH9wircZqHuf4JC9EQoaHJsVGe+WEyDNRvs4f1ZALhtyBCShTSVeEoSYrWJOcnlLtlUXc7Fj3o4m6qv+tCqfb9G8BgMW2A6CagHKzrgz+Tsu7t0J95PV2uduByGMOBLCBLbivfY1OS9uA6EdLzBcFzJdKM0LimS0JRCzSeFinNYoQvRBtA35JXa4D83Vy/WwM5Eojo3SgPRQd00h1AzYCLrof03K66it/iXtsh6olzcwQnR+877RItqo3muBAYQVjGluu6e1h+cPCGWyq3T5qui9BYzIy5rkfNOoW81AiFRhl12SMWkG95KyO54jHrKtU2ByE41r0q4rzqggncrbKPBPveDde/oHy21IEEiOZQKTqngkQEbv3Iw1uC3kUaJ0JU7k9oZsn8uBUUAKiPwkI1wMgcMGV6LiLErPkYMivnCCs6kZhmlbyvHTcjV77LlS9e2gM6VOj65NoSXK8v5jeJ1KsUDQhefXli2prZGiqCeQ8TMWTzp0XQuhbi6GbstSX0p2c0thg4o22Et8DHrtmMGkqTEHAF3096/4u17BDoEbSZk5lK+iiskBYN8BBaUy5FHa7bow4rYAgEyQbtkpqrRcBH3OMadA0P/tPjSdfnSqmt/ANGPqMehnp8ly0o8DWhfWZGGtGSxwnG1krQkiX0jlY5vPD4w2qEFwSZR+U+HnB00tXjQ6hysIg7mkZ6KqV8FxyC7BeOI0PJZEHpV4uMkgnRnnY6Y9ek9K4O27/6od43gjxJ8v7LR08fwN3YDV8tUubmxdsU4ooVw0qDF3nAaJufBNFkMcF0IBloyvGWoi1UM0OSdgfgZuJ5KAqnj4iZilI2gDqxSv4/ihYX/j4K1V7m0llN5pvd0yEYn6ess0BaiZBu48bt4t8joTOn7AaXWisyoc5BGaXQ9w4DjA+CzTOTe3gq/5QkLI4Rw8h7GfTdp69hCKPXCBFoOAWROAKLPH6+LxhiQLDtFSHpPWu83UaqxTZ+JuTygfs+CR7ibYLQJfgzvtE9GsCQvki9wiHeCaI2aXaixCbz1++r+dHMC6F7ocdtpikMF7LXzsF+UHA4cvOPqMdlSQ1FDPopS7kHSEMFjOHuN3TfUDi3OyffWaVNEPVQwiDnoz9aPnnidEBMES1qcQS1wX9FT9F1Mg0Q1mxnjmhq5BAhAgS2yX9XWjPLJ9hMaEljR66ojn6ialUsMLZyYCuT7R6mWBhGguEzi0lS4zCprpyf9sdiE5HUKLCfAKJv+aSg6KZVA9HNZsASuO3HNbxM7U18OmhZYWRWMGMhj7uMJ9jFj9beIb6AV/eEnqfZ4tyP+DKkyn6/owm+tsaIIXzMPb4heEEOyKpXBoE458yEReM/jyCciyuvN2GH3/OLSjXOAwmDjBsBgCIrtwKz7o/FB2qBLZTyYHRoslph86V0vowH/9uRWnm/F2JC6zYt6lvCxvzWvhYB1l4QVOdOF/tEhJMXHs+LnO+SO7F/Kd6uMg/fn1a05LeKHeT9p4aLc1aF65+gz0sDcnFSQdu7Na0ZjrT6NP4Wun9QrJiNOxqs0BpmQ8oHyrvGW7fZ71elkU5dkyn3T60/jUfOv7NSceLPxWsQfCr/RFInjMs+mViwyzGHygXyYhT6tsNQan5RgVAmK+2PBLaqrucxuAJ5h5bmszh7RwLh4hgjRH9Sb1EPrU5y/cncWSY8hDRIXSzpbhltg5eEqXP0RWoXsDB9w6MN8/kO84K0aUz3MTPGiGZpV1itIaTQL0ef+9kwLIqGF2Y+7wz71vU4j9IzxsPB3kSBxx4iT7A2pTnVVf9qSPG23rmXqYwvj9chawUG46i+GD+cDMJAQgIIhm8uo5wn3jbvlBFZeHYQ9lEW6ysdMXSD/vcdn8Gbb5fumepWDtaQZJEpAiw27QYRUjbJNVotnxhXXMuUOn0tcpNLAnL0GB0ST+rMpkQzKqO7mFgsT7F9GtchYrmGLLuEI/cFEwrRjZCtDtOoViwMOnTImgzG6zJ/BgFyMdzJSNMo/KDSXB2S3BixGIGiIrdGnpBmBgEVP2Xb+fNLOZQX4W1g3jZ510cqnD2rRw2IhcuBSL4RTuS97B0a8uGrwHG7p9L/o/9ZcbWGcGit5RUpLSvi0lDuKQ5VgoyRgNu6FPUxLlSBFt93K1liMGMIKvGQlhh25KmgPlQ5eMSX2u0hKLGRpZ2VzdD0scz1OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU4=
engage.welcome.us/ Name: ai_user
Value: aRANdyp36zVkSWj0liCBOf|2023-12-28T00:32:21.821Z
