urlscan.io logo urlscan.io
SecurityTrails logo

connect.werally.com Open in urlscan Pro
149.126.77.254  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://connect.werally.com/enter-alpha-prefix?alpha=ZCS
Effective URL: https://connect.werally.com/404
Submission: On November 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 6 countries across 18 domains to perform 71 HTTP transactions. The main IP is 149.126.77.254, located in Frankfurt am Main, Germany and belongs to INCAPSULA, US. The main domain is connect.werally.com. The Cisco Umbrella rank of the primary domain is 48493.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on July 7th 2022. Valid for: a year.
This is the only time connect.werally.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 25 149.126.77.254 19551 (INCAPSULA)
5 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2001:4860:480... 15169 (GOOGLE)
3 2a03:2880:f02... 32934 (FACEBOOK)
1 5 54.73.160.197 16509 (AMAZON-02)
3 2600:9000:205... 16509 (AMAZON-02)
6 104.17.209.240 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 15.236.176.210 16509 (AMAZON-02)
1 1 54.77.60.152 16509 (AMAZON-02)
2 54.76.105.218 16509 (AMAZON-02)
1 34.120.21.7 396982 (GOOGLE-CL...)
1 2600:1f18:24e... 14618 (AMAZON-AES)
2 2600:1f18:24e... 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
2 44.235.153.4 16509 (AMAZON-02)
2 52.138.200.61 8075 (MICROSOFT...)
2 2 142.250.186.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.71.131.137 16509 (AMAZON-02)
1 2600:9000:205... 16509 (AMAZON-02)
1 2606:2800:133... 15133 (EDGECAST)
1 2600:9000:214... 16509 (AMAZON-02)
71 22
25    149.126.77.254 (Frankfurt am Main, Germany)

ASN19551 (INCAPSULA, US)
PTR: 149.126.77.254.ip.incapdns.net
connect.werally.com
accounts.werally.com
5    2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
1    2001:4860:4802:34::15 (United States)

ASN15169 (GOOGLE, US)
content.zeronaught.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    54.73.160.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-160-197.eu-west-1.compute.amazonaws.com
dpm.demdex.net
unitedhealthgroup.demdex.net
3    2600:9000:2057:4e00:8:e7ba:7440:93a1 (United States)

ASN16509 (AMAZON-02, US)
universal.iperceptions.com
6    104.17.209.240 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
siteintercept.qualtrics.com
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
smetrics.optum.com
1    54.77.60.152 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-60-152.eu-west-1.compute.amazonaws.com
cm.everesttech.net
2    54.76.105.218 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-105-218.eu-west-1.compute.amazonaws.com
unitedhealthgroup.tt.omtrdc.net
1    34.120.21.7 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 7.21.120.34.bc.googleusercontent.com
us.gimp.zeronaught.com
1    2600:1f18:24e6:b902:dc17:b01c:c3d9:f3be (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
session-replay.browser-intake-datadoghq.com
2    2600:1f18:24e6:b901:6790:af1:bf99:3f63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rum.browser-intake-datadoghq.com
3    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    44.235.153.4 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-235-153-4.us-west-2.compute.amazonaws.com
api.amplitude.com
2    52.138.200.61 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
api.iperceptions.com
2    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
1    2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    2600:9000:2057:2600:18:ee0c:6e00:93a1 (United States)

ASN16509 (AMAZON-02, US)
sd.iperceptions.com
1    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
art.azureedge.net
1    2600:9000:214f:5600:15:bf9a:3f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
post.iperceptions.com
Apex Domain
Subdomains		 Transfer
25 werally.com
connect.werally.com — Cisco Umbrella Rank: 48493
accounts.werally.com — Cisco Umbrella Rank: 63032
2 MB
7 iperceptions.com
universal.iperceptions.com — Cisco Umbrella Rank: 9341
api.iperceptions.com — Cisco Umbrella Rank: 8881
sd.iperceptions.com — Cisco Umbrella Rank: 9334
post.iperceptions.com — Cisco Umbrella Rank: 26311
24 KB
6 qualtrics.com
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com — Cisco Umbrella Rank: 86191
siteintercept.qualtrics.com — Cisco Umbrella Rank: 981
65 KB
5 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 197
unitedhealthgroup.demdex.net — Cisco Umbrella Rank: 23733
7 KB
5 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 492
142 KB
3 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 203
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
20 KB
3 browser-intake-datadoghq.com
session-replay.browser-intake-datadoghq.com — Cisco Umbrella Rank: 8969
rum.browser-intake-datadoghq.com — Cisco Umbrella Rank: 2902
239 B
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 139
56 KB
2 amplitude.com
api.amplitude.com — Cisco Umbrella Rank: 1379
410 B
2 omtrdc.net
unitedhealthgroup.tt.omtrdc.net — Cisco Umbrella Rank: 21103
931 B
2 optum.com
smetrics.optum.com — Cisco Umbrella Rank: 20819
662 B
2 zeronaught.com
content.zeronaught.com — Cisco Umbrella Rank: 54396
us.gimp.zeronaught.com — Cisco Umbrella Rank: 17178
59 KB
1 azureedge.net
art.azureedge.net — Cisco Umbrella Rank: 59575
2 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 341
265 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1007
517 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
43 KB
0 ib-ibi.com Failed
global.ib-ibi.com Failed
71 18
Domain Requested by
23 connect.werally.com 1 redirects connect.werally.com
5 siteintercept.qualtrics.com zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
connect.werally.com
siteintercept.qualtrics.com
5 assets.adobedtm.com connect.werally.com
assets.adobedtm.com
4 dpm.demdex.net 1 redirects
3 www.google-analytics.com www.googletagmanager.com
connect.werally.com
3 universal.iperceptions.com connect.werally.com
universal.iperceptions.com
3 connect.facebook.net assets.adobedtm.com
connect.facebook.net
2 cm.g.doubleclick.net 2 redirects
2 api.iperceptions.com connect.werally.com
2 api.amplitude.com connect.werally.com
2 rum.browser-intake-datadoghq.com connect.werally.com
2 unitedhealthgroup.tt.omtrdc.net connect.werally.com
assets.adobedtm.com
2 smetrics.optum.com connect.werally.com
2 accounts.werally.com connect.werally.com
accounts.werally.com
1 post.iperceptions.com connect.werally.com
1 art.azureedge.net universal.iperceptions.com
1 sd.iperceptions.com universal.iperceptions.com
1 match.adsrvr.org
1 stats.g.doubleclick.net connect.werally.com
1 session-replay.browser-intake-datadoghq.com connect.werally.com
1 us.gimp.zeronaught.com connect.werally.com
1 cm.everesttech.net 1 redirects
1 unitedhealthgroup.demdex.net assets.adobedtm.com
1 www.googletagmanager.com connect.werally.com
1 zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com connect.werally.com
1 content.zeronaught.com connect.werally.com
0 global.ib-ibi.com Failed
71 27

This site contains links to these domains. Also see Links.

Domain
www.uhc.com
www.rallyhealth.com
myoptum.optum.com
Subject Issuer Validity Valid
*.werally.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-07 -
2023-08-04		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
content.zeronaught.com
GTS CA 1D4		 2022-09-26 -
2022-12-25		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-08-28 -
2022-11-26		 3 months crt.sh
*.iperceptions.com
Amazon		 2022-03-16 -
2023-04-13		 a year crt.sh
*.qualtrics.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-04 -
2023-05-04		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
smetrics.optum.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-20 -
2023-04-20		 a year crt.sh
*.tt.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-01 -
2023-09-01		 a year crt.sh
*.gimp.zeronaught.com
Entrust Certification Authority - L1K		 2022-08-29 -
2023-09-29		 a year crt.sh
*.browser-intake-datadoghq.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-21 -
2023-07-22		 a year crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA		 2022-01-28 -
2023-02-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2022-07-11 -
2023-07-11		 a year crt.sh

This page contains 3 frames:

Primary Page: https://connect.werally.com/404
Frame ID: E895582D14428B920F4581BC075EB92F
Requests: 64 HTTP requests in this frame

Frame: https://universal.iperceptions.com/iFrame.html
Frame ID: 39C21867D182BAD0A051FD5D76E9EA80
Requests: 1 HTTP requests in this frame

Frame: https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0
Frame ID: 8A06337BA079DDB026B68739EC477B9B
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Error 404 Not Found | Find Care

Page URL History Show full URLs

  1. http://connect.werally.com/enter-alpha-prefix?alpha=ZCS HTTP 307
    https://connect.werally.com/enter-alpha-prefix?alpha=ZCS HTTP 301
    http://connect.werally.com/404 HTTP 307
    https://connect.werally.com/404 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource

Page Statistics

71
Requests

90 %
HTTPS

52 %
IPv6

18
Domains

27
Subdomains

22
IPs

6
Countries

2549 kB
Transfer

10465 kB
Size

34
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://connect.werally.com/enter-alpha-prefix?alpha=ZCS HTTP 307
    https://connect.werally.com/enter-alpha-prefix?alpha=ZCS HTTP 301
    http://connect.werally.com/404 HTTP 307
    https://connect.werally.com/404 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1668807222627 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1668807222627
Request Chain 30
  • https://cm.everesttech.net/cm/dd?d_uuid=33560637087803811392476063089114419164 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3f6NwAAAKQn7wN-
Request Chain 53
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MzM1NjA2MzcwODc4MDM4MTEzOTI0NzYwNjMwODkxMTQ0MTkxNjQ= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MzM1NjA2MzcwODc4MDM4MTEzOTI0NzYwNjMwODkxMTQ0MTkxNjQ=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKE3UT_JRDRi4zzn7hF-IzA&google_cver=1?gdpr=0&gdpr_consent=

71 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 404
connect.werally.com/
Redirect Chain
  • http://connect.werally.com/enter-alpha-prefix?alpha=ZCS
  • https://connect.werally.com/enter-alpha-prefix?alpha=ZCS
  • http://connect.werally.com/404
  • https://connect.werally.com/404
23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://connect.werally.com/404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
54efbbbc47402e294b5bb592157b31d62d05cfdc2f624259890d53ed25d0f267
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com *.rally-dev.com *.werally.com *.werally.in myoptum-stage.akamaized.net *.optum.com *.liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://*.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net *.qualtrics.com *.doubleclick.net https://*.qualtrics.com *.liveandworkwell.com *.optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' *.liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com *.doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://*.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com *.liveandworkwell.com *.myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com *.doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net *.iperceptions.com *.zeronaught.com api.mapbox.com events.mapbox.com *.doubleclick.net www.google-analytics.com smetrics.optum.com *.qualtrics.com *.sendbird.com wss://*.sendbird.com unitedhealthgroup.tt.omtrdc.net https://*.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com *.rally-dev.com *.werally.com *.werally.in *.uhc.com *.datadoghq.com *.optum.com *.liveandworkwell.com ; frame-src https://*.werally.in https://*.werally.com https://*.optum.com https://*.uhc.com https://*.myuhc.com https://*.rallyhealth.com https://*.iperceptions.com https://*.doubleclick.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=60
content-encoding
gzip
content-security-policy
base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com *.rally-dev.com *.werally.com *.werally.in myoptum-stage.akamaized.net *.optum.com *.liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://*.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net *.qualtrics.com *.doubleclick.net https://*.qualtrics.com *.liveandworkwell.com *.optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' *.liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com *.doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://*.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com *.liveandworkwell.com *.myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com *.doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net *.iperceptions.com *.zeronaught.com api.mapbox.com events.mapbox.com *.doubleclick.net www.google-analytics.com smetrics.optum.com *.qualtrics.com *.sendbird.com wss://*.sendbird.com unitedhealthgroup.tt.omtrdc.net https://*.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com *.rally-dev.com *.werally.com *.werally.in *.uhc.com *.datadoghq.com *.optum.com *.liveandworkwell.com ; frame-src https://*.werally.in https://*.werally.com https://*.optum.com https://*.uhc.com https://*.myuhc.com https://*.rallyhealth.com https://*.iperceptions.com https://*.doubleclick.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
content-type
text/html
date
Fri, 18 Nov 2022 21:33:41 GMT
etag
W/"63771c33-5994"
last-modified
Fri, 18 Nov 2022 05:46:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-cdn
Imperva
x-frame-options
DENY
x-iinfo
2-11743652-11743656 PNNN RT(1668807219716 427) q(0 0 0 -1) r(1 1) U12
x-xss-protection
1; mode=block

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://connect.werally.com/404
Non-Authoritative-Reason
HSTS
huginn
accounts.werally.com/ 		553 B
736 B 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.werally.com/huginn
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
7c23e33ab27bb75e8037057462389daa2898a811906b10945da1252ccbc27345
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:33:42 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 28 Jun 2022 16:58:32 GMT
x-cdn
Imperva
etag
W/"62bb3338-229"
vary
Accept-Encoding
content-type
application/javascript
x-iinfo
2-11743652-11743736 NNNN CT(98 200 0) RT(1668807219716 655) q(0 4 7 5) r(8 8) U2
cache-control
no-store, max-age=0
rally_common.js
connect.werally.com/scripts/ 		236 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.werally.com/scripts/rally_common.js
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
573850080031c8cd41d1d291fa366fc66872dca35dc49f13e322c2dc343a7703
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 21:33:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
content-type
application/javascript; charset=UTF-8
x-ion-hop
1
x-iinfo
2-11743652-11743697 NNNN CT(85 187 0) RT(1668807219716 626) q(0 0 3 -1) r(4 4) U9
cache-control
no-cache, no-store, must-revalidate
expires
0
launch-39716f3a8c87.min.js
assets.adobedtm.com/512027f42d3c/da94e4cf7aac/ 		414 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/512027f42d3c/da94e4cf7aac/launch-39716f3a8c87.min.js
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/404
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
f7c66e2caf51414e796a2866e1eb813d3fd8afeb7d7bfc1c9fc74691d7b34bd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:33:41 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 13:12:47 GMT
server
AkamaiNetStorage
etag
"57266c19f979b640c22b7816b753159a:1668690767.786183"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://connect.werally.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
111285
expires
Fri, 18 Nov 2022 22:33:41 GMT
main-8c199d47.css
connect.werally.com/static/css/ 		1 KB
562 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://connect.werally.com/static/css/main-8c199d47.css
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
d01fdb1e2075bc1b11988ff556a0b923dcad4ec72c87ad691d658c8491c0a0c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:33:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 18 Nov 2022 05:35:20 GMT
x-cdn
Imperva
etag
W/"63771998-517"
content-type
text/css
x-iinfo
2-11743652-11743695 2VNN RT(1668807219716 623) q(0 0 0 -1) r(0 4) U18
cache-control
max-age=15778463, public
content-length
457
expires
Sat, 20 May 2023 12:28:04 GMT
united-unified-8c199d47.css
connect.werally.com/static/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://connect.werally.com/static/css/united-unified-8c199d47.css
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
b68b3d6e32f8d7a22dc69c9592045ef2300a155fdac0d33d961eda0ec1f0b864
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:33:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 18 Nov 2022 05:35:20 GMT
x-cdn
Imperva
etag
W/"63771998-1909"
content-type
text/css
x-iinfo
2-11743652-11740256 2VNN RT(1668807219716 629) q(0 0 0 -1) r(4 4) U18
cache-control
max-age=15778463, public
content-length
1441
expires
Sat, 20 May 2023 12:28:04 GMT
advantage-unified-8c199d47.css
connect.werally.com/static/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://connect.werally.com/static/css/advantage-unified-8c199d47.css
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
1ac8bb84445241d7e20c40651be10cb0610072fade9ab497e16053d27cbd61db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:33:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 18 Nov 2022 05:35:20 GMT
x-cdn
Imperva
etag
W/"63771998-112b"
content-type
text/css
x-iinfo
2-11743652-11729081 2VNN RT(1668807219716 632) q(0 0 0 -1) r(4 4) U18
cache-control
max-age=15778463, public
content-length
1116
expires
Sat, 20 May 2023 12:28:04 GMT
main-8c199d47.js
connect.werally.com/static/js/ 		8 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.werally.com/static/js/main-8c199d47.js
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
65ba5b7f91194ddaf0daa7a1dee1856b5ae9cd4277e72212f2a4042ccd4df679
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:33:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 18 Nov 2022 05:35:20 GMT
x-cdn
Imperva
etag
"63771998-1d7053"
content-type
application/javascript
x-iinfo
2-11743652-11743701 2VNN RT(1668807219716 634) q(0 0 0 -1) r(0 4) U18
cache-control
max-age=15778463, public
content-length
1929299
expires
Sat, 20 May 2023 12:28:04 GMT
united-unified-8c199d47.js
connect.werally.com/static/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.werally.com/static/js/united-unified-8c199d47.js
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
a2ad3ffa88182e16f57e56c8b82c7bdd4a54c8e1b22ebd400ea9b2d0b761f43d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:33:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 18 Nov 2022 05:35:20 GMT
x-cdn
Imperva
etag
W/"63771998-ced"
content-type
application/javascript
x-iinfo
2-11743652-11740510 2VNN RT(1668807219716 644) q(0 0 0 -1) r(4 4) U18
cache-control
max-age=15778463, public
content-length
1447
expires
Sat, 20 May 2023 12:28:04 GMT
advantage-unified-8c199d47.js
connect.werally.com/static/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.werally.com/static/js/advantage-unified-8c199d47.js
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
21f6bd3164d2176f669f957171289c5027e30d25f0ee8ef1d6a1fe7e208f522c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:33:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 18 Nov 2022 05:35:20 GMT
x-cdn
Imperva
etag
W/"63771998-cee"
content-type
application/javascript
x-iinfo
2-11743652-11743735 2VNN RT(1668807219716 646) q(0 4 4 -1) r(4 8) U18
cache-control
max-age=15778463, public
content-length
1443
expires
Sat, 20 May 2023 12:28:04 GMT
_Incapsula_Resource
connect.werally.com/ 		135 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.werally.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=93520484
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
534d5fbf1bfbf2ec1356047df1a9c32d1c8800ff4b9228051592afbecd0c61c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store
content-encoding
gzip
x-robots-tag
noindex
content-length
19779
content-type
application/javascript
huginn-1.5.0.js
accounts.werally.com/huginn/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.werally.com/huginn/huginn-1.5.0.js
Requested by
Host: accounts.werally.com
URL: https://accounts.werally.com/huginn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
542f7a5b200e46d6c0352605c2f5db958931206f535d4ddf9e724c917437b41e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:33:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Tue, 28 Jun 2022 16:58:32 GMT
x-cdn
Imperva
etag
W/"62bb3338-2d6a"
content-type
application/javascript
x-iinfo
2-11743652-11729081 2VNN RT(1668807219716 1441) q(0 0 0 -1) r(4 4)
cache-control
max-age=1209600, public, must-revalidate
content-length
4249
expires
Fri, 02 Dec 2022 21:33:41 GMT
rally_health.js
content.zeronaught.com/js/ 		107 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.zeronaught.com/js/rally_health.js
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.21.5 /
Resource Hash
3cc71dbee28027aa344d5f5a344266125ad87ceedfe716303072aec89e3d008b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:33:42 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 15 Sep 2021 17:32:21 GMT
server
nginx/1.21.5
etag
W/"61422e25-1acfd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
expires
Fri, 18 Nov 2022 22:33:42 GMT
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/da94e4cf7aac/launch-39716f3a8c87.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a257990e7458c455a246d0d7555f678b16505e738ee5d2641612230d790f941f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 18 Nov 2022 21:33:42 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27815
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
NOj5J6SSu2Itq5i2rkiqRbzcOItoB+vLpf1Ut2L/JjLyRoQQMO8qgNOJKnJycdiCJMQGOlU7qaXECPDm6SrR6g==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1668807222627
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1668807222627
974 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1668807222627
Protocol
HTTP/1.1
Server
54.73.160.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-160-197.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
251e28a7235077ca42ef64d03b63a5d11e5e528888ec214d33cfa7310de32d2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v045-05ee5fd88.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
GuEUCkydQRY=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://connect.werally.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
558
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v045-0ed41892e.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
4dlImaN4R7g=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://connect.werally.com
Location
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1668807222627
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/da94e4cf7aac/launch-39716f3a8c87.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

unused62
8096267
date
Fri, 18 Nov 2022 21:33:42 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 16:35:31 GMT
server
AkamaiNetStorage
etag
"d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://connect.werally.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12163
expires
Fri, 18 Nov 2022 22:33:42 GMT
wrapper.js
universal.iperceptions.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://universal.iperceptions.com/wrapper.js
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4e00:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
962d83de183651c6c15d9dce622d311455a9e6bd8cf09dd1cbf9ec3a3892a1ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Nov 2022 21:29:03 GMT
content-encoding
gzip
via
1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
content-md5
d5YIeO59lrTqhttidyvULA==
age
278
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-ms-lease-status
unlocked
last-modified
Mon, 22 Mar 2021 18:02:49 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ffc9175f-301e-006f-2a94-fb411c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-amz-cf-id
NClosN2TNl16pzkAbihtrftQUAU0eXHDYfUfkQKTr1CxQoom7YxDiA==
_Incapsula_Resource
connect.werally.com/ 		1 B
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://connect.werally.com/_Incapsula_Resource?SWKMTFSR=1&e=0.6553158645760522
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
843b33c5-4273-4613-8cff-e6e3c32047cb
https://connect.werally.com/ 		25 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://connect.werally.com/843b33c5-4273-4613-8cff-e6e3c32047cb
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/404
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
199d7dc9495fef48e492ce703a204f42ebd71a25de801b30542fba451b6dbff6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length
25642
location
connect.werally.com/rest/geolocation/v1/user/guest/ 		206 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.werally.com/rest/geolocation/v1/user/guest/location
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
77627505ed017c20486b472ed2679efa7157fb0690a7ac5cc82e2d24211df448
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Context-Config-PartnerId
uhc
accept-language
de-DE,de;q=0.9
x-datadog-origin
rum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
x-datadog-sampling-priority
1
Accept
application/json, text/plain, */*
Context-Config-ConsumerSource
connect-web
Referer
https://connect.werally.com/404
x-datadog-parent-id
3431094514328889724
x-datadog-trace-id
3584984073864887052
Current-Connect-Session-Type
none

Response headers

x-rally-correlationid
zDwEesaxGSsK57-csedge
date
Fri, 18 Nov 2022 21:33:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
content-encoding
gzip
x-cdn
Imperva
vary
Origin
content-type
application/json
x-iinfo
2-11743652-11743803 NNYN CT(97 198 0) RT(1668807219716 2199) q(0 0 3 -1) r(4 4) U9
cache-control
no-cache
server-timing
geolocation-strict, geolocation-total;dur=6, csedge-streamed, csedge-ttfb;dur=8
x-xss-protection
1; mode=block
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.89
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Nov 2022 21:33:42 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20722
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
M2o8YZsOD8KGwN4AyU/oLeYN8p7ANqVNw9c7joGnYOq2NB9HGMcsacWaGFW0BslMFRs+SjKUwlcMTS29tRnHYQ==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
998810383816698
connect.facebook.net/signals/config/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/998810383816698?v=2.9.89&r=canary
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
47623533c79e22e1adafbe771a7db5712136370feb23854ca1547b0e08d9d23e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 18 Nov 2022 21:33:42 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
TJirniaJmP2EySirySkOAr0wSZ0DRWnH70Vvo/7lrm1PPUVV3rtGbCYp66/GxvxfvrUmHkBYE27nziPaDaeD5Q==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/ 		89 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
/
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
649186141964b4ff67907081d88ee3196c7a1eb3ffecf9cbb03a1c6d0085134a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:33:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
71164
cf-polished
origSize=8487
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"2127-jMRhhF+nosG7c7/loio8v16i62U"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
76c3d37af8be995c-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
iFrame.html
universal.iperceptions.com/ Frame 39C2 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://universal.iperceptions.com/iFrame.html
Requested by
Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4e00:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7d0bae598799d3c42ca5d7d7c8a8b79b67de62afe2e9d3dcee258328e40f39eb

Request headers

Referer
https://connect.werally.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age
10
cache-control
public,max-age=7200
content-encoding
gzip
content-md5
Vmg/mBwwVR6Kl52r4KoGqg==
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 21:33:32 GMT
last-modified
Tue, 28 Jan 2020 16:03:04 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary
Accept-Encoding
via
1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-id
eJ3hqErQwk4VXUm5LTHnCGyjoejuq7fNMjOuYCbHnebtUBYQbu5cyg==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
9fff1c88-701e-0068-4a95-fbb799000000
x-ms-version
2009-09-19
43-8c199d47.chunk.js
connect.werally.com/static/js/chunks/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.werally.com/static/js/chunks/43-8c199d47.chunk.js
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-8c199d47.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
1c46a1dbc1902b4f5d5c4a09ae057d3bb8251926ded5421a55347b5b1603c874
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:33:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 18 Nov 2022 05:35:20 GMT
x-cdn
Imperva
etag
"63771998-259e"
content-type
application/javascript
x-iinfo
2-11743652-11743735 2VNN RT(1668807219716 2759) q(0 0 0 -1) r(1 1) U18
cache-control
max-age=15778463, public
content-length
9630
expires
Sat, 20 May 2023 12:28:06 GMT
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-52357682-5
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-8c199d47.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
61e25a5d1bd40b139d85b367b8383e0cd65e6d2f854dd78993b101e2000c3d6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:33:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43677
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 18 Nov 2022 21:33:43 GMT
uhc
connect.werally.com/rest/partner/v3/content/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.werally.com/rest/partner/v3/content/uhc?policyId=&coverageTypes=medical
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
78b461fb6ad5dbb96dabb65eba7a219123491d0e43becffbe41130b22d65bd2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Context-Config-PartnerId
uhc
Accept-Language
de-DE,de;q=0.9
x-datadog-origin
rum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
x-datadog-sampling-priority
1
Accept
application/json, text/plain, */*
Context-Config-ConsumerSource
connect-web
Referer
https://connect.werally.com/404
X-Rally-Locale
en-US
x-datadog-parent-id
6388561635872861835
x-datadog-trace-id
1246807019898840063
Current-Connect-Session-Type
none

Response headers

x-rally-correlationid
JBSRA5aH8Ccrx3-csedge
date
Fri, 18 Nov 2022 21:33:43 GMT
content-encoding
gzip
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
vary
Accept-Encoding, Accept-Encoding,Origin
content-type
application/json
x-iinfo
2-11743652-11743803 PNNN RT(1668807219716 2774) q(0 0 0 -1) r(1 1) U9
cache-control
no-cache, no-store, must-revalidate
server-timing
partner-strict, partner-total;dur=0, csedge-chunked, csedge-ttfb;dur=5
x-xss-protection
1; mode=block
38-8c199d47.chunk.js
connect.werally.com/static/js/chunks/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.werally.com/static/js/chunks/38-8c199d47.chunk.js
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-8c199d47.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
d67faedb05cefe0cebeff48983741d12c196d67cb4c5c42fad35e73a24768ebe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:33:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 18 Nov 2022 05:35:20 GMT
x-cdn
Imperva
etag
"63771998-1ab2"
content-type
application/javascript
x-iinfo
2-11743652-11743701 2VNN RT(1668807219716 2996) q(0 0 0 -1) r(1 1) U18
cache-control
max-age=15778463, public
content-length
6834
expires
Sat, 20 May 2023 12:28:06 GMT
dest5.html
unitedhealthgroup.demdex.net/ Frame 8A06 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/da94e4cf7aac/launch-39716f3a8c87.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.160.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-160-197.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://connect.werally.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-1-v045-04fb65ba6.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
4ONdbta2SkY=
content-encoding
gzip
date
Fri, 18 Nov 2022 21:33:44 GMT
last-modified
Fri, 28 Oct 2022 11:02:58 GMT
transfer-encoding
chunked
vary
accept-encoding
id
smetrics.optum.com/ 		48 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://smetrics.optum.com/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=8E391C8B533058250A490D4D%40AdobeOrg&mid=24124832272792853063293610021193093173&ts=1668807223731
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a938e1265428e9bcae903e6c51f388329a7162621820fc39dcefe1a1ecc43a68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://connect.werally.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 18 Nov 2022 21:33:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://connect.werally.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=Y3f6NwAAAKQn7wN-
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=33560637087803811392476063089114419164
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3f6NwAAAKQn7wN-
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3f6NwAAAKQn7wN-
Protocol
HTTP/1.1
Server
54.73.160.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-160-197.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v045-0a637d725.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
1Dx07o9VR0g=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y3f6NwAAAKQn7wN-
Date
Fri, 18 Nov 2022 21:33:43 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
delivery
unitedhealthgroup.tt.omtrdc.net/rest/v1/ 		360 B
724 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://unitedhealthgroup.tt.omtrdc.net/rest/v1/delivery?client=unitedhealthgroup&sessionId=09fea32a07c846f4b2a4b89ac19303bc&version=2.8.2
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.105.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-105-218.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7b6c14a85df5b89178cbb8b79a78959d7d0a32a0dc5697a5e5ffd23b66862024

Request headers

Referer
https://connect.werally.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Nov 2022 21:33:43 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://connect.werally.com
access-control-allow-credentials
true
timing-allow-origin
*
x-request-id
95eb096e70426b07aab5398d4c8e5596
rallyhealth
us.gimp.zeronaught.com/__imp_apg__/api/dc/ 		53 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://us.gimp.zeronaught.com/__imp_apg__/api/dc/rallyhealth?key=AIzaSyBSNSqUBneAZSfuYeWzovo86EyOLTgPuZA
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.21.7 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
7.21.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
322ac41e3f05521ba1efe5310257d85ae581e120a8d0feaf9c52ca019101eb27

Request headers

Referer
https://connect.werally.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 18 Nov 2022 21:33:44 GMT
x-envoy-decorator-operation
ingress DeviceCategoryPost3
via
1.1 google
server
envoy
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://connect.werally.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53
replay
session-replay.browser-intake-datadoghq.com/api/v2/ 		53 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://session-replay.browser-intake-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A4.15.0%2Cenv%3Aprod%2Cservice%3Achopshop-ui%2Cversion%3A6.123.3&dd-api-key=pubb9d400b66085801fda89470302d2eeb6&dd-evp-origin-version=4.15.0&dd-evp-origin=browser&dd-request-id=287aa6ab-4b81-4d16-abe4-bf6d51b5a3f9
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b902:dc17:b01c:c3d9:f3be Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
dd6882cbc5b85b9d358c9b594f9aef7d436ea86d37e544954ee1f64622c1be0d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800;
X-Content-Type-Options nosniff

Request headers

Referer
https://connect.werally.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryzZJAbBCxTU5yys8G

Response headers

access-control-allow-origin
*
date
Fri, 18 Nov 2022 21:33:44 GMT
strict-transport-security
max-age=15724800;
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
content-length
53
content-type
application/json
42-8c199d47.chunk.js
connect.werally.com/static/js/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.werally.com/static/js/chunks/42-8c199d47.chunk.js
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-8c199d47.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
e101f7ba9403477179260bbec7d20fcc186419fa37e1aa691ba34047b59372d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:33:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 18 Nov 2022 05:35:20 GMT
x-cdn
Imperva
etag
W/"63771998-107a"
content-type
application/javascript
x-iinfo
2-11743652-11743735 2VNN RT(1668807219716 3420) q(0 0 0 -1) r(4 4) U18
cache-control
max-age=15778463, public
content-length
1700
expires
Sat, 20 May 2023 12:28:07 GMT
62-8c199d47.chunk.js
connect.werally.com/static/js/chunks/ 		423 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.werally.com/static/js/chunks/62-8c199d47.chunk.js
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-8c199d47.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
5a4f10b5d7894d0806eb691fe25659169ae1de7d1a1933b04ba4548d29ef1056
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com *.rally-dev.com *.werally.com *.werally.in myoptum-stage.akamaized.net *.optum.com *.liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://*.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net *.qualtrics.com *.doubleclick.net https://*.qualtrics.com *.liveandworkwell.com *.optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' *.liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com *.doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://*.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com *.liveandworkwell.com *.myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com *.doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net *.iperceptions.com *.zeronaught.com api.mapbox.com events.mapbox.com *.doubleclick.net www.google-analytics.com smetrics.optum.com *.qualtrics.com *.sendbird.com wss://*.sendbird.com unitedhealthgroup.tt.omtrdc.net https://*.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com *.rally-dev.com *.werally.com *.werally.in *.uhc.com *.datadoghq.com *.optum.com *.liveandworkwell.com ; frame-src https://*.werally.in https://*.werally.com https://*.optum.com https://*.uhc.com https://*.myuhc.com https://*.rallyhealth.com https://*.iperceptions.com https://*.doubleclick.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:33:44 GMT
content-security-policy
base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com *.rally-dev.com *.werally.com *.werally.in myoptum-stage.akamaized.net *.optum.com *.liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://*.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net *.qualtrics.com *.doubleclick.net https://*.qualtrics.com *.liveandworkwell.com *.optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' *.liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com *.doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://*.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com *.liveandworkwell.com *.myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com *.doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net *.iperceptions.com *.zeronaught.com api.mapbox.com events.mapbox.com *.doubleclick.net www.google-analytics.com smetrics.optum.com *.qualtrics.com *.sendbird.com wss://*.sendbird.com unitedhealthgroup.tt.omtrdc.net https://*.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com *.rally-dev.com *.werally.com *.werally.in *.uhc.com *.datadoghq.com *.optum.com *.liveandworkwell.com ; frame-src https://*.werally.in https://*.werally.com https://*.optum.com https://*.uhc.com https://*.myuhc.com https://*.rallyhealth.com https://*.iperceptions.com https://*.doubleclick.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 18 Nov 2022 05:35:20 GMT
x-cdn
Imperva
etag
W/"63771998-1a7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
x-iinfo
2-11743652-11740510 2NNN RT(1668807219716 3428) q(0 0 0 -1) r(1 1) U18
cache-control
public, max-age=15778463
x-xss-protection
1; mode=block
logo-e6567e5c.svg
connect.werally.com/static/media/ 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://connect.werally.com/static/media/logo-e6567e5c.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
a232d397087067853daa9a8df775d85b961dc3e9eb91211bb10e4bfb75c3e597
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com *.rally-dev.com *.werally.com *.werally.in myoptum-stage.akamaized.net *.optum.com *.liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://*.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net *.qualtrics.com *.doubleclick.net https://*.qualtrics.com *.liveandworkwell.com *.optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' *.liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com *.doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://*.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com *.liveandworkwell.com *.myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com *.doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net *.iperceptions.com *.zeronaught.com api.mapbox.com events.mapbox.com *.doubleclick.net www.google-analytics.com smetrics.optum.com *.qualtrics.com *.sendbird.com wss://*.sendbird.com unitedhealthgroup.tt.omtrdc.net https://*.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com *.rally-dev.com *.werally.com *.werally.in *.uhc.com *.datadoghq.com *.optum.com *.liveandworkwell.com ; frame-src https://*.werally.in https://*.werally.com https://*.optum.com https://*.uhc.com https://*.myuhc.com https://*.rallyhealth.com https://*.iperceptions.com https://*.doubleclick.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:33:44 GMT
content-security-policy
base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com *.rally-dev.com *.werally.com *.werally.in myoptum-stage.akamaized.net *.optum.com *.liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://*.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net *.qualtrics.com *.doubleclick.net https://*.qualtrics.com *.liveandworkwell.com *.optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' *.liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com *.doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://*.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com *.liveandworkwell.com *.myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com *.doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net *.iperceptions.com *.zeronaught.com api.mapbox.com events.mapbox.com *.doubleclick.net www.google-analytics.com smetrics.optum.com *.qualtrics.com *.sendbird.com wss://*.sendbird.com unitedhealthgroup.tt.omtrdc.net https://*.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com *.rally-dev.com *.werally.com *.werally.in *.uhc.com *.datadoghq.com *.optum.com *.liveandworkwell.com ; frame-src https://*.werally.in https://*.werally.com https://*.optum.com https://*.uhc.com https://*.myuhc.com https://*.rallyhealth.com https://*.iperceptions.com https://*.doubleclick.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 18 Nov 2022 05:35:20 GMT
x-cdn
Imperva
etag
W/"63771998-1ad8"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
x-iinfo
2-11743652-11729081 2NNN RT(1668807219716 3435) q(0 0 0 -1) r(1 1)
cache-control
public, max-age=15778463
x-xss-protection
1; mode=block
rally_footer-b3841f4d.svg
connect.werally.com/static/media/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://connect.werally.com/static/media/rally_footer-b3841f4d.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
940efd0e484c110b53e2118e1bcdcf8760f04df2d8032416dd63a461fc3e950a
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com *.rally-dev.com *.werally.com *.werally.in myoptum-stage.akamaized.net *.optum.com *.liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://*.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net *.qualtrics.com *.doubleclick.net https://*.qualtrics.com *.liveandworkwell.com *.optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' *.liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com *.doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://*.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com *.liveandworkwell.com *.myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com *.doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net *.iperceptions.com *.zeronaught.com api.mapbox.com events.mapbox.com *.doubleclick.net www.google-analytics.com smetrics.optum.com *.qualtrics.com *.sendbird.com wss://*.sendbird.com unitedhealthgroup.tt.omtrdc.net https://*.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com *.rally-dev.com *.werally.com *.werally.in *.uhc.com *.datadoghq.com *.optum.com *.liveandworkwell.com ; frame-src https://*.werally.in https://*.werally.com https://*.optum.com https://*.uhc.com https://*.myuhc.com https://*.rallyhealth.com https://*.iperceptions.com https://*.doubleclick.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:33:44 GMT
content-security-policy
base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com *.rally-dev.com *.werally.com *.werally.in myoptum-stage.akamaized.net *.optum.com *.liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://*.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net *.qualtrics.com *.doubleclick.net https://*.qualtrics.com *.liveandworkwell.com *.optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' *.liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com *.doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://*.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com *.liveandworkwell.com *.myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com *.doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net *.iperceptions.com *.zeronaught.com api.mapbox.com events.mapbox.com *.doubleclick.net www.google-analytics.com smetrics.optum.com *.qualtrics.com *.sendbird.com wss://*.sendbird.com unitedhealthgroup.tt.omtrdc.net https://*.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com *.rally-dev.com *.werally.com *.werally.in *.uhc.com *.datadoghq.com *.optum.com *.liveandworkwell.com ; frame-src https://*.werally.in https://*.werally.com https://*.optum.com https://*.uhc.com https://*.myuhc.com https://*.rallyhealth.com https://*.iperceptions.com https://*.doubleclick.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 18 Nov 2022 05:35:20 GMT
x-cdn
Imperva
etag
W/"63771998-88a"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
x-iinfo
2-11743652-11743902 2NNN RT(1668807219716 3436) q(0 0 0 -1) r(0 1)
cache-control
public, max-age=15778463
x-xss-protection
1; mode=block
rum
rum.browser-intake-datadoghq.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.15.0%2Cenv%3Aprod%2Cservice%3Achopshop-ui%2Cversion%3A6.123.3&dd-api-key=pubb9d400b66085801fda89470302d2eeb6&dd-evp-origin-version=4.15.0&dd-evp-origin=browser&dd-request-id=91c9a364-dd89-4744-a7d8-6426f02e791a&batch_time=1668807224128
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-8c199d47.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:6790:af1:bf99:3f63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://connect.werally.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
11.6d6c5ef8794769da04fd.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/11.6d6c5ef8794769da04fd.chunk.js?Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web&Q_BRANDID=connect.werally.com
Requested by
Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bbd322d5b22764f29e7ff91003f0a7a25af17af76cbee3ff46e95a3d4d80b4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:33:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
313582
cf-polished
origSize=63601
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 07 Nov 2022 19:14:18 GMT
cf-bgj
minify
server
cloudflare
etag
W/"f871-1845383cf10"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
76c3d37eea10995c-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-52357682-5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Nov 2022 21:24:49 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
535
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 18 Nov 2022 23:24:49 GMT
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		33 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0Neqx1dGGrrlV4y&Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ee0aeb565f2402389fe8b98c4a049b8cf96aa835c6de5265d41fe214692fdb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://connect.werally.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 18 Nov 2022 21:33:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://connect.werally.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
permissions-policy
camera=(), geolocation=(), microphone=()
trace-id
60f0a786cf44832a
cf-ray
76c3d37f9b45995c-FRA
timing-allow-origin
*
/
api.amplitude.com/ 		7 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.153.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-153-4.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://connect.werally.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Nov 2022 21:33:44 GMT
strict-transport-security
max-age=15768000
trace-id
Root=1-6377fa38-602cd28421742acd79548a11
content-length
7
access-control-allow-methods
GET, POST
content-type
text/html;charset=utf-8
UHCSerifHeadline-Semibold-1ba3c397.woff
connect.werally.com/static/media/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://connect.werally.com/static/media/UHCSerifHeadline-Semibold-1ba3c397.woff
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/static/css/united-unified-8c199d47.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
56032c4940c60d28fde373f46ffa13481b908a6a3edeecabddad239547755150
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://connect.werally.com/static/css/united-unified-8c199d47.css
Origin
https://connect.werally.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:33:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 18 Nov 2022 05:35:20 GMT
x-cdn
Imperva
etag
"63771998-89c8"
content-type
font/woff
x-iinfo
2-11743652-11743701 2VNN RT(1668807219716 3592) q(0 0 0 -1) r(1 1)
cache-control
max-age=15778463, public
content-length
35272
expires
Sat, 20 May 2023 12:28:07 GMT
broken_link-af1c7ad3.svg
connect.werally.com/static/media/ 		1 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://connect.werally.com/static/media/broken_link-af1c7ad3.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
edb56189a9aed398aa53c428320ff449d170750c51f372c86e8164d10fcebb70
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com *.rally-dev.com *.werally.com *.werally.in myoptum-stage.akamaized.net *.optum.com *.liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://*.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net *.qualtrics.com *.doubleclick.net https://*.qualtrics.com *.liveandworkwell.com *.optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' *.liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com *.doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://*.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com *.liveandworkwell.com *.myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com *.doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net *.iperceptions.com *.zeronaught.com api.mapbox.com events.mapbox.com *.doubleclick.net www.google-analytics.com smetrics.optum.com *.qualtrics.com *.sendbird.com wss://*.sendbird.com unitedhealthgroup.tt.omtrdc.net https://*.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com *.rally-dev.com *.werally.com *.werally.in *.uhc.com *.datadoghq.com *.optum.com *.liveandworkwell.com ; frame-src https://*.werally.in https://*.werally.com https://*.optum.com https://*.uhc.com https://*.myuhc.com https://*.rallyhealth.com https://*.iperceptions.com https://*.doubleclick.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/404
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:33:44 GMT
content-security-policy
base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com *.rally-dev.com *.werally.com *.werally.in myoptum-stage.akamaized.net *.optum.com *.liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://*.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net *.qualtrics.com *.doubleclick.net https://*.qualtrics.com *.liveandworkwell.com *.optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' *.liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com *.doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://*.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com *.liveandworkwell.com *.myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com *.doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net *.iperceptions.com *.zeronaught.com api.mapbox.com events.mapbox.com *.doubleclick.net www.google-analytics.com smetrics.optum.com *.qualtrics.com *.sendbird.com wss://*.sendbird.com unitedhealthgroup.tt.omtrdc.net https://*.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com *.rally-dev.com *.werally.com *.werally.in *.uhc.com *.datadoghq.com *.optum.com *.liveandworkwell.com ; frame-src https://*.werally.in https://*.werally.com https://*.optum.com https://*.uhc.com https://*.myuhc.com https://*.rallyhealth.com https://*.iperceptions.com https://*.doubleclick.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 18 Nov 2022 05:35:20 GMT
x-cdn
Imperva
etag
W/"63771998-5b2"
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/svg+xml
x-iinfo
2-11743652-11743911 NNNN CT(91 182 0) RT(1668807219716 3595) q(0 0 2 -1) r(3 3) U18
cache-control
public, max-age=15778463
x-xss-protection
1; mode=block
events
connect.werally.com/rest/tracking/v1/ 		15 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.werally.com/rest/tracking/v1/events
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
b51d0a1178453d5deda9c42db26ff1bac2d43c5e0e23492fb7397cc260d41610
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Context-Config-PartnerId
uhc
Accept-Language
de-DE,de;q=0.9
x-datadog-origin
rum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
x-datadog-sampling-priority
1
Content-Type
application/json
Accept
application/json, text/plain, */*
Context-Config-ConsumerSource
connect-web
Referer
https://connect.werally.com/404
X-Rally-Locale
en-US
x-datadog-parent-id
8443985738504984528
x-datadog-trace-id
4485939683597433829
Current-Connect-Session-Type
none

Response headers

x-rally-correlationid
DWXniYAHWD45qC-csedge
date
Fri, 18 Nov 2022 21:33:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
content-encoding
gzip
x-cdn
Imperva
vary
Origin
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://connect.werally.com
x-iinfo
2-11743652-11743656 PNYN RT(1668807219716 3620) q(0 0 0 -1) r(1 1) U6
access-control-expose-headers
X-Rally-CorrelationId
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-timing
cstrack-strict, cstrack-total;dur=0, csedge-streamed, csedge-ttfb;dur=3
x-xss-protection
1; mode=block
events
connect.werally.com/rest/tracking/v3/ 		15 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.werally.com/rest/tracking/v3/events
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
b51d0a1178453d5deda9c42db26ff1bac2d43c5e0e23492fb7397cc260d41610
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Context-Config-PartnerId
uhc
Accept-Language
de-DE,de;q=0.9
x-datadog-origin
rum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
x-datadog-sampling-priority
1
Content-Type
application/json
Accept
application/json, text/plain, */*
Context-Config-ConsumerSource
connect-web
Referer
https://connect.werally.com/404
X-Rally-Locale
en-US
x-datadog-parent-id
917206103160477356
x-datadog-trace-id
7476579182207977588
Current-Connect-Session-Type
none

Response headers

x-rally-correlationid
f9qFE2hE5jtofb-csedge
date
Fri, 18 Nov 2022 21:33:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
content-encoding
gzip
x-cdn
Imperva
vary
Origin
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://connect.werally.com
x-iinfo
2-11743652-11743803 PNYN RT(1668807219716 3624) q(0 0 0 -1) r(1 1) U6
access-control-expose-headers
X-Rally-CorrelationId
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-timing
cstrack-strict, cstrack-total;dur=1, csedge-streamed, csedge-ttfb;dur=3
x-xss-protection
1; mode=block
RC209555219fa949e7934e1fc771557c43-source.min.js
assets.adobedtm.com/512027f42d3c/da94e4cf7aac/65c0ae7982a2/ 		404 B
536 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/512027f42d3c/da94e4cf7aac/65c0ae7982a2/RC209555219fa949e7934e1fc771557c43-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/da94e4cf7aac/launch-39716f3a8c87.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
6454532698fdd4467e0eb0a99e5bc3605a4795d25df4b6a1d97062dde62c53d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:33:44 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 13:12:48 GMT
server
AkamaiNetStorage
etag
"d1d872d8fc7f849b66e02d488d2f19d5:1668690768.788787"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://connect.werally.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
267
expires
Fri, 18 Nov 2022 22:33:44 GMT
delivery
unitedhealthgroup.tt.omtrdc.net/rest/v1/ 		0
207 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://unitedhealthgroup.tt.omtrdc.net/rest/v1/delivery?client=unitedhealthgroup&sessionId=09fea32a07c846f4b2a4b89ac19303bc&version=2.8.2
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/da94e4cf7aac/launch-39716f3a8c87.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.105.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-105-218.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://connect.werally.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://connect.werally.com
date
Fri, 18 Nov 2022 21:33:44 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-request-id
8203114a07d6f3f2c70bdb05f62c862f
InviteTriggers
api.iperceptions.com/ 		241 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.iperceptions.com/InviteTriggers
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.138.200.61 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9bb1c0dd5f206ff17fadcc8aa1f0915a040f8f252217adb73a914931dfaf916f

Request headers

Referer
https://connect.werally.com/
accept-language
de-DE,de;q=0.9
SecurityToken
ef6177e6-a195-4fc1-9b32-7636466e19b5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 21:33:44 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
content-length
241
expires
-1
InviteTriggers
api.iperceptions.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.iperceptions.com/InviteTriggers
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.138.200.61 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
securitytoken
Access-Control-Request-Method
GET
Origin
https://connect.werally.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers
securitytoken
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Fri, 18 Nov 2022 21:33:43 GMT
expires
-1
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=830292032&t=pageview&_s=1&dl=https%3A%2F%2Fconnect.werally.com%2F404&ul=en-us&de=UTF-8&dt=Error%20404%20Not%20Found%20%7C%20Find%20Care&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=819873245&gjid=2036755185&cid=1884405955.1668807224&tid=UA-52357682-5&_gid=1629749274.1668807224&_r=1&gtm=2oub90&z=462454058
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://connect.werally.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 21:33:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://connect.werally.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=830292032&t=timing&_s=2&dl=https%3A%2F%2Fconnect.werally.com%2F404&ul=en-us&de=UTF-8&dt=Error%20404%20Not%20Found%20%7C%20Find%20Care&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=SPA%20Minimal%20Load&utv=%2F404&utt=3659&_u=YEBAAUABAAAAACAAI~&jid=&gjid=&cid=1884405955.1668807224&tid=UA-52357682-5&_gid=1629749274.1668807224&gtm=2oub90&z=1349398390
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 02:42:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
67873
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ibs:dpid=771&dpuuid=CAESEKE3UT_JRDRi4zzn7hF-IzA&google_cver=1
dpm.demdex.net/ Frame 8A06
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MzM1NjA2MzcwODc4MDM4MTEzOTI0NzYwNjMwODkxMTQ0MTkxNjQ=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MzM1NjA2MzcwODc4MDM4MTEzOTI0NzYwNjMwODkxMTQ0MTkxNjQ=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKE3UT_JRDRi4zzn7hF-IzA&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKE3UT_JRDRi4zzn7hF-IzA&google_cver=1?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
54.73.160.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-160-197.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://unitedhealthgroup.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v045-0826e4ce6.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
3cxoTphWQRE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 18 Nov 2022 21:33:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKE3UT_JRDRi4zzn7hF-IzA&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-52357682-5&cid=1884405955.1668807224&jid=819873245&gjid=2036755185&_gid=1629749274.1668807224&_u=YEBAAUAAAAAAACAAI~&z=503549359
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://connect.werally.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 18 Nov 2022 21:33:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://connect.werally.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
rum.browser-intake-datadoghq.com/api/v2/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.15.0%2Cenv%3Aprod%2Cservice%3Achopshop-ui%2Cversion%3A6.123.3&dd-api-key=pubb9d400b66085801fda89470302d2eeb6&dd-evp-origin-version=4.15.0&dd-evp-origin=browser&dd-request-id=37dd524c-e2ff-4755-9222-744b68d1a1e3&batch_time=1668807224439
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-8c199d47.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:6790:af1:bf99:3f63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://connect.werally.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
generic
match.adsrvr.org/track/cmf/ Frame 8A06 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=connect.werally.com&ttd_tpi=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://unitedhealthgroup.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 18 Nov 2022 21:33:44 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
CoreModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		102 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/11.6d6c5ef8794769da04fd.chunk.js?Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web&Q_BRANDID=connect.werally.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20ee45b17985faa6172dc3930d47bb56303e3e9f4452e72e2c0feb9d562a081d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:33:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
313582
cf-polished
origSize=105331
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 07 Nov 2022 19:14:18 GMT
cf-bgj
minify
server
cloudflare
etag
W/"19b73-1845383cf10"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
76c3d3813ea0995c-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
IpEngine_v78.0.js
universal.iperceptions.com/core/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://universal.iperceptions.com/core/IpEngine_v78.0.js
Requested by
Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:4e00:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
70dc97a60ab824c4b4f362341733bde439ac6bd7534d2b5b193fbd37d9413ea6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Nov 2022 21:33:42 GMT
content-encoding
gzip
via
1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
content-md5
ofN/a2/Vf6dAsat1lPzqnA==
age
1
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-ms-lease-status
unlocked
last-modified
Mon, 22 Mar 2021 17:01:33 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
168b6853-b01e-0013-4995-fbdc29000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-amz-cf-id
OE2XUhofyqUdzFuxpzYY5P4nNyCz5N5lPVVN247Z5bjcUuMAbLI58Q==
image.sbix
global.ib-ibi.com/ Frame 8A06 		0
0
12426_638043452634887377
sd.iperceptions.com/ius-359cd6b861125d638f6cea04ffb14739/ 		211 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sd.iperceptions.com/ius-359cd6b861125d638f6cea04ffb14739/12426_638043452634887377
Requested by
Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:2600:18:ee0c:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
50a8af5d836c5df5161609c3e404768a64c968aba52a39fddf76e0f0f398ebc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Nov 2022 21:22:42 GMT
content-encoding
gzip
via
1.1 507b5edb20d0e1a0b73c8687f53defa8.cloudfront.net (CloudFront)
content-md5
/IMDkxwCaP0nYGe9ye7qnA==
age
662
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
12945
x-ms-lease-status
unlocked
last-modified
Fri, 18 Nov 2022 05:14:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8DAC923C1B35D1D
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
475fd5a8-201e-004d-3a93-fb036d000000
cache-control
x-ms-blob-cache-control: public, max-age=900
x-ms-version
2009-09-19
accept-ranges
bytes
x-amz-cf-id
dcbGJGznB9mucy-tYEtLwq6n7QgBkC8ZRTygctv8hCjk6M6OwSUVeQ==
4.a5c0de52a5fc4b1cbc4b.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/4.a5c0de52a5fc4b1cbc4b.chunk.js?Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise
Requested by
Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
656b507a55c361579615069ae025d160099bac360642eaba44bd2331f7fad4c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:33:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
313581
cf-polished
origSize=2539
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 07 Nov 2022 19:14:18 GMT
cf-bgj
minify
server
cloudflare
etag
W/"9eb-1845383cf10"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
76c3d381d86c995c-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
1.8ce69394dfc154e65174.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/1.8ce69394dfc154e65174.chunk.js?Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise
Requested by
Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90ca1ec69de35eb28fcd7f3dfe0215a56127cacf6b15b24780bb8b2478578d33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:33:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
313581
cf-polished
origSize=29568
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 07 Nov 2022 19:14:18 GMT
cf-bgj
minify
server
cloudflare
etag
W/"7380-1845383cf10"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
76c3d381d86e995c-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
RC45d36e81525548b9b0663a6859fd6b8b-source.min.js
assets.adobedtm.com/512027f42d3c/da94e4cf7aac/65c0ae7982a2/ 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/512027f42d3c/da94e4cf7aac/65c0ae7982a2/RC45d36e81525548b9b0663a6859fd6b8b-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/da94e4cf7aac/launch-39716f3a8c87.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
da6d1a790fb8fd9aa08c21ece755cb88c894db32298c1c9478126f0f853bf941

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:33:44 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 13:12:48 GMT
server
AkamaiNetStorage
etag
"d1d872d8fc7f849b66e02d488d2f19d5:1668690768.788787"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://connect.werally.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
19701
expires
Fri, 18 Nov 2022 22:33:44 GMT
RCca2d41537f1a40e295ec3e02d089b0d0-source.min.js
assets.adobedtm.com/512027f42d3c/da94e4cf7aac/65c0ae7982a2/ 		349 B
490 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/512027f42d3c/da94e4cf7aac/65c0ae7982a2/RCca2d41537f1a40e295ec3e02d089b0d0-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/da94e4cf7aac/launch-39716f3a8c87.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
38f10f89d633e95c9add76a03817d3e6fa1bbf2eb21c9e3b2ff3fa3fb2d670cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:33:44 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 13:12:48 GMT
server
AkamaiNetStorage
etag
"d1d872d8fc7f849b66e02d488d2f19d5:1668690768.788787"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://connect.werally.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
222
expires
Fri, 18 Nov 2022 22:33:44 GMT
harvest_12426.js
art.azureedge.net/harvest/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://art.azureedge.net/harvest/harvest_12426.js
Requested by
Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBE) /
Resource Hash
6e0b58d9b7952c332d9c9ce2a2c54447f3858e09f66d5e542414b24aabb9f77d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 18 Nov 2022 21:33:44 GMT
content-encoding
gzip
last-modified
Tue, 21 Jan 2020 17:36:10 GMT
server
ECAcc (frc/4CBE)
age
165664
etag
0x8D79E98674A1069
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
x-ms-request-id
0708c671-901e-0036-7013-fa988a000000
x-ms-version
2009-09-19
content-length
2019
ip.gif
post.iperceptions.com/ 		32 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://post.iperceptions.com/ip.gif?sid=0bcc0a2d-f0d9-5652-b59d-602e07ef8721&vid=b0ccc3d9-e21a-d8e1-5bfb-babd26bb0f33&tkid=ef6177e6-a195-4fc1-9b32-7636466e19b5&url=https%3A%2F%2Fconnect.werally.com%2F404&title=Error%20404%20Not%20Found%20%7C%20Find%20Care
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:5600:15:bf9a:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 21:33:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="IDC DSP COR ADMa DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cross-origin-resource-policy
cross-origin
content-length
32
last-modified
Mon, 06 Nov 2017 18:05:13 GMT
server
Apache
etag
"576fcca2957d31:0"
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
OyCX0VI7PzQ-vTH-R9M3XGOabKWoytIgm_NJ2LQ_V20RXeEQYGBKyQ==
s98569424200643
smetrics.optum.com/b/ss/uhgmyuhcprod/1/JS-2.22.4-LCXS/ 		43 B
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smetrics.optum.com/b/ss/uhgmyuhcprod/1/JS-2.22.4-LCXS/s98569424200643?AQB=1&ndh=1&pf=1&t=18%2F10%2F2022%2021%3A33%3A44%205%200&mid=24124832272792853063293610021193093173&aamlh=6&ce=UTF-8&pageName=uhc%3Awerally%3Aguest%3A404%20not%20found&g=https%3A%2F%2Fconnect.werally.com%2F404&cc=USD&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=https%3A%2F%2Fconnect.werally.com%2F404&v1=uhc&v2=werally&c3=guest&v3=https%3A%2F%2Fconnect.werally.com%2F404&c12=connect.werally.com&c13=%2F404&c14=true&v19=false&c21=vcp%3Af&v23=not%20loggedin&c25=D%3DpageName&v25=D%3DpageName&v31=guided%20search&v72=D%3Dmid&v106=1600%20x%201200&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=8E391C8B533058250A490D4D%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://connect.werally.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 21:33:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Sat, 19 Nov 2022 21:33:44 GMT
server
jag
etag
3583736226459287552-4619842462061767968
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 17 Nov 2022 21:33:44 GMT
/
api.amplitude.com/ 		7 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Requested by
Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.153.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-153-4.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://connect.werally.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Nov 2022 21:33:44 GMT
strict-transport-security
max-age=15768000
trace-id
Root=1-6377fa38-4c0b85bd5bb8a14f0216cb79
content-length
7
access-control-allow-methods
GET, POST
content-type
text/html;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
global.ib-ibi.com
URL
https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=33560637087803811392476063089114419164

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| qualtricsScript string| fpcTheme string| baseUrl object| FEATURE_FLAGS object| CONFIG_DOMAINS object| CONFIG_EXPERIMENTS object| CONFIG_GOOGLE_ANALYTICS object| CONFIG_AMPLITUDE_ANALYTICS object| CONFIG_MAPBOX string| mapBoxKey string| MAPBOX_KEY object| webpackJsonp function| setImmediate function| clearImmediate object| angular object| regeneratorRuntime function| _ function| sprintf function| vsprintf object| core object| DD_LOGS object| DD_RUM object| _satellite boolean| __satelliteLoaded function| fbq function| _fbq object| adobe function| Visitor object| s_c_il number| s_c_in object| adobeDataLayer function| targetPageParams object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| __target_telemetry string| iperceptionskey undefined| scrollTop undefined| scrollLeft object| huginn object| iPerceptions function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s number| ‮zhMslTds‭ object| dataLayer function| gtag object| amplitude number| ng339 object| [object Storage] object| userProperties object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.81.0 object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| pageDataLayer object| gaplugins object| gaGlobal object| gaData undefined| iperceptionscorrelationid object| _qsie object| ipDef function| initharvest boolean| result number| j object| trigger number| rate string| ResultsType object| SEAC object| s_i_uhgmyuhcprod

34 Cookies

Domain/Path Name / Value
connect.werally.com/ Name: visid_incap_676033
Value: DZJ1U34QRf6rvU2RinJ5wzP6d2MAAAAAQUIPAAAAAACGnVNTllZZgkyE0BGlqoih
connect.werally.com/ Name: incap_ses_471_676033
Value: QuSTCJ6aBmCluBNm0FSJBjT6d2MAAAAAELCb9Ca9YQ8VBvrlPp77iw==
.werally.com/ Name: xGFajjParSn
Value: A4hhqYyEAQAAgot1681TS1mbelBCIR2P5pW3aMSXA4SZXul5xYdvWQWOVktFAVQTr7eucmW8wH8AAEB3AAAAAA|1|0|8ffc814d528a78d65caf668288348d33bace8079
accounts.werally.com/ Name: visid_incap_676022
Value: LKxBDAwWRdSZiAHHPo+4ZDT6d2MAAAAAQUIPAAAAAAApWxUhPg4dApNkMO4TNU24
accounts.werally.com/ Name: incap_ses_471_676022
Value: ry2tDXkOrg+QuRNm0FSJBjX6d2MAAAAAwXQLtIT+fqak5fmQIwNZMw==
.werally.com/ Name: at_check
Value: true
.demdex.net/ Name: demdex
Value: 33560637087803811392476063089114419164
connect.werally.com/ Name: language
Value: en
.werally.com/ Name: PS_Locale
Value: en-US
.werally.com/ Name: x_rally_locale
Value: en-US
.werally.com/ Name: AMCVS_8E391C8B533058250A490D4D%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y3f6NwAAAKQn7wN-
.werally.com/ Name: mbox
Value: session#09fea32a07c846f4b2a4b89ac19303bc#1668809085|PC#09fea32a07c846f4b2a4b89ac19303bc.37_0#1732052025
.werally.com/ Name: xGFajjParSn_dc
Value: %7B%22error%22%3A%20%22Customer%20rallyhealth%20not%20found%20in%20config%22%7D
.dpm.demdex.net/ Name: dpm
Value: 33560637087803811392476063089114419164
connect.werally.com/ Name: ipe_s
Value: 0bcc0a2d-f0d9-5652-b59d-602e07ef8721
.werally.com/ Name: _ga
Value: GA1.2.1884405955.1668807224
.werally.com/ Name: _gid
Value: GA1.2.1629749274.1668807224
.werally.com/ Name: _gat_gtag_UA_52357682_5
Value: 1
.werally.com/ Name: AMCV_8E391C8B533058250A490D4D%40AdobeOrg
Value: 1176715910%7CMCIDTS%7C19315%7CMCMID%7C24124832272792853063293610021193093173%7CMCAAMLH-1669412023%7C6%7CMCAAMB-1669412023%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1668814424s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19322%7CvVersion%7C5.4.0
.doubleclick.net/ Name: IDE
Value: AHWqTUlFfLeyR4wNoNdW38QvLXr5kR2LE1dOISPz0yxaYYHtUbV-D6ypH8dJraFSeOY
.demdex.net/ Name: dextp
Value: 771-1-1668807224344|903-1-1668807224453|285689-1-1668807224557
connect.werally.com/ Name: IPE_LandingTime
Value: 1668807224683
connect.werally.com/ Name: ipe.12426.pageViewedCount
Value: 1
connect.werally.com/ Name: ipe.12426.pageViewedDay
Value: 322
connect.werally.com/ Name: ipe_12426_fov
Value: %7B%22numberOfVisits%22%3A1%2C%22sessionId%22%3A%220bcc0a2d-f0d9-5652-b59d-602e07ef8721%22%2C%22expiry%22%3A%222022-12-18T21%3A33%3A44.685Z%22%2C%22lastVisit%22%3A%222022-11-18T21%3A33%3A44.694Z%22%7D
connect.werally.com/ Name: ipe_v
Value: b0ccc3d9-e21a-d8e1-5bfb-babd26bb0f33
.werally.com/ Name: s_plt
Value: 2.78
.werally.com/ Name: s_pltp
Value: uhc%3Awerally%3Aguest%3A404%20not%20found
.werally.com/ Name: s_ips
Value: 1200
.werally.com/ Name: s_tp
Value: 1207
.werally.com/ Name: s_ppv
Value: uhc%253Awerally%253Aguest%253A404%2520not%2520found%2C99%2C99%2C1200%2C1%2C1
.werally.com/ Name: s_cc
Value: true
connect.werally.com/ Name: _dd_s
Value: logs=1&id=79db7642-3b83-490e-9b0e-a975e6bf5e10&created=1668807222836&expire=1668808122840&rum=1

5 Console Messages

Source Level URL
Text
rendering warning URL: https://connect.werally.com/scripts/rally_common.js
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering warning URL: https://connect.werally.com/scripts/rally_common.js
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
network error URL: https://connect.werally.com/rest/tracking/v1/events
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://connect.werally.com/rest/tracking/v3/events
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=33560637087803811392476063089114419164
Message:
Failed to load resource: net::ERR_CONNECTION_RESET

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com *.rally-dev.com *.werally.com *.werally.in myoptum-stage.akamaized.net *.optum.com *.liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://*.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net *.qualtrics.com *.doubleclick.net https://*.qualtrics.com *.liveandworkwell.com *.optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' *.liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com *.doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://*.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com *.liveandworkwell.com *.myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com *.doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net *.iperceptions.com *.zeronaught.com api.mapbox.com events.mapbox.com *.doubleclick.net www.google-analytics.com smetrics.optum.com *.qualtrics.com *.sendbird.com wss://*.sendbird.com unitedhealthgroup.tt.omtrdc.net https://*.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com *.rally-dev.com *.werally.com *.werally.in *.uhc.com *.datadoghq.com *.optum.com *.liveandworkwell.com ; frame-src https://*.werally.in https://*.werally.com https://*.optum.com https://*.uhc.com https://*.myuhc.com https://*.rallyhealth.com https://*.iperceptions.com https://*.doubleclick.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.werally.com
api.amplitude.com
api.iperceptions.com
art.azureedge.net
assets.adobedtm.com
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
connect.werally.com
content.zeronaught.com
dpm.demdex.net
global.ib-ibi.com
match.adsrvr.org
post.iperceptions.com
rum.browser-intake-datadoghq.com
sd.iperceptions.com
session-replay.browser-intake-datadoghq.com
siteintercept.qualtrics.com
smetrics.optum.com
stats.g.doubleclick.net
unitedhealthgroup.demdex.net
unitedhealthgroup.tt.omtrdc.net
universal.iperceptions.com
us.gimp.zeronaught.com
www.google-analytics.com
www.googletagmanager.com
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
global.ib-ibi.com
104.17.209.240
142.250.186.66
149.126.77.254
15.236.176.210
2001:4860:4802:34::15
2600:1f18:24e6:b901:6790:af1:bf99:3f63
2600:1f18:24e6:b902:dc17:b01c:c3d9:f3be
2600:9000:2057:2600:18:ee0c:6e00:93a1
2600:9000:2057:4e00:8:e7ba:7440:93a1
2600:9000:214f:5600:15:bf9a:3f00:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2a00:1450:4001:800::200e
2a00:1450:4001:82a::2008
2a00:1450:400c:c0c::9b
2a02:26f0:3500:591::1e80
2a03:2880:f02d:12:face:b00c:0:3
34.120.21.7
35.71.131.137
44.235.153.4
52.138.200.61
54.73.160.197
54.76.105.218
54.77.60.152
199d7dc9495fef48e492ce703a204f42ebd71a25de801b30542fba451b6dbff6
1ac8bb84445241d7e20c40651be10cb0610072fade9ab497e16053d27cbd61db
1c46a1dbc1902b4f5d5c4a09ae057d3bb8251926ded5421a55347b5b1603c874
20ee45b17985faa6172dc3930d47bb56303e3e9f4452e72e2c0feb9d562a081d
21f6bd3164d2176f669f957171289c5027e30d25f0ee8ef1d6a1fe7e208f522c
251e28a7235077ca42ef64d03b63a5d11e5e528888ec214d33cfa7310de32d2e
322ac41e3f05521ba1efe5310257d85ae581e120a8d0feaf9c52ca019101eb27
38f10f89d633e95c9add76a03817d3e6fa1bbf2eb21c9e3b2ff3fa3fb2d670cd
3cc71dbee28027aa344d5f5a344266125ad87ceedfe716303072aec89e3d008b
47623533c79e22e1adafbe771a7db5712136370feb23854ca1547b0e08d9d23e
50a8af5d836c5df5161609c3e404768a64c968aba52a39fddf76e0f0f398ebc8
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
534d5fbf1bfbf2ec1356047df1a9c32d1c8800ff4b9228051592afbecd0c61c4
542f7a5b200e46d6c0352605c2f5db958931206f535d4ddf9e724c917437b41e
54efbbbc47402e294b5bb592157b31d62d05cfdc2f624259890d53ed25d0f267
56032c4940c60d28fde373f46ffa13481b908a6a3edeecabddad239547755150
573850080031c8cd41d1d291fa366fc66872dca35dc49f13e322c2dc343a7703
5a4f10b5d7894d0806eb691fe25659169ae1de7d1a1933b04ba4548d29ef1056
61e25a5d1bd40b139d85b367b8383e0cd65e6d2f854dd78993b101e2000c3d6d
6454532698fdd4467e0eb0a99e5bc3605a4795d25df4b6a1d97062dde62c53d2
649186141964b4ff67907081d88ee3196c7a1eb3ffecf9cbb03a1c6d0085134a
656b507a55c361579615069ae025d160099bac360642eaba44bd2331f7fad4c3
65ba5b7f91194ddaf0daa7a1dee1856b5ae9cd4277e72212f2a4042ccd4df679
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e0b58d9b7952c332d9c9ce2a2c54447f3858e09f66d5e542414b24aabb9f77d
70dc97a60ab824c4b4f362341733bde439ac6bd7534d2b5b193fbd37d9413ea6
77627505ed017c20486b472ed2679efa7157fb0690a7ac5cc82e2d24211df448
78b461fb6ad5dbb96dabb65eba7a219123491d0e43becffbe41130b22d65bd2f
7b6c14a85df5b89178cbb8b79a78959d7d0a32a0dc5697a5e5ffd23b66862024
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c23e33ab27bb75e8037057462389daa2898a811906b10945da1252ccbc27345
7d0bae598799d3c42ca5d7d7c8a8b79b67de62afe2e9d3dcee258328e40f39eb
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
8bbd322d5b22764f29e7ff91003f0a7a25af17af76cbee3ff46e95a3d4d80b4f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90ca1ec69de35eb28fcd7f3dfe0215a56127cacf6b15b24780bb8b2478578d33
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
940efd0e484c110b53e2118e1bcdcf8760f04df2d8032416dd63a461fc3e950a
962d83de183651c6c15d9dce622d311455a9e6bd8cf09dd1cbf9ec3a3892a1ab
9bb1c0dd5f206ff17fadcc8aa1f0915a040f8f252217adb73a914931dfaf916f
9ee0aeb565f2402389fe8b98c4a049b8cf96aa835c6de5265d41fe214692fdb4
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a232d397087067853daa9a8df775d85b961dc3e9eb91211bb10e4bfb75c3e597
a257990e7458c455a246d0d7555f678b16505e738ee5d2641612230d790f941f
a2ad3ffa88182e16f57e56c8b82c7bdd4a54c8e1b22ebd400ea9b2d0b761f43d
a938e1265428e9bcae903e6c51f388329a7162621820fc39dcefe1a1ecc43a68
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b51d0a1178453d5deda9c42db26ff1bac2d43c5e0e23492fb7397cc260d41610
b68b3d6e32f8d7a22dc69c9592045ef2300a155fdac0d33d961eda0ec1f0b864
d01fdb1e2075bc1b11988ff556a0b923dcad4ec72c87ad691d658c8491c0a0c0
d67faedb05cefe0cebeff48983741d12c196d67cb4c5c42fad35e73a24768ebe
da6d1a790fb8fd9aa08c21ece755cb88c894db32298c1c9478126f0f853bf941
dd6882cbc5b85b9d358c9b594f9aef7d436ea86d37e544954ee1f64622c1be0d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e101f7ba9403477179260bbec7d20fcc186419fa37e1aa691ba34047b59372d4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edb56189a9aed398aa53c428320ff449d170750c51f372c86e8164d10fcebb70
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7c66e2caf51414e796a2866e1eb813d3fd8afeb7d7bfc1c9fc74691d7b34bd6