engage.welcome.us/ Name: ai_session
Value: CC1Ce5UVOaL9Z+zI8dAcQZ|1703723541832|1703723541832
.welcome.us/ Name: _ga
Value: GA1.1.192215843.1703723542
.everyaction.com/ Name: visid_incap_823975
Value: 0KHZ2VbwSuqqinRSmwIcYxXCjGUAAAAAQUIPAAAAAABIO1VcramRTvE4Eur1lyCX
.everyaction.com/ Name: incap_ses_246_823975
Value: IvyKPM2fuzi56LbSwvhpAxXCjGUAAAAA5ZMPrKTGQLrsHDTsUSfnPQ==
.everyaction.com/ Name: nlbi_823975
Value: n81DW/fYX0pVmp3yxwoUeQAAAAAf/89ORvaRKRkNXjM1RiMF
.welcome.us/ Name: _ga_RKEPDQ7P0N
Value: GS1.1.1703723541.1.0.1703723541.0.0.0
profile.ngpvan.com/ Name: ngpvanuser
Value: gg5J1kcjUpeFKkMzHxfr5b3F

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.welcome.us
az416426.vo.msecnd.net
dc.services.visualstudio.com
engage.welcome.us
js.verygoodvault.com
nvlupin.blob.core.windows.net
profile.ngpvan.com
region1.google-analytics.com
secure.everyaction.com
sponsoressentials.org
static.everyaction.com
www.googletagmanager.com
20.60.58.97
2001:4860:4802:32::36
2001:4860:4802:36::15
2600:9000:2016:7a00:3:1d53:4780:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700:10::ac43:44f
2a00:1450:4001:80f::2008
45.60.33.183
52.236.186.216
52.85.92.61
52.85.92.98
1656c9e9bb9ee8e28b39fb13fd02408b193f0fe0dfdd5d930acd8af9ccc950c2
2decb492a5b143c935ba3f8b6a9a1dc970335e8981fb5f42b3ee7966735eeb16
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5282adf860a0adb36eaa493d236cf7203c0fd5a2492af96f92dd47ad6848190f
575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda
6c14d731b13bcdec4325028eb0d8d2cb0190b3b1e65e0fcb52907fe6f55c2707
76aca7f972df9afe29c6d5b8684c2ccb1f5078652d716855d52f0276a6f47616
7edbaf44f57e360b4f07d3f7fe9792269d7ea4356f5bde8be20d26a66b57b08f
801afb61970432f35b86a4fafae2556dc0c51ba695c23bc940d0f54eef73cbcd
c102676be7b94c1aa8dcee518fcd69fd214f21bfb88e4e2bef50f32819d2be77
c1f50f029df562866651e369bf859ec729b73476b81dd0810822a5db99990838
cd6734c9744eeb21e07eeeb02a7f8413b0e7bb599ef6644229626dd7b745f5d5
d2be42c5a8a5fb6841b10fb0af34a62a9cf554ff3a6cb42be8f6d5673572da96
d7a2b63d254d0d38a2e8960dc027721418adcac181b82660ea0b5651e9196273
d9ec2709386fa38334f38356cb5d47019358ce32969b48c68477b89b50abc84a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45ac8c32901b69d7b4d0455e1dbf7117f9b283895137eb01155ec002fb6ef29
e9a92de911e7100ef214881adf6c4b5152c35625905992670e4885fd27d4ecca
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc