connect.werally.com Open in urlscan Pro
149.126.77.254 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://fhs.umr.com/oss/cms/UMR/UHC_Provider_ChoicePlus_Link
Effective URL:
https://connect.werally.com/guest/eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIFBsdXMifQcozhH1ogwkaf...
Submission: On January 10 via manual (January 10th 2023, 2:17:12 pm UTC) from US — Scanned from DE

Summary HTTP 100 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 24 IPs in 7 countries across 19 domains to perform 100 HTTP transactions. The main IP is 149.126.77.254, located in Frankfurt am Main, Germany and belongs to INCAPSULA, US. The main domain is connect.werally.com. The Cisco Umbrella rank of the primary domain is 34564.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on July 7th 2022. Valid for: a year.

This is the only time connect.werally.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	149.111.144.172 149.111.144.172	10879 (UHC) (UHC)
39	149.126.77.254 149.126.77.254	19551 (INCAPSULA) (INCAPSULA)
2	45.60.57.254 45.60.57.254	19551 (INCAPSULA) (INCAPSULA)
6	2a02:26f0:f70... 2a02:26f0:f700:495::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2001:4860:480... 2001:4860:4802:32::15	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 3	52.215.109.101 52.215.109.101	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:225... 2600:9000:225e:7600:8:e7ba:7440:93a1	16509 (AMAZON-02) (AMAZON-02)
7	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.37.25.97 13.37.25.97	16509 (AMAZON-02) (AMAZON-02)
1 1	54.171.1.252 54.171.1.252	16509 (AMAZON-02) (AMAZON-02)
2	54.77.201.84 54.77.201.84	16509 (AMAZON-02) (AMAZON-02)
5	2600:1f18:24e... 2600:1f18:24e6:b902:6a0d:5266:caed:e4b0	14618 (AMAZON-AES) (AMAZON-AES)
3	34.120.21.7 34.120.21.7	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	52.138.200.61 52.138.200.61	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2600:1f18:24e... 2600:1f18:24e6:b901:7c4f:374c:6b44:3956	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:b000:18:ee0c:6e00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:402... 2a00:1450:4025:401::9d	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223c:400:15:bf9a:3f00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.10.218.229 52.10.218.229	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
100	24

2 149.111.144.172 (United States) 2 redirects

ASN10879 (UHC, US)

fhs.umr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 149.126.77.254 (Frankfurt am Main, Germany)

ASN19551 (INCAPSULA, US)
PTR: 149.126.77.254.ip.incapdns.net

connect.werally.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.60.57.254 (United States)

ASN19551 (INCAPSULA, US)

accounts.werally.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:f700:495::1e80 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE, US)

content.zeronaught.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.215.109.101 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-109-101.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:225e:7600:8:e7ba:7440:93a1 (United States)

ASN16509 (AMAZON-02, US)

universal.iperceptions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.37.25.97 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-37-25-97.eu-west-3.compute.amazonaws.com

smetrics.optum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.1.252 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-1-252.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.77.201.84 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-201-84.eu-west-1.compute.amazonaws.com

unitedhealthgroup.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f18:24e6:b902:6a0d:5266:caed:e4b0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum.browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.120.21.7 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 7.21.120.34.bc.googleusercontent.com

us.gimp.zeronaught.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.138.200.61 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

api.iperceptions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f18:24e6:b901:7c4f:374c:6b44:3956 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

session-replay.browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:b000:18:ee0c:6e00:93a1 (United States)

ASN16509 (AMAZON-02, US)

sd.iperceptions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

art.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:401::9d (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:400:15:bf9a:3f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

post.iperceptions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.10.218.229 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-218-229.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	werally.com connect.werally.com — Cisco Umbrella Rank: 34564 accounts.werally.com — Cisco Umbrella Rank: 197558	2 MB
9	browser-intake-datadoghq.com rum.browser-intake-datadoghq.com — Cisco Umbrella Rank: 4282 session-replay.browser-intake-datadoghq.com — Cisco Umbrella Rank: 16476	571 B
8	iperceptions.com universal.iperceptions.com — Cisco Umbrella Rank: 14119 api.iperceptions.com — Cisco Umbrella Rank: 14173 sd.iperceptions.com — Cisco Umbrella Rank: 15584 post.iperceptions.com — Cisco Umbrella Rank: 51803	24 KB
7	qualtrics.com zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com — Cisco Umbrella Rank: 105279 siteintercept.qualtrics.com — Cisco Umbrella Rank: 1459	70 KB
6	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 500	143 KB
4	zeronaught.com content.zeronaught.com — Cisco Umbrella Rank: 100336 us.gimp.zeronaught.com — Cisco Umbrella Rank: 25405	59 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 103	20 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	158 KB
3	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 301 unitedhealthgroup.demdex.net Failed	3 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	57 KB
2	amplitude.com api.amplitude.com — Cisco Umbrella Rank: 1724	411 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 179 googleads.g.doubleclick.net — Cisco Umbrella Rank: 64	2 KB
2	azureedge.net art.azureedge.net — Cisco Umbrella Rank: 143601	4 KB
2	omtrdc.net unitedhealthgroup.tt.omtrdc.net — Cisco Umbrella Rank: 58309	935 B
2	optum.com smetrics.optum.com — Cisco Umbrella Rank: 55930	684 B
2	umr.com 2 redirects fhs.umr.com	1 KB
1	google.com www.google.com — Cisco Umbrella Rank: 16	548 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1416	517 B
0	google.de Failed www.google.de Failed
100	19

	Domain	Requested by
39	connect.werally.com	connect.werally.com
6	siteintercept.qualtrics.com	zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com connect.werally.com siteintercept.qualtrics.com
6	assets.adobedtm.com	connect.werally.com assets.adobedtm.com
5	rum.browser-intake-datadoghq.com	connect.werally.com
4	session-replay.browser-intake-datadoghq.com	connect.werally.com
3	www.google-analytics.com	www.googletagmanager.com connect.werally.com
3	www.googletagmanager.com	connect.werally.com assets.adobedtm.com www.googletagmanager.com
3	us.gimp.zeronaught.com	connect.werally.com
3	universal.iperceptions.com	connect.werally.com universal.iperceptions.com
3	dpm.demdex.net	1 redirects connect.werally.com
3	connect.facebook.net	assets.adobedtm.com connect.facebook.net
2	api.amplitude.com	connect.werally.com
2	post.iperceptions.com	connect.werally.com
2	art.azureedge.net	universal.iperceptions.com
2	api.iperceptions.com	connect.werally.com
2	unitedhealthgroup.tt.omtrdc.net	connect.werally.com assets.adobedtm.com
2	smetrics.optum.com	connect.werally.com
2	accounts.werally.com	connect.werally.com accounts.werally.com
2	fhs.umr.com	2 redirects
1	www.google.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	connect.werally.com
1	sd.iperceptions.com	universal.iperceptions.com
1	cm.everesttech.net	1 redirects
1	zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com	connect.werally.com
1	content.zeronaught.com	connect.werally.com
0	www.google.de Failed
0	unitedhealthgroup.demdex.net Failed	assets.adobedtm.com
100	28

This site contains links to these domains. Also see Links.

Domain
www.uhc.com
www.rallyhealth.com
myoptum.optum.com

Subject Issuer	Validity	Valid
*.werally.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-07` - `2023-08-04`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
content.zeronaught.com GTS CA 1D4	`2022-11-24` - `2023-02-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-19` - `2023-01-17`	3 months	crt.sh
*.iperceptions.com Amazon	`2022-03-16` - `2023-04-13`	a year	crt.sh
*.qualtrics.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-04` - `2023-05-04`	a year	crt.sh
smetrics.optum.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-20` - `2023-04-20`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-09-01`	a year	crt.sh
*.browser-intake-datadoghq.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-21` - `2023-07-22`	a year	crt.sh
*.gimp.zeronaught.com Entrust Certification Authority - L1K	`2022-08-29` - `2023-09-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2022-07-11` - `2023-07-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2022-01-28` - `2023-02-28`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://connect.werally.com/guest/eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIFBsdXMifQcozhH1ogwkafTW5ERtAH3wvspMTE4x68Onh5HJpFupg
Frame ID: DBDD39F751ACB430AAABCAC0931FB39D
Requests: 98 HTTP requests in this frame

Frame: https://universal.iperceptions.com/iFrame.html
Frame ID: 6960F9230C1940539B5B3DE03FF2BE8D
Requests: 1 HTTP requests in this frame

Frame: https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0
Frame ID: 404A581F14761D544FF8B6738FE77F41
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Medical | Find Care

Page URL History Show full URLs

http://fhs.umr.com/oss/cms/UMR/UHC_Provider_ChoicePlus_Link HTTP 302
https://fhs.umr.com/oss/cms/UMR/UHC_Provider_ChoicePlus_Link HTTP 302
https://connect.werally.com/guest/eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIF... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Page Statistics

100
Requests

95 %
HTTPS

56 %
IPv6

19
Domains

28
Subdomains

24
IPs

7
Countries

2732 kB
Transfer

11026 kB
Size

39
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.uhc.com/health-and-wellness/health-topics/covid-19?exitLinkName=corona-virus-faq-uhc
Title: See COVID-19 Resources

Search URL Search Domain Scan URL

URL: https://www.uhc.com/legal/legal-entities
Title: Legal Entities

Search URL Search Domain Scan URL

URL: https://www.uhc.com/legal/provider
Title: Provider Data Information

Search URL Search Domain Scan URL

URL: https://www.uhc.com/legal/provider/commercial-plans
Title: State Specific Employer, Individual, Exchange Plan Information

Search URL Search Domain Scan URL

URL: https://www.uhc.com/legal/provider/medicaid-plans
Title: State Specific Medicaid Plan Information

Search URL Search Domain Scan URL

URL: https://www.rallyhealth.com/
Title: About Rally

Search URL Search Domain Scan URL

URL: https://myoptum.optum.com/content/optum-dashboard/en/footer/uhc/terms.html
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://myoptum.optum.com/content/optum-dashboard/en/footer/uhc/privacy.html
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://fhs.umr.com/oss/cms/UMR/UHC_Provider_ChoicePlus_Link HTTP 302
https://fhs.umr.com/oss/cms/UMR/UHC_Provider_ChoicePlus_Link HTTP 302
https://connect.werally.com/guest/eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIFBsdXMifQcozhH1ogwkafTW5ERtAH3wvspMTE4x68Onh5HJpFupg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1673360224423 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1673360224423

Request Chain 25

https://cm.everesttech.net/cm/dd?d_uuid=01890817350406834663877293411592655376 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y71zYQAAAFwwGANn

100 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIFBsdXMifQcozhH1ogwkafTW5ERtAH3wvspMTE4x68Onh5HJpFupg Show response
connect.werally.com/guest/
Redirect Chain

http://fhs.umr.com/oss/cms/UMR/UHC_Provider_ChoicePlus_Link
https://fhs.umr.com/oss/cms/UMR/UHC_Provider_ChoicePlus_Link
https://connect.werally.com/guest/eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIFBsdXMifQcozhH1ogwkafTW5ERtAH3wvspMTE4x68Onh5HJpFupg

25 KB
9 KB

476ms
408ms

Document
text/html

149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/guest/eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIFBsdXMifQcozhH1ogwkafTW5ERtAH3wvspMTE4x68Onh5HJpFupg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

4c88311f8b42cc58dafaebc388d6cee36c3d2e13057610ca740a15d6b82f2060

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com .rally-dev.com .werally.com .werally.in myoptum-stage.akamaized.net .optum.com .liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net .qualtrics.com .doubleclick.net https://.qualtrics.com .liveandworkwell.com .liveperson.net .optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' .liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com .doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com .liveandworkwell.com .myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com .doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net .iperceptions.com .zeronaught.com api.mapbox.com events.mapbox.com .doubleclick.net www.google-analytics.com smetrics.optum.com .qualtrics.com .sendbird.com wss://.sendbird.com unitedhealthgroup.tt.omtrdc.net https://.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com .rally-dev.com .werally.com .werally.in .uhc.com .datadoghq.com .optum.com .liveandworkwell.com ; frame-src https://.werally.in https://.werally.com https://.optum.com https://.uhc.com https://.myuhc.com https://.rallyhealth.com https://.iperceptions.com https://.doubleclick.net https://*.lpsnmedia.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com https://uhg1.co1.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=60
content-encoding: gzip
content-security-policy: base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com *.rally-dev.com *.werally.com *.werally.in myoptum-stage.akamaized.net *.optum.com *.liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://*.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net *.qualtrics.com *.doubleclick.net https://*.qualtrics.com *.liveandworkwell.com *.liveperson.net *.optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' *.liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com *.doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://*.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com *.liveandworkwell.com *.myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com *.doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net *.iperceptions.com *.zeronaught.com api.mapbox.com events.mapbox.com *.doubleclick.net www.google-analytics.com smetrics.optum.com *.qualtrics.com *.sendbird.com wss://*.sendbird.com unitedhealthgroup.tt.omtrdc.net https://*.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com *.rally-dev.com *.werally.com *.werally.in *.uhc.com *.datadoghq.com *.optum.com *.liveandworkwell.com ; frame-src https://*.werally.in https://*.werally.com https://*.optum.com https://*.uhc.com https://*.myuhc.com https://*.rallyhealth.com https://*.iperceptions.com https://*.doubleclick.net https://*.lpsnmedia.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com https://uhg1.co1.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
content-type: text/html
date: Tue, 10 Jan 2023 14:17:03 GMT
etag: W/"63b897f5-6187"
last-modified: Fri, 06 Jan 2023 21:51:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-cdn: Imperva
x-frame-options: DENY
x-iinfo: 12-989909477-989909482 NNNN CT(95 198 0) RT(1673360221838 13) q(0 0 3 0) r(4 4) U12
x-xss-protection: 1; mode=block

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: private, no-store, no-cache
Connection: Keep-Alive
Content-Length: 0
Content-Security-Policy: frame-ancestors 'self' *.tpa.com *.umr.com *.uhis.com;
Content-Type: text/html;charset=UTF-8
Date: Tue, 10 Jan 2023 14:17:02 GMT
Keep-Alive: timeout=5, max=100
Location: https://connect.werally.com/guest/eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIFBsdXMifQcozhH1ogwkafTW5ERtAH3wvspMTE4x68Onh5HJpFupg
Referrer-Policy: no-referrer-when-downgrade
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
X-Frame-Options: SAMEORIGIN

GET
H2 200 huginn Show response
accounts.werally.com/ 553 B
795 B 440ms
398ms Script
application/javascript 45.60.57.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.werally.com/huginn

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/guest/eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIFBsdXMifQcozhH1ogwkafTW5ERtAH3wvspMTE4x68Onh5HJpFupg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.57.254 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7c23e33ab27bb75e8037057462389daa2898a811906b10945da1252ccbc27345

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 28 Jun 2022 16:58:32 GMT
x-cdn: Imperva
etag: W/"62bb3338-229"
vary: Accept-Encoding
content-type: application/javascript
x-iinfo: 7-306140516-306140520 NNNN CT(94 194 0) RT(1673360222999 11) q(0 0 3 0) r(4 4) U2
cache-control: no-store, max-age=0

GET
H2 200 rally_common.js Show response
connect.werally.com/scripts/ 240 KB
138 KB 370ms
369ms Script
application/javascript 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/scripts/rally_common.js

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/guest/eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIFBsdXMifQcozhH1ogwkafTW5ERtAH3wvspMTE4x68Onh5HJpFupg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

6ee061eef7576dce5b886582d4d222b9f8c8ac530e341d0cf906d96a6e47c2e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/guest/eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIFBsdXMifQcozhH1ogwkafTW5ERtAH3wvspMTE4x68Onh5HJpFupg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Jan 2023 14:17:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-type: application/javascript; charset=UTF-8
x-ion-hop: 1
x-iinfo: 12-989909477-989909663 NNNN CT(84 174 0) RT(1673360221838 430) q(0 0 3 -1) r(4 4) U9
cache-control: no-cache, no-store, must-revalidate
expires: 0

GET
H2 200 launch-39716f3a8c87.min.js Show response
assets.adobedtm.com/512027f42d3c/da94e4cf7aac/ 416 KB
109 KB 278ms
73ms Script
application/x-javascript 2a02:26f0:f700:495::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/da94e4cf7aac/launch-39716f3a8c87.min.js
Requested by: Host: connect.werally.com
URL: https://connect.werally.com/guest/eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIFBsdXMifQcozhH1ogwkafTW5ERtAH3wvspMTE4x68Onh5HJpFupg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:495::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b3e2185d6d8c64a24965474ffde2ed0a350a6b71d1ca43ceb5bee8c990d0ce48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:03 GMT
content-encoding: gzip
last-modified: Thu, 05 Jan 2023 07:10:10 GMT
server: AkamaiNetStorage
etag: "2d27b4562671302d71a7e24e1fa7c3bb:1672902610.139215"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://connect.werally.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 111345
expires: Tue, 10 Jan 2023 15:17:03 GMT

GET
H2 200 main-e9098bf5.css
connect.werally.com/static/css/ 672 B
426 B 405ms
403ms Stylesheet
text/css 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/static/css/main-e9098bf5.css

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/guest/eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIFBsdXMifQcozhH1ogwkafTW5ERtAH3wvspMTE4x68Onh5HJpFupg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

17ae3ae4c56e2cf933fa55219a4cfc50224a98f8bf953e1af98ffcd3f362fb65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/guest/eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIFBsdXMifQcozhH1ogwkafTW5ERtAH3wvspMTE4x68Onh5HJpFupg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 06 Jan 2023 18:39:25 GMT
x-cdn: Imperva
etag: W/"63b86add-2a0"
content-type: text/css
x-iinfo: 12-989909477-989908275 2VNN RT(1673360221838 433) q(0 0 0 -1) r(4 4)
cache-control: max-age=15778463, public
content-length: 288
expires: Wed, 12 Jul 2023 05:11:25 GMT

GET
H2 200 united-unified-e9098bf5.css
connect.werally.com/static/css/ 6 KB
2 KB 404ms
402ms Stylesheet
text/css 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/static/css/united-unified-e9098bf5.css

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/guest/eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIFBsdXMifQcozhH1ogwkafTW5ERtAH3wvspMTE4x68Onh5HJpFupg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

550311e1cfa0c5fcc65f0bd663a98a4e378e08fbe06dcee69427d6c0df1f5f54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/guest/eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIFBsdXMifQcozhH1ogwkafTW5ERtAH3wvspMTE4x68Onh5HJpFupg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 06 Jan 2023 18:39:25 GMT
x-cdn: Imperva
etag: W/"63b86add-1990"
content-type: text/css
x-iinfo: 12-989909477-989908599 2VNN RT(1673360221838 436) q(0 0 0 -1) r(4 4)
cache-control: max-age=15778463, public
content-length: 1458
expires: Wed, 12 Jul 2023 05:11:25 GMT

GET
H2 200 advantage-unified-e9098bf5.css
connect.werally.com/static/css/ 4 KB
1 KB 403ms
401ms Stylesheet
text/css 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/static/css/advantage-unified-e9098bf5.css

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/guest/eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIFBsdXMifQcozhH1ogwkafTW5ERtAH3wvspMTE4x68Onh5HJpFupg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

92394823c4d0cdf8dbe50ed532bd1aea500f9507a9ed00144409b6cbbffac4f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/guest/eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIFBsdXMifQcozhH1ogwkafTW5ERtAH3wvspMTE4x68Onh5HJpFupg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 06 Jan 2023 18:39:25 GMT
x-cdn: Imperva
etag: W/"63b86add-11b2"
content-type: text/css
x-iinfo: 12-989909477-989905783 2VNN RT(1673360221838 442) q(0 0 0 -1) r(4 4)
cache-control: max-age=15778463, public
content-length: 1139
expires: Wed, 12 Jul 2023 05:11:25 GMT

GET
H2 200 main-e9098bf5.js Show response
connect.werally.com/static/js/ 8 MB
2 MB 413ms
412ms Script
application/javascript 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/static/js/main-e9098bf5.js

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/guest/eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIFBsdXMifQcozhH1ogwkafTW5ERtAH3wvspMTE4x68Onh5HJpFupg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

a8457bd19dace532c704735edab5c58d5836ad68b6817524cb918b6a8733485a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/guest/eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIFBsdXMifQcozhH1ogwkafTW5ERtAH3wvspMTE4x68Onh5HJpFupg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 06 Jan 2023 18:39:25 GMT
x-cdn: Imperva
etag: "63b86add-1dca6d"
content-type: application/javascript
x-iinfo: 12-989909477-989908959 2VNN RT(1673360221838 446) q(0 0 0 -1) r(4 4)
cache-control: max-age=15778463, public
content-length: 1952365
expires: Wed, 12 Jul 2023 05:11:25 GMT

GET
H2 200 united-unified-e9098bf5.js Show response
connect.werally.com/static/js/ 3 KB
2 KB 412ms
411ms Script
application/javascript 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/static/js/united-unified-e9098bf5.js

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/guest/eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIFBsdXMifQcozhH1ogwkafTW5ERtAH3wvspMTE4x68Onh5HJpFupg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

6f32e81f2c4bf5fbf92b17f8c5435e97637d24ff12e35d7064347f3522a54c63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/guest/eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIFBsdXMifQcozhH1ogwkafTW5ERtAH3wvspMTE4x68Onh5HJpFupg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 06 Jan 2023 18:39:25 GMT
x-cdn: Imperva
etag: W/"63b86add-ced"
content-type: application/javascript
x-iinfo: 12-989909477-989909413 2VNN RT(1673360221838 449) q(0 0 0 -1) r(4 4)
cache-control: max-age=15778463, public
content-length: 1442
expires: Wed, 12 Jul 2023 05:11:25 GMT

GET
H2 200 advantage-unified-e9098bf5.js Show response
connect.werally.com/static/js/ 3 KB
2 KB 531ms
530ms Script
application/javascript 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/static/js/advantage-unified-e9098bf5.js

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/guest/eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIFBsdXMifQcozhH1ogwkafTW5ERtAH3wvspMTE4x68Onh5HJpFupg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

e129ff90cea298072ee16370a9b6f1c205c1ab0ed9e83bebd542882209f9e7b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/guest/eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIFBsdXMifQcozhH1ogwkafTW5ERtAH3wvspMTE4x68Onh5HJpFupg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 06 Jan 2023 18:39:25 GMT
x-cdn: Imperva
etag: W/"63b86add-cee"
content-type: application/javascript
x-iinfo: 12-989909477-989905783 2VNN RT(1673360221838 452) q(0 4 4 -1) r(5 5)
cache-control: max-age=15778463, public
content-length: 1448
expires: Wed, 12 Jul 2023 05:11:25 GMT

GET
H2 200 _Incapsula_Resource Show response
connect.werally.com/ 143 KB
20 KB 21ms
20ms Script
application/javascript 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1495912485

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/guest/eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIFBsdXMifQcozhH1ogwkafTW5ERtAH3wvspMTE4x68Onh5HJpFupg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

2a5b934ee0f22c19e23ed141f2985e248932e43098743c4337234354aa588f6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/guest/eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIFBsdXMifQcozhH1ogwkafTW5ERtAH3wvspMTE4x68Onh5HJpFupg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 20505
content-type: application/javascript

GET
H2 200 huginn-1.5.0.js Show response
accounts.werally.com/huginn/ 11 KB
4 KB 464ms
464ms Script
application/javascript 45.60.57.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.werally.com/huginn/huginn-1.5.0.js

Requested by

Host: accounts.werally.com
URL: https://accounts.werally.com/huginn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.57.254 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

542f7a5b200e46d6c0352605c2f5db958931206f535d4ddf9e724c917437b41e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Tue, 28 Jun 2022 16:58:32 GMT
x-cdn: Imperva
etag: W/"62bb3338-2d6a"
content-type: application/javascript
x-iinfo: 7-306140516-306134106 2VNN RT(1673360222999 426) q(0 0 0 -1) r(4 4)
cache-control: max-age=1209600, public, must-revalidate
content-length: 4249
expires: Tue, 24 Jan 2023 14:17:03 GMT

GET
H2 200 rally_health.js Show response
content.zeronaught.com/js/ 107 KB
59 KB 305ms
228ms Script
application/javascript 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://content.zeronaught.com/js/rally_health.js
Requested by: Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.21.5 /
Resource Hash: 3cc71dbee28027aa344d5f5a344266125ad87ceedfe716303072aec89e3d008b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:04 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 15 Sep 2021 17:32:21 GMT
server: nginx/1.21.5
etag: W/"61422e25-1acfd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
expires: Tue, 10 Jan 2023 15:17:04 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 105 KB
28 KB 27ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/da94e4cf7aac/launch-39716f3a8c87.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cba8862bc0eeff77ab390c0669021b95055e809f226aa0e7dc438d79e3ad399f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 10 Jan 2023 14:17:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27613
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ptMRFuqBaTwcHEyM+YfqerOegII7F6vGRC7RHvnH6i5mh3lvEU0MgxfMO5GbJ0BNBCYG9e/iH3p6JkzHoaBvxg==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1673360224423
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1673360224423

974 B
1 KB

126ms
126ms

XHR
application/json

52.215.109.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1673360224423

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/guest/eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIFBsdXMifQcozhH1ogwkafTW5ERtAH3wvspMTE4x68Onh5HJpFupg

Protocol

HTTP/1.1

Server

52.215.109.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-109-101.eu-west-1.compute.amazonaws.com

Software

Resource Hash

380d598304c575b71bc6592b668e32cecf888a433428e266d4ac446646097574

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v045-0650109c9.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 2mIklqKgTIU=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://connect.werally.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 560
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v045-01a6f2a00.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: FRdP9hvNQOk=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://connect.werally.com
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1673360224423
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 33 KB
12 KB 65ms
65ms Script
application/x-javascript 2a02:26f0:f700:495::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/da94e4cf7aac/launch-39716f3a8c87.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:495::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:04 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
etag: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://connect.werally.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12163
expires: Tue, 10 Jan 2023 15:17:04 GMT

GET
H2 200 _Incapsula_Resource
connect.werally.com/ 1 B
36 B 44ms
44ms Image
text/plain 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://connect.werally.com/_Incapsula_Resource?SWKMTFSR=1&e=0.9771562064054633

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/guest/eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIFBsdXMifQcozhH1ogwkafTW5ERtAH3wvspMTE4x68Onh5HJpFupg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/guest/eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIFBsdXMifQcozhH1ogwkafTW5ERtAH3wvspMTE4x68Onh5HJpFupg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 wrapper.js Show response
universal.iperceptions.com/ 9 KB
4 KB 101ms
8ms Script
application/javascript 2600:9000:225e:7600:8:e7ba:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://universal.iperceptions.com/wrapper.js
Requested by: Host: connect.werally.com
URL: https://connect.werally.com/guest/eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIFBsdXMifQcozhH1ogwkafTW5ERtAH3wvspMTE4x68Onh5HJpFupg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:7600:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 962d83de183651c6c15d9dce622d311455a9e6bd8cf09dd1cbf9ec3a3892a1ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 10 Jan 2023 14:13:02 GMT
content-encoding: gzip
via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
content-md5: d5YIeO59lrTqhttidyvULA==
age: 241
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-ms-lease-status: unlocked
last-modified: Mon, 22 Mar 2021 18:02:49 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: be778f25-101e-005a-6bb8-24ef49000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-amz-cf-id: 5MxM1dhS-K3zGK6pZwlsj-41AnvrjMBd3DtIsQnku1FbIZrGh4Bdmw==

GET
H2 200 location Show response
connect.werally.com/rest/geolocation/v1/user/guest/ 206 B
545 B 447ms
447ms XHR
application/json 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/rest/geolocation/v1/user/guest/location

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

77627505ed017c20486b472ed2679efa7157fb0690a7ac5cc82e2d24211df448

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Context-Config-PartnerId: uhc
accept-language: de-DE,de;q=0.9
x-datadog-origin: rum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
x-datadog-sampling-priority: 1
Accept: application/json, text/plain, */*
Context-Config-ConsumerSource: connect-web
Referer: https://connect.werally.com/guest/eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIFBsdXMifQcozhH1ogwkafTW5ERtAH3wvspMTE4x68Onh5HJpFupg
x-datadog-parent-id: 7928176742121375904
x-datadog-trace-id: 5406765251068323004
Current-Connect-Session-Type: none

Response headers

x-rally-correlationid: 9UozHWX336G7Eq-csedge
date: Tue, 10 Jan 2023 14:17:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-encoding: gzip
x-cdn: Imperva
vary: Origin
content-type: application/json
x-iinfo: 12-989909477-989910255 NNYN CT(95 200 0) RT(1673360221838 2152) q(0 0 3 -1) r(4 4) U9
cache-control: no-cache
server-timing: geolocation-strict, geolocation-total;dur=3, csedge-streamed, csedge-ttfb;dur=6
x-xss-protection: 1; mode=block

GET
BLOB 200
OK d7beb823-2c28-49a1-8e62-47af026e2767
https://connect.werally.com/ 25 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://connect.werally.com/d7beb823-2c28-49a1-8e62-47af026e2767
Requested by: Host: connect.werally.com
URL: https://connect.werally.com/guest/eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIFBsdXMifQcozhH1ogwkafTW5ERtAH3wvspMTE4x68Onh5HJpFupg
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10bec3be4bb65403cfcd3222e9ed06b96e8d66242c61a5818ae1509f5f926a8f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 25642

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 23ms
22ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.91

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 10 Jan 2023 14:17:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 0tBBJwupLVNqL5+HSmRkNuAC54fgIO+f2hF8CaapDzHR75y0UdJKzfAJ4wE/QFWB93mIDrxP5RNJmq0c5uODrA==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 998810383816698 Show response
connect.facebook.net/signals/config/ 33 KB
8 KB 25ms
25ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/998810383816698?v=2.9.91&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

741772fa59394f807bb33cea0e33f48a3745618b73bbf6e928289be2e02e411f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 10 Jan 2023 14:17:04 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8287
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 6C6PsCQJ+sGsq8kTVUplF6rIOS6V3cPggjWyy5V1/7VIl/zd6N4tJidgHV9bXJ9UP77W3os7pGrJtbc1L2nvpw==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/ 7 KB
4 KB 103ms
34ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/guest/eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIFBsdXMifQcozhH1ogwkafTW5ERtAH3wvspMTE4x68Onh5HJpFupg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ea805972ca39aa120747ceabfd2fbaa352f7257b513462fa3834f00c7647619

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 24550
cf-polished: origSize=8487
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"2127-Zu5vvJ9R8cbr4TJoH+iS4jiou50"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 787608c16d059142-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 iFrame.html Show response
universal.iperceptions.com/ Frame 6960 2 KB
1 KB 38ms
38ms Document
text/html 2600:9000:225e:7600:8:e7ba:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://universal.iperceptions.com/iFrame.html
Requested by: Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:7600:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7d0bae598799d3c42ca5d7d7c8a8b79b67de62afe2e9d3dcee258328e40f39eb

Request headers

Referer: https://connect.werally.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 245
cache-control: public,max-age=7200
content-encoding: gzip
content-md5: Vmg/mBwwVR6Kl52r4KoGqg==
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 10 Jan 2023 14:12:59 GMT
last-modified: Tue, 28 Jan 2020 16:03:04 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary: Accept-Encoding
via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-amz-cf-id: YHDGZL9HUZ3rRYj9WA1NWmtaFQORcykcpi9Cxfh_3dz8m_8C6qirew==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: abe11981-801e-001b-25c6-23c75a000000
x-ms-version: 2009-09-19

GET dest5.html
unitedhealthgroup.demdex.net/ Frame 404A 0
0

GET
H2 200 id Show response
smetrics.optum.com/ 48 B
460 B 1872ms
963ms XHR
application/x-javascript 13.37.25.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.optum.com/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=8E391C8B533058250A490D4D%40AdobeOrg&mid=09700312572160783714190343607671049721&ts=1673360225469

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.37.25.97 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-37-25-97.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

3e05a7afebd85a4c087ebfe9584f1fdb501e55b4a431addb857e4fa3ac5f1ff6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://connect.werally.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 10 Jan 2023 14:17:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://connect.werally.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y71zYQAAAFwwGANn
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=01890817350406834663877293411592655376
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y71zYQAAAFwwGANn

42 B
942 B

104ms
103ms

Image
image/gif

52.215.109.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y71zYQAAAFwwGANn

Protocol

HTTP/1.1

Server

52.215.109.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-215-109-101.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v045-0a2056b15.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: UTEKavo/Q/g=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y71zYQAAAFwwGANn
Date: Tue, 10 Jan 2023 14:17:05 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
unitedhealthgroup.tt.omtrdc.net/rest/v1/ 360 B
728 B 165ms
59ms XHR
application/json 54.77.201.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unitedhealthgroup.tt.omtrdc.net/rest/v1/delivery?client=unitedhealthgroup&sessionId=a3abddd781644a498f1f2b7b2f04b355&version=2.8.2
Requested by: Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.201.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-201-84.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6054289fc6c96208fbbe72b035ebaf3298e26be3cbd4b3b1446232acbb58e357

Request headers

Referer: https://connect.werally.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 10 Jan 2023 14:17:05 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://connect.werally.com
access-control-allow-credentials: true
timing-allow-origin: *
x-request-id: 677e4c6f21c7ef2c6b8ff2b7e3ca83ef

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 460ms
244ms Ping
application/json 2600:1f18:24e6:b902:6a0d:5266:caed:e4b0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.15.0%2Cenv%3Aprod%2Cservice%3Achopshop-ui%2Cversion%3A6.133.11-stable&dd-api-key=pubb9d400b66085801fda89470302d2eeb6&dd-evp-origin-version=4.15.0&dd-evp-origin=browser&dd-request-id=3f98aa7b-dc0e-4b0d-8ab7-7a12ef572a3f&batch_time=1673360225483
Requested by: Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-e9098bf5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:6a0d:5266:caed:e4b0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://connect.werally.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 login Show response
connect.werally.com/rest/user/v1/guest/ 3 KB
2 KB 177ms
176ms XHR
application/json 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/rest/user/v1/guest/login?token=eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIFBsdXMifQcozhH1ogwkafTW5ERtAH3wvspMTE4x68Onh5HJpFupg

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

bd64e686eecb17e1df172c4d820f3178f7791a03dc133f1bf3fca27cc99487db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Context-Config-PartnerId: uhc
X-XSRF-TOKEN: undefined
accept-language: de-DE,de;q=0.9
x-datadog-origin: rum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
x-datadog-sampling-priority: 1
Accept: application/json, text/plain, */*
Context-Config-ConsumerSource: connect-web
Referer: https://connect.werally.com/guest/eyJwYXJ0bmVySWQiOiJ1aGMiLCJkZWxzeXMiOiI1MiIsInBsYW5OYW1lIjoiQ2hvaWNlIFBsdXMifQcozhH1ogwkafTW5ERtAH3wvspMTE4x68Onh5HJpFupg
x-datadog-parent-id: 8464180601808739875
x-datadog-trace-id: 8907328818438866231
Current-Connect-Session-Type: guest

Response headers

x-rally-correlationid: cjUdA82CsbonSd-csedge
date: Tue, 10 Jan 2023 14:17:05 GMT
content-encoding: gzip
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
vary: Accept-Encoding, Accept-Encoding,Origin
content-type: application/json
x-iinfo: 12-989909477-989909482 PNNN RT(1673360221838 2857) q(0 0 0 -1) r(2 2) U9
cache-control: no-cache, no-store, must-revalidate
server-timing: user-strict, user-total;dur=15, csedge-chunked, csedge-ttfb;dur=18
x-xss-protection: 1; mode=block

POST
H2 200 rallyhealth Show response
us.gimp.zeronaught.com/__imp_apg__/api/dc/ 53 B
262 B 179ms
121ms XHR
text/html 34.120.21.7
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://us.gimp.zeronaught.com/__imp_apg__/api/dc/rallyhealth?key=AIzaSyBSNSqUBneAZSfuYeWzovo86EyOLTgPuZA
Requested by: Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.21.7 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 7.21.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 322ac41e3f05521ba1efe5310257d85ae581e120a8d0feaf9c52ca019101eb27

Request headers

Referer: https://connect.werally.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 10 Jan 2023 14:17:05 GMT
x-envoy-decorator-operation: ingress DeviceCategoryPost3
via: 1.1 google
server: envoy
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://connect.werally.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53

POST
H2 200 rallyhealth Show response
us.gimp.zeronaught.com/__imp_apg__/api/dc/ 53 B
114 B 119ms
118ms XHR
text/html 34.120.21.7
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://us.gimp.zeronaught.com/__imp_apg__/api/dc/rallyhealth?key=AIzaSyBSNSqUBneAZSfuYeWzovo86EyOLTgPuZA
Requested by: Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.21.7 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 7.21.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 322ac41e3f05521ba1efe5310257d85ae581e120a8d0feaf9c52ca019101eb27

Request headers

Referer: https://connect.werally.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 10 Jan 2023 14:17:05 GMT
x-envoy-decorator-operation: ingress DeviceCategoryPost3
via: 1.1 google
server: envoy
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://connect.werally.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53

GET
H2 200 43-e9098bf5.chunk.js Show response
connect.werally.com/static/js/chunks/ 28 KB
10 KB 420ms
420ms Script
application/javascript 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/static/js/chunks/43-e9098bf5.chunk.js

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-e9098bf5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

034fb9937f594cebf9af8c5895b8bfafe05b39d4feab728169d11cbe287919f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 06 Jan 2023 18:39:25 GMT
x-cdn: Imperva
etag: "63b86add-2621"
content-type: application/javascript
x-iinfo: 12-989909477-989908296 2VNN RT(1673360221838 3243) q(0 0 0 -1) r(4 4)
cache-control: max-age=15778463, public
content-length: 9761
expires: Wed, 12 Jul 2023 05:11:28 GMT

GET
H2 204 context Show response
connect.werally.com/rest/provider-router/v1/ 0
236 B 144ms
144ms XHR
text/plain 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/rest/provider-router/v1/context?partnerId=uhc&zipCode=55401&stateCode=MN

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Context-Config-PartnerId: uhc
X-XSRF-TOKEN: 6f3e21d8-61c4-4e5c-b556-65177b0bf710
Context-Config-PlanCode: 52
accept-language: de-DE,de;q=0.9
x-datadog-origin: rum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
x-datadog-sampling-priority: 1
Accept: application/json, text/plain, */*
Context-Config-ConsumerSource: connect-web
Referer: https://connect.werally.com/
x-datadog-parent-id: 3907533994565298677
x-datadog-trace-id: 2463555342532381917
Current-Connect-Session-Type: guest

Response headers

x-rally-correlationid: qdMakRvtMHY4v7-csedge
date: Tue, 10 Jan 2023 14:17:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cdn: Imperva
vary: Origin
x-frame-options: DENY
x-iinfo: 12-989909477-989910255 PNNN RT(1673360221838 3253) q(0 0 0 -1) r(2 2) U9
cache-control: no-cache, no-store, must-revalidate
server-timing: providerRouter-strict, providerRouter-total;dur=1, csedge-chunked, csedge-ttfb;dur=4
x-xss-protection: 1; mode=block

GET
H2 200 uhc Show response
connect.werally.com/rest/partner/v3/content/ 10 KB
3 KB 441ms
440ms XHR
application/json 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/rest/partner/v3/content/uhc?lineOfBusiness=ENI&planId=1aceb0d8-7a7a-4c01-b21f-c27029a2ad6a&policyId=&coverageTypes=medical

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

55875eb206c4b11d2e3293bdfca29e1973d8919559797c222245e27e314a2e2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Context-Config-PartnerId: uhc
X-XSRF-TOKEN: 6f3e21d8-61c4-4e5c-b556-65177b0bf710
Context-Config-PlanCode: 52
accept-language: de-DE,de;q=0.9
x-datadog-origin: rum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
x-datadog-sampling-priority: 1
Accept: application/json, text/plain, */*
Context-Config-ConsumerSource: connect-web
Referer: https://connect.werally.com/
x-datadog-parent-id: 2596113954992597817
x-datadog-trace-id: 5575951045272588009
Current-Connect-Session-Type: guest

Response headers

x-rally-correlationid: 7RkKhmiv4UjgPb-csedge
date: Tue, 10 Jan 2023 14:17:06 GMT
content-encoding: gzip
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
vary: Accept-Encoding, Accept-Encoding,Origin
content-type: application/json
x-iinfo: 12-989909477-989910516 NNNN CT(100 204 0) RT(1673360221838 3260) q(0 1 4 -1) r(5 5) U9
cache-control: no-cache, no-store, must-revalidate
server-timing: partner-strict, partner-total;dur=1, csedge-chunked, csedge-ttfb;dur=4
x-xss-protection: 1; mode=block

GET
H2 200 uhc Show response
connect.werally.com/rest/partner/v2/complianceStatus/ 13 B
275 B 146ms
146ms XHR
application/json 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/rest/partner/v2/complianceStatus/uhc

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

20a72e84ae088c60ea378c051c63d29cd54b56716893bf3eb2bbbb8920f0cd7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Context-Config-PartnerId: uhc
X-XSRF-TOKEN: 6f3e21d8-61c4-4e5c-b556-65177b0bf710
Context-Config-PlanCode: 52
accept-language: de-DE,de;q=0.9
x-datadog-origin: rum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
x-datadog-sampling-priority: 1
Accept: application/json, text/plain, */*
Context-Config-ConsumerSource: connect-web
Referer: https://connect.werally.com/
x-datadog-parent-id: 4808306002001753408
x-datadog-trace-id: 8873191445482300769
Current-Connect-Session-Type: guest

Response headers

x-rally-correlationid: 7TLxLrmU2yzDGF-csedge
date: Tue, 10 Jan 2023 14:17:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-encoding: gzip
x-cdn: Imperva
etag: "96e917b987f0bbf8e42c3385fc3fc4d0a6096600"
vary: Origin
content-type: application/json
x-iinfo: 12-989909477-989909482 PNYN RT(1673360221838 3269) q(0 0 0 -1) r(1 1) U9
cache-control: no-cache, no-store, must-revalidate
server-timing: partner-strict, partner-total;dur=1, csedge-streamed, csedge-ttfb;dur=4
x-xss-protection: 1; mode=block
expires: Tue, 10 Jan 2023 14:20:02 GMT

GET
H2 200 13.7ca37fd749ece40e6b66.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 62 KB
19 KB 35ms
33ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/13.7ca37fd749ece40e6b66.chunk.js?Q_CLIENTVERSION=1.82.1&Q_CLIENTTYPE=web&Q_BRANDID=connect.werally.com

Requested by

Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ffbbc0f2a0e276384d94d71954af7d75ca787ea6243b06984ea4905477510e8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 502230
cf-polished: origSize=64429
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 07 Dec 2022 05:50:04 GMT
cf-bgj: minify
server: cloudflare
etag: W/"fbad-184eb224ae0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 787608c43b429142-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 InviteTriggers Show response
api.iperceptions.com/ 241 B
305 B 30ms
29ms XHR
application/json 52.138.200.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.iperceptions.com/InviteTriggers
Requested by: Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.138.200.61 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 14e18fc55f1d797941cf5499b21b6c5a41420412d45f9150750043bd0d17c172

Request headers

Referer: https://connect.werally.com/
accept-language: de-DE,de;q=0.9
SecurityToken: ef6177e6-a195-4fc1-9b32-7636466e19b5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Jan 2023 14:17:05 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
content-length: 241
expires: -1

GET
H2 200 RC45d36e81525548b9b0663a6859fd6b8b-source.min.js Show response
assets.adobedtm.com/512027f42d3c/da94e4cf7aac/ccd2688562ea/ 60 KB
20 KB 68ms
67ms Script
application/x-javascript 2a02:26f0:f700:495::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/da94e4cf7aac/ccd2688562ea/RC45d36e81525548b9b0663a6859fd6b8b-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/da94e4cf7aac/launch-39716f3a8c87.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:495::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 64b5a35bf484de20e542420cde68a25346c1cea028f22edf1c7c5530c9fcd8c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:05 GMT
content-encoding: gzip
last-modified: Thu, 05 Jan 2023 07:10:10 GMT
server: AkamaiNetStorage
etag: "d2fcb753314d090b9601b43eef795a21:1672902610.998838"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://connect.werally.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 19699
expires: Tue, 10 Jan 2023 15:17:05 GMT

POST
H2 202 replay
session-replay.browser-intake-datadoghq.com/api/v2/ 0
0 622ms
194ms Ping
application/json 2600:1f18:24e6:b901:7c4f:374c:6b44:3956
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://session-replay.browser-intake-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A4.15.0%2Cenv%3Aprod%2Cservice%3Achopshop-ui%2Cversion%3A6.133.11-stable&dd-api-key=pubb9d400b66085801fda89470302d2eeb6&dd-evp-origin-version=4.15.0&dd-evp-origin=browser&dd-request-id=d59e5f23-1d41-4a78-ba32-26f9080f2497
Requested by: Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-e9098bf5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:7c4f:374c:6b44:3956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://connect.werally.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryHeWaW5HY9pqbHMwM

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 443ms
28ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-52357682-5

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-e9098bf5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

983f20be1f8e20e4a9fb6c513f8351f3c6e38509976ae863504343ecbf7c2210

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44868
x-xss-protection: 0
last-modified: Tue, 10 Jan 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 Jan 2023 14:17:06 GMT

GET
H2 200 uhc Show response
connect.werally.com/rest/partner/v3/content/ 10 KB
3 KB 424ms
424ms XHR
application/json 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/rest/partner/v3/content/uhc?lineOfBusiness=ENI&planId=1aceb0d8-7a7a-4c01-b21f-c27029a2ad6a&policyId=&coverageTypes=medical

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

55875eb206c4b11d2e3293bdfca29e1973d8919559797c222245e27e314a2e2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Context-Config-PartnerId: uhc
X-XSRF-TOKEN: 6f3e21d8-61c4-4e5c-b556-65177b0bf710
Context-Config-PlanCode: 52
Accept-Language: de-DE,de;q=0.9
x-datadog-origin: rum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
x-datadog-sampling-priority: 1
Accept: application/json, text/plain, */*
Context-Config-ConsumerSource: connect-web
Referer: https://connect.werally.com/
X-Rally-Locale: en-US
x-datadog-parent-id: 3219455270876950595
x-datadog-trace-id: 9065143498979700943
Current-Connect-Session-Type: guest

Response headers

x-rally-correlationid: SW9uAAoSAUHTwQ-csedge
date: Tue, 10 Jan 2023 14:17:06 GMT
content-encoding: gzip
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
vary: Accept-Encoding, Accept-Encoding,Origin
content-type: application/json
x-iinfo: 12-989909477-989910528 NNNN CT(101 202 0) RT(1673360221838 3287) q(0 0 3 -1) r(4 4) U9
cache-control: no-cache, no-store, must-revalidate
server-timing: partner-strict, partner-total;dur=1, csedge-chunked, csedge-ttfb;dur=4
x-xss-protection: 1; mode=block

GET
H2 200 38-e9098bf5.chunk.js Show response
connect.werally.com/static/js/chunks/ 28 KB
7 KB 117ms
117ms Script
application/javascript 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/static/js/chunks/38-e9098bf5.chunk.js

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-e9098bf5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

653f1146d0372e049126565823cd3cd710c8675b94cbdd90a997f5e25c4d2054

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 06 Jan 2023 18:39:25 GMT
x-cdn: Imperva
etag: "63b86add-1cd9"
content-type: application/javascript
x-iinfo: 12-989909477-989909413 2VNN RT(1673360221838 3582) q(0 0 0 -1) r(1 1)
cache-control: max-age=15778463, public
content-length: 7385
expires: Wed, 12 Jul 2023 05:11:28 GMT

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 202 replay Show response
session-replay.browser-intake-datadoghq.com/api/v2/ 53 B
286 B 683ms
390ms XHR
application/json 2600:1f18:24e6:b901:7c4f:374c:6b44:3956
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://session-replay.browser-intake-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A4.15.0%2Cenv%3Aprod%2Cservice%3Achopshop-ui%2Cversion%3A6.133.11-stable&dd-api-key=pubb9d400b66085801fda89470302d2eeb6&dd-evp-origin-version=4.15.0&dd-evp-origin=browser&dd-request-id=4822693f-60e5-426c-a983-1d4f42cf9e43

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b901:7c4f:374c:6b44:3956 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

ca243642647ae7b4e4688ae136d45b8d4dd72a1ecb71ad98382654ead581bd37

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800;
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.werally.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryp8zI9nVneIgQW7kc

Response headers

date: Tue, 10 Jan 2023 14:17:07 GMT
strict-transport-security: max-age=15724800;
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53

OPTIONS
H2 200 InviteTriggers
api.iperceptions.com/ Frame 0
0 458ms
28ms Preflight 52.138.200.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.iperceptions.com/InviteTriggers
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.138.200.61 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: securitytoken
Access-Control-Request-Method: GET
Origin: https://connect.werally.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: securitytoken
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Tue, 10 Jan 2023 14:17:05 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H2 200 lastIndexed Show response
connect.werally.com/rest/provider/v2/ 41 B
337 B 115ms
115ms XHR
application/json 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/rest/provider/v2/lastIndexed?partnerId=uhc&coverageType=medical

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

4a1cb8840fd0e43274c780fced5df8fab39f5f85839c2f39f01ef5c276e81c7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Context-Config-PartnerId: uhc
X-XSRF-TOKEN: 6f3e21d8-61c4-4e5c-b556-65177b0bf710
Context-Config-PlanCode: 52
Accept-Language: de-DE,de;q=0.9
x-datadog-origin: rum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
x-datadog-sampling-priority: 1
Accept: application/json, text/plain, */*
Context-Config-ConsumerSource: connect-web
Referer: https://connect.werally.com/
X-Rally-Locale: en-US
x-datadog-parent-id: 7510938312157061048
x-datadog-trace-id: 5547446502780840581
Current-Connect-Session-Type: guest

Response headers

date: Tue, 10 Jan 2023 14:17:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
x-cdn: Imperva
x-iinfo: 12-989909477-989910255 PNYN RT(1673360221838 3692) q(0 0 0 -1) r(1 1) U9
server-timing: provider-strict, provider-total;dur=1, providerRouter-streamed, providerRouter-ttfb;dur=3, csedge-streamed, csedge-ttfb;dur=6
x-xss-protection: 1; mode=block
x-rally-correlationid: mGb9f3wddsvMtp-csedge
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
etag: "7cfea15167941345a05e6a2cbef473aca74c7787"
vary: Origin
x-frame-options: DENY
content-type: application/json
cache-control: public, max-age=900
expires: Tue, 10 Jan 2023 14:31:16 GMT

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 244ms
243ms Ping
application/json 2600:1f18:24e6:b902:6a0d:5266:caed:e4b0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.15.0%2Cenv%3Aprod%2Cservice%3Achopshop-ui%2Cversion%3A6.133.11-stable&dd-api-key=pubb9d400b66085801fda89470302d2eeb6&dd-evp-origin-version=4.15.0&dd-evp-origin=browser&dd-request-id=f6dcfa25-4652-4680-9240-e522ed59fd4b&batch_time=1673360226412
Requested by: Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-e9098bf5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:6a0d:5266:caed:e4b0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://connect.werally.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 37 KB
4 KB 154ms
154ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0Neqx1dGGrrlV4y&Q_CLIENTVERSION=1.82.1&Q_CLIENTTYPE=web

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0db9d29f883011e006204f0994166366b5b2b1133a3dbaf0782b5ae2ce1172a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.werally.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 10 Jan 2023 14:17:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://connect.werally.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 4f420cd91a278581
cf-ray: 787608c729829142-FRA
timing-allow-origin: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 52ms
13ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-52357682-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 10 Jan 2023 13:50:34 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1592
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 10 Jan 2023 15:50:34 GMT

GET
H2 200 IpEngine_v78.0.js Show response
universal.iperceptions.com/core/ 11 KB
4 KB 8ms
8ms Script
application/javascript 2600:9000:225e:7600:8:e7ba:7440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://universal.iperceptions.com/core/IpEngine_v78.0.js
Requested by: Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:7600:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 70dc97a60ab824c4b4f362341733bde439ac6bd7534d2b5b193fbd37d9413ea6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 10 Jan 2023 14:15:08 GMT
content-encoding: gzip
via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
content-md5: ofN/a2/Vf6dAsat1lPzqnA==
age: 118
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-ms-lease-status: unlocked
last-modified: Mon, 22 Mar 2021 17:01:33 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2a658f14-c01e-0053-7c06-20f5c7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-amz-cf-id: 6578i0X2nyRmNc5Pr3s2MGtBMTtwFZONhzSZVk9tipoVar6sEAO9fw==

GET
H2 200 12426_638066494318468184 Show response
sd.iperceptions.com/ius-359cd6b861125d638f6cea04ffb14739/ 214 KB
13 KB 91ms
10ms Script
application/javascript 2600:9000:2156:b000:18:ee0c:6e00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sd.iperceptions.com/ius-359cd6b861125d638f6cea04ffb14739/12426_638066494318468184
Requested by: Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:b000:18:ee0c:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e8477b6409506da34979e90c6995517faf03c12904141d338e4bacb0956a2935

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 10 Jan 2023 14:13:17 GMT
content-encoding: gzip
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront)
content-md5: ypqNFN5nZy8UwWp2ekr+9A==
age: 229
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 13052
x-ms-lease-status: unlocked
last-modified: Wed, 14 Dec 2022 21:17:12 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8DADE18910DBAAD
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5e3a4a9a-c01e-006e-22fd-246ca6000000
cache-control: x-ms-blob-cache-control: public, max-age=900
x-ms-version: 2009-09-19
accept-ranges: bytes
x-amz-cf-id: jXESO6jW_AfBVQNg0AiSOXlRAzxVi0xEcOEqKOoaqKUKVTAWqBqWcQ==

GET
H2 200 42-e9098bf5.chunk.js Show response
connect.werally.com/static/js/chunks/ 4 KB
2 KB 123ms
122ms Script
application/javascript 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/static/js/chunks/42-e9098bf5.chunk.js

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-e9098bf5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

b1d28e9a1d937da280d58a86f9e52a33a91a2d748839aed0653dcf6e4a0c8d68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 06 Jan 2023 18:39:25 GMT
x-cdn: Imperva
etag: W/"63b86add-107a"
content-type: application/javascript
x-iinfo: 12-989909477-989908296 2VNN RT(1673360221838 3977) q(0 0 0 -1) r(1 1)
cache-control: max-age=15778463, public
content-length: 1694
expires: Wed, 12 Jul 2023 05:11:28 GMT

GET
H2 200 covidIcon-c7a5dde5.svg
connect.werally.com/static/media/ 3 KB
3 KB 129ms
128ms Image
image/svg+xml 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://connect.werally.com/static/media/covidIcon-c7a5dde5.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

1e1748e5e554cf973e4f4b492a09f07d619811348bf5e01569ab7e766917a0bf

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com .rally-dev.com .werally.com .werally.in myoptum-stage.akamaized.net .optum.com .liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net .qualtrics.com .doubleclick.net https://.qualtrics.com .liveandworkwell.com .liveperson.net .optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' .liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com .doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com .liveandworkwell.com .myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com .doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net .iperceptions.com .zeronaught.com api.mapbox.com events.mapbox.com .doubleclick.net www.google-analytics.com smetrics.optum.com .qualtrics.com .sendbird.com wss://.sendbird.com unitedhealthgroup.tt.omtrdc.net https://.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com .rally-dev.com .werally.com .werally.in .uhc.com .datadoghq.com .optum.com .liveandworkwell.com ; frame-src https://.werally.in https://.werally.com https://.optum.com https://.uhc.com https://.myuhc.com https://.rallyhealth.com https://.iperceptions.com https://.doubleclick.net https://*.lpsnmedia.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com https://uhg1.co1.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:06 GMT
content-security-policy: base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com *.rally-dev.com *.werally.com *.werally.in myoptum-stage.akamaized.net *.optum.com *.liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://*.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net *.qualtrics.com *.doubleclick.net https://*.qualtrics.com *.liveandworkwell.com *.liveperson.net *.optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' *.liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com *.doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://*.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com *.liveandworkwell.com *.myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com *.doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net *.iperceptions.com *.zeronaught.com api.mapbox.com events.mapbox.com *.doubleclick.net www.google-analytics.com smetrics.optum.com *.qualtrics.com *.sendbird.com wss://*.sendbird.com unitedhealthgroup.tt.omtrdc.net https://*.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com *.rally-dev.com *.werally.com *.werally.in *.uhc.com *.datadoghq.com *.optum.com *.liveandworkwell.com ; frame-src https://*.werally.in https://*.werally.com https://*.optum.com https://*.uhc.com https://*.myuhc.com https://*.rallyhealth.com https://*.iperceptions.com https://*.doubleclick.net https://*.lpsnmedia.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com https://uhg1.co1.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 06 Jan 2023 18:39:25 GMT
x-cdn: Imperva
etag: W/"63b86add-a1f"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
x-iinfo: 12-989909477-989909412 2NNN RT(1673360221838 4022) q(0 0 0 -1) r(1 1)
cache-control: public, max-age=15778463
x-xss-protection: 1; mode=block

GET
H2 200 logo-e6567e5c.svg
connect.werally.com/static/media/ 7 KB
4 KB 425ms
424ms Image
image/svg+xml 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://connect.werally.com/static/media/logo-e6567e5c.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

a232d397087067853daa9a8df775d85b961dc3e9eb91211bb10e4bfb75c3e597

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com .rally-dev.com .werally.com .werally.in myoptum-stage.akamaized.net .optum.com .liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net .qualtrics.com .doubleclick.net https://.qualtrics.com .liveandworkwell.com .liveperson.net .optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' .liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com .doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com .liveandworkwell.com .myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com .doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net .iperceptions.com .zeronaught.com api.mapbox.com events.mapbox.com .doubleclick.net www.google-analytics.com smetrics.optum.com .qualtrics.com .sendbird.com wss://.sendbird.com unitedhealthgroup.tt.omtrdc.net https://.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com .rally-dev.com .werally.com .werally.in .uhc.com .datadoghq.com .optum.com .liveandworkwell.com ; frame-src https://.werally.in https://.werally.com https://.optum.com https://.uhc.com https://.myuhc.com https://.rallyhealth.com https://.iperceptions.com https://.doubleclick.net https://*.lpsnmedia.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com https://uhg1.co1.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:07 GMT
content-security-policy: base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com *.rally-dev.com *.werally.com *.werally.in myoptum-stage.akamaized.net *.optum.com *.liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://*.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net *.qualtrics.com *.doubleclick.net https://*.qualtrics.com *.liveandworkwell.com *.liveperson.net *.optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' *.liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com *.doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://*.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com *.liveandworkwell.com *.myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com *.doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net *.iperceptions.com *.zeronaught.com api.mapbox.com events.mapbox.com *.doubleclick.net www.google-analytics.com smetrics.optum.com *.qualtrics.com *.sendbird.com wss://*.sendbird.com unitedhealthgroup.tt.omtrdc.net https://*.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com *.rally-dev.com *.werally.com *.werally.in *.uhc.com *.datadoghq.com *.optum.com *.liveandworkwell.com ; frame-src https://*.werally.in https://*.werally.com https://*.optum.com https://*.uhc.com https://*.myuhc.com https://*.rallyhealth.com https://*.iperceptions.com https://*.doubleclick.net https://*.lpsnmedia.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com https://uhg1.co1.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 06 Jan 2023 18:39:25 GMT
x-cdn: Imperva
etag: W/"63b86add-1ad8"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
x-iinfo: 12-989909477-989907277 2NNN RT(1673360221838 4028) q(0 0 0 -1) r(4 4)
cache-control: public, max-age=15778463
x-xss-protection: 1; mode=block

GET
H2 200 rally_footer-b3841f4d.svg
connect.werally.com/static/media/ 2 KB
1 KB 132ms
132ms Image
image/svg+xml 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://connect.werally.com/static/media/rally_footer-b3841f4d.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

940efd0e484c110b53e2118e1bcdcf8760f04df2d8032416dd63a461fc3e950a

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com .rally-dev.com .werally.com .werally.in myoptum-stage.akamaized.net .optum.com .liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net .qualtrics.com .doubleclick.net https://.qualtrics.com .liveandworkwell.com .liveperson.net .optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' .liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com .doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com .liveandworkwell.com .myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com .doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net .iperceptions.com .zeronaught.com api.mapbox.com events.mapbox.com .doubleclick.net www.google-analytics.com smetrics.optum.com .qualtrics.com .sendbird.com wss://.sendbird.com unitedhealthgroup.tt.omtrdc.net https://.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com .rally-dev.com .werally.com .werally.in .uhc.com .datadoghq.com .optum.com .liveandworkwell.com ; frame-src https://.werally.in https://.werally.com https://.optum.com https://.uhc.com https://.myuhc.com https://.rallyhealth.com https://.iperceptions.com https://.doubleclick.net https://*.lpsnmedia.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com https://uhg1.co1.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:06 GMT
content-security-policy: base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com *.rally-dev.com *.werally.com *.werally.in myoptum-stage.akamaized.net *.optum.com *.liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://*.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net *.qualtrics.com *.doubleclick.net https://*.qualtrics.com *.liveandworkwell.com *.liveperson.net *.optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' *.liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com *.doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://*.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com *.liveandworkwell.com *.myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com *.doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net *.iperceptions.com *.zeronaught.com api.mapbox.com events.mapbox.com *.doubleclick.net www.google-analytics.com smetrics.optum.com *.qualtrics.com *.sendbird.com wss://*.sendbird.com unitedhealthgroup.tt.omtrdc.net https://*.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com *.rally-dev.com *.werally.com *.werally.in *.uhc.com *.datadoghq.com *.optum.com *.liveandworkwell.com ; frame-src https://*.werally.in https://*.werally.com https://*.optum.com https://*.uhc.com https://*.myuhc.com https://*.rallyhealth.com https://*.iperceptions.com https://*.doubleclick.net https://*.lpsnmedia.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com https://uhg1.co1.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 06 Jan 2023 18:39:25 GMT
x-cdn: Imperva
etag: W/"63b86add-88a"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
x-iinfo: 12-989909477-989905783 2NNN RT(1673360221838 4033) q(0 0 0 -1) r(1 1)
cache-control: public, max-age=15778463
x-xss-protection: 1; mode=block

GET
H2 200 uhc Show response
connect.werally.com/rest/partner/v3/content/ 10 KB
3 KB 118ms
118ms XHR
application/json 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/rest/partner/v3/content/uhc?lineOfBusiness=ENI&planId=1aceb0d8-7a7a-4c01-b21f-c27029a2ad6a&coverageTypes=medical

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

55875eb206c4b11d2e3293bdfca29e1973d8919559797c222245e27e314a2e2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Context-Config-PartnerId: uhc
X-XSRF-TOKEN: 6f3e21d8-61c4-4e5c-b556-65177b0bf710
Context-Config-PlanCode: 52
Accept-Language: de-DE,de;q=0.9
x-datadog-origin: rum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
x-datadog-sampling-priority: 1
Accept: application/json, text/plain, */*
Context-Config-ConsumerSource: connect-web
Referer: https://connect.werally.com/
X-Rally-Locale: en-US
x-datadog-parent-id: 7449754801450178945
x-datadog-trace-id: 8293929998700563697
Current-Connect-Session-Type: guest

Response headers

x-rally-correlationid: AtaM8DGVurk3CD-csedge
date: Tue, 10 Jan 2023 14:17:06 GMT
content-encoding: gzip
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
vary: Accept-Encoding, Accept-Encoding,Origin
content-type: application/json
x-iinfo: 12-989909477-989910255 PNNN RT(1673360221838 4045) q(0 0 0 -1) r(1 1) U9
cache-control: no-cache, no-store, must-revalidate
server-timing: partner-strict, partner-total;dur=1, csedge-chunked, csedge-ttfb;dur=4
x-xss-protection: 1; mode=block

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 102 KB
32 KB 37ms
36ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.82.1&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/13.7ca37fd749ece40e6b66.chunk.js?Q_CLIENTVERSION=1.82.1&Q_CLIENTTYPE=web&Q_BRANDID=connect.werally.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

729d6411c6631a4b21c42200ac8a537fb9ec5c00986b2253be6b99be8203b4c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 541868
cf-polished: origSize=105381
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 07 Dec 2022 05:50:04 GMT
cf-bgj: minify
server: cloudflare
etag: W/"19ba5-184eb224ae0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 787608c97eca9142-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 92-e9098bf5.chunk.js Show response
connect.werally.com/static/js/chunks/ 9 KB
3 KB 402ms
401ms Script
application/javascript 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/static/js/chunks/92-e9098bf5.chunk.js

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-e9098bf5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

07195cde986a478b94346dc6f5184a512ad2c47bdacd35932fbadf9ef7c79d2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 06 Jan 2023 18:39:25 GMT
x-cdn: Imperva
etag: W/"63b86add-2429"
content-type: application/javascript
x-iinfo: 12-989909477-989909412 2VNN RT(1673360221838 4158) q(0 0 0 -1) r(4 4)
cache-control: max-age=15778463, public
content-length: 2814
expires: Wed, 12 Jul 2023 05:11:29 GMT

GET
H2 200 0 Show response
connect.werally.com/rest/guide/v1/guidedSearch/medicalProvider/ 5 KB
2 KB 151ms
150ms XHR
application/json 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/rest/guide/v1/guidedSearch/medicalProvider/0?configuration=uhc&language=en

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

67e43869e62f4a2619fc6a41c23f3540d545b249a66f693bb8afdf3912740aa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

x0lgUEyvqm-f: A7esCpyFAQAAeHn4xnoAh2-HzIGMxqcQfvTlVAVoP1qBVTDQOFKz-aX2G8rPAdlAl0WucgBSwH8AAEB3AAAAAA==
X-XSRF-TOKEN: 6f3e21d8-61c4-4e5c-b556-65177b0bf710
x0lgUEyvqm-c: AKDKCJyFAQAAV58cPF0ai-bbc8waLmv8XqtcC2ZfKMEselUFyTPa1p9xKW93
X-Rally-Consumer-Source: Connect-Web
Accept-Language: de-DE,de;q=0.9
x0lgUEyvqm-b: -4c6sfk
Context-Config-ConsumerSource: connect-web
X-Rally-Locale: en-US
x-datadog-parent-id: 4655886917597156116
x0lgUEyvqm-d: ABaChIjBDKGNgUGAQZIQhISi0eIApJmBDgAz2tafcSlvdwAAAAA10YoDAIyfN8q0Fc6OwPLmiD26MQs
Context-Config-PartnerId: uhc
Context-Config-PartnerGroup: uhc
Context-Config-PlanCode: 52
x0lgUEyvqm-a: MII_MzhIA_rfQx_vv=S8uLpJpwSwMEJG70AeYKk1TSRIulC9C39efhjcT05undCbq87QXQvrhsTX-56raJ2Pg9EOh-hiVmllniJ7tz2CeFvel3-KpppV5j1pYesXtaIk6Jx5vQJPON2Vcbc_q077Ap-0DWPF1fp9lN9mkA2fYWjkJZn0mrp5wFJOaYThi8VVxCQ3WjQ=nPZA1zPKfuyRwBYh-XJlkA3z8Y8bdCyBdG3L5SnEEZ3MY48quAOuEEkGL15wR-OzTCQD9qwboFiBC9Sd9QZZK40ko-E4pUhRA0=ZzDf3lxExMlDK6njxzOC8GTrbUTgS9XBbilrc2NFKTNb4Xgs5RQSXWOi=k68gzuT6IZVeqOnc33c6zCzfpOXzpd2MBggv7-Bkdo9pdlkE=jaIIETrxlwiDaxvNW0AswJtcQCuXMnnjamJ7lrd990xmKoE8lp0lpBNFkB8F-fr8bK_WaMKmbFFPCYSm0YgBFuKwYjDxZ2muZbcj15bJ20o7YDP0m-M1Rp0ac2pLjwCOmUISRsKgl_=Th5G51ebbEqxlj46xh-RSSGUryhl8VLlPOBhencIs9=rEcBhU4_eq-nTdyS4BL1t1D0LqZyR73NccZ4sZ9TlQZX1gfA2xWZFkofV89oD9Vvj-pcQi1V4h7D_QpWf30vWyf4b--0jcF_Mn5FwKsdzqykt=S7xWhefQpafl3EeTfSgGVode4s=Qzyb9YJD4Jdkl9mGKYgWXpvLoMrvRJ2NYxxNwTnP=UsLEL9KNZCiy5UEm2ArI81spSwCFUVt42nqxP6IOLoMlqwOPjlBgRye96q7XoBI-QA_Be=NeagucJzQUBKJ9XhkD9tI6zMU13IbJlyTswTLldjMjQF4R9Mwg700Sze6VKEN6ULtVp0yP1gn3p_ORFnt7BfVNn4aqh5vJSaQc_jkxOl6rYePX4Ls55y3Z-UikjzdEO9KeUtKKZF6CpoA-ydjRId6evZcTe8O0qjvBhaw6_L=VGag0JWt=QPK-yOiJ2AfCoPrxl-KC_zT2v9z0hiIjyXym_RNG2wZTl74q3oOpDEpiA0jWnbWAk7Uv5uBVoIWD7Ig5zmI3CTum666OZ-l-YSF9akJB-AKYXrmZ2lICkmFQDoLBnehxXSgEJtID4ohEUS_ftq2OVROoM7KSnGOpurXG1VgelOv5p6D8WQh4wZ2GiMBQSzfBRJo=JTmhmUg58WZt7XkpWYR=MoDP6TR_E0hTUllBJcC2gK=nQpVA=E2b2GsQoQViGlayN_7nmYXhrcgL91cx1Ul9A3w7gPZYBcD8G7R-ln3PakS4cQtIykUy7=__knjcwhIhdgMaDcvLgNqoV8F87oITc3IRyawBqng0jjj8DdehaN6chYQJ-UjuW6f88SBbdyJiwCwdliXnufG-hbU-OAtgpAJCFST6Y4gjBWrGDnJ6ZoiV5jYJ8XeWRIzUbgkxFlzwt6FRDaiDO3OmDSZOULQ5lJBi0bylvdoXpCGChUxyUBp4=VCYjJ1pFpUaUUwhvlLYdWQ-Ja_hfjaC0fY17TjBLyoP5U_AgwDdDgk0Dbs8wAfGqXVxDGnzkygws5DxrLobT=TlOxRhapJXItzfR2EB69212RZXFPDoRDBn3YjSDl4I5C2DPEEmUV40ncIb94hK=d7vw2OnM8o_8-sSIbKPjI2P7QQkkUq9s=pTPBgpCKdrPA32ie6fsX1fkL_WUjwy4LCdOYVk04xJZ=EBrj_SN3nie2nDVwKVdnEZisaptJQaKsSmcBwI1mUytxLUE5wzvqQOkDAV8m0d0YkCw0oE5qK4_v1rr-coLJWqCyjnAD0wwzSFLkbB4_-g89EjILEklDh4Z1N3j7yiQ4iQPYrQxOIGXc_T9oZElY9jQzsVC5bsgSK_iKvpI4-6Q-y3PGZSaBRMC7x6itVUn8ANQ=ak9aklRFfpbn--c1401iK_1EbS06j1Nlp9idLaUVRk6UZqhzx4cbjnX6Z9Qtx1MGKznCxuiztPzb88Ipj0x1CS_dfNE6tf6bxCM0tEi5b2t2=5l5WOYzsd11Xl2IimLcS35Auf-MVrSBiKp33wAGEBwqnxZSdwMs2W4rlQbPsOTvb1akwOu1f9X-XEYdFRif=bo5xj9hqgfuaZD8_-ST5Fqzzz--aZJ3rIeRIK_l_q46oYbarxDC9EunLDKC0lZqdDWlU-uz5sAeqkaMfa_cud8QDNyfkWyhZMLbed71alD4Acjy8D0bG_bG4fVc-D=ze2q9j-kxCsWgZq37KD0PleBIQKPNBsmvZL6srrrA=vFpguaQLyD42P9Ms7cI46r_z5IUzqz19zNk3YruYZ2MUWW-D8x=E0l6R_-IiFdPrZCC1t7ysDRq==1eY4JdbewAD5_cJCb_XiCXvYVa=Fy__1Rfr-rQTf9vW-chXBMh_V-w54JZnXCwWmgUZoTeAXnXDj8=7brhauRA5RLJaklxBGYszr4oZsPV0pYvtbyi9NrwhIjN9V8lYNGcyxM7nSSP2U=RR6ucJaIuinWlnyyiBKEqsXN-9rFLLQritkekCL3qf_0M=uWUmMxVVkPx=G7CfGrp9CMAMkJgiOuxxDL=dX-r2agJ0M4Tj8l5pn8pL0Q4ZgGgxnjyjvoCASvuenroC-dhtFNc=89IZ8YcL8L_DOJWMpZcQE1Wg4Pw5C6wSF-IBO2aakQmGd7AOLb6xrJ13YTVmTgPhVtJ82X63vTvVTNUIJC=G9AbCdZQ-7PRR74ZtA3vlIOFMWhhrYg=Kqzj_VtAME2=NlAQN5JzQMOYOm24=oPjdX1tflo9_45bkoOys2Fi=Yl6uYyLhzbR7QKRpldEx_3905AvFbSXGiD61GDgFPMF6p52u8iyvityuwKTR2K2ALPQuDvx4IeKQPIWbOe8iNLK5o-AtM_F8Ka=VsX-ggmbIKdc=ewefRs6A-LjpW1EssUDUxzOnz5iAL2ZRiaYST7=jK=CdZ3nMAoY2BWnt-0BPfQ25aWmEbV9PVYsJjjnZlK6g=jMi1aA=b_yoTx8eFQ6N=yLQBc6FyW9bfDGgAKalyZQAisI7r-YK1Ay4T-MY5yD0QEaQg7UwmROIglg4qdRe7lUkbaOCq0LOGlIv07o54IoV_aOJolZAsVLh04ecta4Gr_rExdkSwhlvVAdD2s9av9svlp9ITtMoDDk6vhhguJ8wBuzBqkrJujl4ZLJYxMcC7MLYT7N=6YmAjUlZ0ajvfKu6_79pWYEnqRe=JapCYzntho68nvfM3_fVlJdWgnUIw=wMrLpuB_eodmtOfvIb6hNmOydFk0VSX3YEA1CnrBEZpOOAgaomTIyMxPEPPumVC_3e9BIoCmpgYl5-Pq5tp=o97WlYc40IjkOunKPO0JPnKqG-Y_jOF4tr5rTTv4oznsc5a8=poWDlopdMd7vLBW6qWMmEWStFwLlauEUbokoA-X_0ecFZy2Fs
x-datadog-origin: rum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
x0lgUEyvqm-z: q
x-datadog-sampling-priority: 1
Accept: application/json, text/plain, */*
Referer: https://connect.werally.com/
x-datadog-trace-id: 7203467338356069016
Current-Connect-Session-Type: guest

Response headers

x-rally-correlationid: Rso2PZpVZsg5t3-csedge
date: Tue, 10 Jan 2023 14:17:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-encoding: gzip
x-cdn: Imperva, Imperva
vary: Accept-Encoding, Accept-Encoding, X-Rally-Locale,Origin
content-type: application/json; charset=UTF-8
x-ion-hop: 1
x-iinfo: 3-20972861-20972863 SNNN RT(1673360220599 5784) q(0 0 0 -1) r(0 0) U9, 12-989909477-989909663 PNYN RT(1673360221838 4285) q(0 0 0 -1) r(1 1) U9
cache-control: max-age=900
server-timing: guide-strict, guide-total;dur=2, csedge-streamed, csedge-ttfb;dur=5
x-xss-protection: 1; mode=block

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 64ms
22ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=29472913&t=pageview&_s=1&dl=https%3A%2F%2Fconnect.werally.com%2F&ul=en-us&de=UTF-8&dt=Find%20Care&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=163910050&gjid=1910251251&cid=533470708.1673360227&tid=UA-52357682-5&_gid=1454350126.1673360227&_r=1&gtm=2ou190&z=1490548644

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.werally.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 Jan 2023 14:17:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://connect.werally.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 harvest_12426.js Show response
art.azureedge.net/harvest/ 9 KB
2 KB 126ms
12ms Script
application/x-javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://art.azureedge.net/harvest/harvest_12426.js
Requested by: Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48BA) /
Resource Hash: 6e0b58d9b7952c332d9c9ce2a2c54447f3858e09f66d5e542414b24aabb9f77d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 10 Jan 2023 14:17:07 GMT
content-encoding: gzip
last-modified: Tue, 21 Jan 2020 17:36:10 GMT
server: ECAcc (ama/48BA)
age: 380648
etag: 0x8D79E98674A1069
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
x-ms-request-id: 9df0d543-501e-00bf-5687-21225f000000
x-ms-version: 2009-09-19
content-length: 2019

GET
H2 200 55401 Show response
connect.werally.com/rest/cost-source-uhc/v1/leased/ 5 B
320 B 130ms
130ms XHR
application/json 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/rest/cost-source-uhc/v1/leased/55401

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Context-Config-PartnerId: uhc
X-XSRF-TOKEN: 6f3e21d8-61c4-4e5c-b556-65177b0bf710
Context-Config-PlanCode: 52
Accept-Language: de-DE,de;q=0.9
x-datadog-origin: rum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
x-datadog-sampling-priority: 1
Accept: application/json, text/plain, */*
Context-Config-ConsumerSource: connect-web
Referer: https://connect.werally.com/
X-Rally-Locale: en-US
x-datadog-parent-id: 6276286643153544880
x-datadog-trace-id: 97413688967832897
Current-Connect-Session-Type: guest

Response headers

x-rally-correlationid: zStpB7X4fJ4WFb-csedge
date: Tue, 10 Jan 2023 14:17:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-encoding: gzip
x-cdn: Imperva
vary: Accept,Origin
content-type: application/json
x-iinfo: 12-989909477-989909482 PNYN RT(1673360221838 4397) q(0 0 0 -1) r(1 1) U9
cache-control: no-cache, no-store, must-revalidate
server-timing: costSourceUhc-strict, costSourceUhc-total;dur=0, csedge-streamed, csedge-ttfb;dur=3
x-xss-protection: 1; mode=block

GET
H2 200 6.4163748cda0759be4763.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 2 KB
896 B 73ms
73ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/6.4163748cda0759be4763.chunk.js?Q_CLIENTVERSION=1.82.1&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise

Requested by

Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f1029f29c512db69b990c88df7878d2a9276e4b088d8dee247597cee0eab6f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 541869
cf-polished: origSize=2539
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 07 Dec 2022 05:50:04 GMT
cf-bgj: minify
server: cloudflare
etag: W/"9eb-184eb224ae0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 787608cbab799142-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 1.7d5648fd7c0291d649aa.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 28 KB
7 KB 37ms
37ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.7d5648fd7c0291d649aa.chunk.js?Q_CLIENTVERSION=1.82.1&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise

Requested by

Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c84e4bcd88b32d5966e7ea1bc5d08cf447f70fcf3e3c3e6bbde1b5eb471ef82a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 541869
cf-polished: origSize=29628
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 07 Dec 2022 05:50:04 GMT
cf-bgj: minify
server: cloudflare
etag: W/"73bc-184eb224ae0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 787608cbab7e9142-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
442 B 54ms
20ms XHR
text/plain 2a00:1450:4025:401::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-52357682-5&cid=533470708.1673360227&jid=163910050&gjid=1910251251&_gid=1454350126.1673360227&_u=YEBAAUAAAAAAACAAI~&z=473493704

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.werally.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 10 Jan 2023 14:17:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://connect.werally.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 224ms
223ms Ping
application/json 2600:1f18:24e6:b902:6a0d:5266:caed:e4b0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.15.0%2Cenv%3Aprod%2Cservice%3Achopshop-ui%2Cversion%3A6.133.11-stable&dd-api-key=pubb9d400b66085801fda89470302d2eeb6&dd-evp-origin-version=4.15.0&dd-evp-origin=browser&dd-request-id=2b97731a-3e97-414e-ba3d-0ac6877e1fa8&batch_time=1673360227178
Requested by: Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-e9098bf5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:6a0d:5266:caed:e4b0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://connect.werally.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 ip.gif Show response
post.iperceptions.com/ 32 B
574 B 397ms
290ms XHR
image/gif 2600:9000:223c:400:15:bf9a:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://post.iperceptions.com/ip.gif?sid=6333e378-dbd1-e5ba-c499-b5bf9f1f9d08&vid=f2064cce-e6db-d67e-4c91-5080ce221952&tkid=ef6177e6-a195-4fc1-9b32-7636466e19b5&url=https%3A%2F%2Fconnect.werally.com%2F&title=Find%20Care

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:400:15:bf9a:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADMa DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cross-origin-resource-policy: cross-origin
content-length: 32
last-modified: Mon, 06 Nov 2017 18:05:13 GMT
server: Apache
etag: "576fcca2957d31:0"
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: PW9Hbm3QYxw2wv5d5lRlk49QvO3EVjUQmvCHMDSPijaBYVY2Qe47vA==

POST
H2 200 / Show response
api.amplitude.com/ 7 B
206 B 1606ms
712ms XHR
text/html 52.10.218.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.218.229 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-10-218-229.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://connect.werally.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 10 Jan 2023 14:17:08 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-63bd7364-471e890d4e8ce0ef4c60d20b
content-length: 7
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
H2 200 icon-43b852da.woff2
connect.werally.com/static/media/ 9 KB
9 KB 444ms
443ms Font
font/woff2 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/static/media/icon-43b852da.woff2

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/static/css/united-unified-e9098bf5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

22f66e1c3399206e5b69c4639160d43adf00e67e42c875bbbc31502ecb6e2aaa

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com .rally-dev.com .werally.com .werally.in myoptum-stage.akamaized.net .optum.com .liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net .qualtrics.com .doubleclick.net https://.qualtrics.com .liveandworkwell.com .liveperson.net .optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' .liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com .doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com .liveandworkwell.com .myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com .doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net .iperceptions.com .zeronaught.com api.mapbox.com events.mapbox.com .doubleclick.net www.google-analytics.com smetrics.optum.com .qualtrics.com .sendbird.com wss://.sendbird.com unitedhealthgroup.tt.omtrdc.net https://.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com .rally-dev.com .werally.com .werally.in .uhc.com .datadoghq.com .optum.com .liveandworkwell.com ; frame-src https://.werally.in https://.werally.com https://.optum.com https://.uhc.com https://.myuhc.com https://.rallyhealth.com https://.iperceptions.com https://.doubleclick.net https://*.lpsnmedia.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com https://uhg1.co1.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://connect.werally.com/static/css/united-unified-e9098bf5.css
Origin: https://connect.werally.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:07 GMT
content-security-policy: base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com *.rally-dev.com *.werally.com *.werally.in myoptum-stage.akamaized.net *.optum.com *.liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://*.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net *.qualtrics.com *.doubleclick.net https://*.qualtrics.com *.liveandworkwell.com *.liveperson.net *.optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' *.liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com *.doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://*.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com *.liveandworkwell.com *.myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com *.doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net *.iperceptions.com *.zeronaught.com api.mapbox.com events.mapbox.com *.doubleclick.net www.google-analytics.com smetrics.optum.com *.qualtrics.com *.sendbird.com wss://*.sendbird.com unitedhealthgroup.tt.omtrdc.net https://*.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com *.rally-dev.com *.werally.com *.werally.in *.uhc.com *.datadoghq.com *.optum.com *.liveandworkwell.com ; frame-src https://*.werally.in https://*.werally.com https://*.optum.com https://*.uhc.com https://*.myuhc.com https://*.rallyhealth.com https://*.iperceptions.com https://*.doubleclick.net https://*.lpsnmedia.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com https://uhg1.co1.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 06 Jan 2023 18:39:25 GMT
x-cdn: Imperva
etag: "63b86add-229c"
x-frame-options: DENY
content-type: font/woff2
x-iinfo: 12-989909477-989910521 2NNN RT(1673360221838 4684) q(0 0 0 -1) r(4 4)
cache-control: public, max-age=15778463
accept-ranges: bytes
content-length: 8860
x-xss-protection: 1; mode=block

POST
H3 200 rallyhealth Show response
us.gimp.zeronaught.com/__imp_apg__/api/dc/ 53 B
69 B 138ms
121ms XHR
text/html 34.120.21.7
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://us.gimp.zeronaught.com/__imp_apg__/api/dc/rallyhealth?key=AIzaSyBSNSqUBneAZSfuYeWzovo86EyOLTgPuZA
Requested by: Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.21.7 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 7.21.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 322ac41e3f05521ba1efe5310257d85ae581e120a8d0feaf9c52ca019101eb27

Request headers

Referer: https://connect.werally.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 10 Jan 2023 14:17:07 GMT
x-envoy-decorator-operation: ingress DeviceCategoryPost3
via: 1.1 google
server: envoy
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://connect.werally.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53

GET
H2 200 208-e9098bf5.chunk.js Show response
connect.werally.com/static/js/chunks/ 22 KB
6 KB 182ms
181ms Script
application/javascript 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/static/js/chunks/208-e9098bf5.chunk.js

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-e9098bf5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

70364596947c3e52ded4e02b70d097aae8c0f055dd07e752df318da380d80bc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/medicalProvider/root
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 06 Jan 2023 18:39:25 GMT
x-cdn: Imperva
etag: "63b86add-1916"
content-type: application/javascript
x-iinfo: 12-989909477-989908296 2VNN RT(1673360221838 4786) q(0 0 0 -1) r(1 1)
cache-control: max-age=15778463, public
content-length: 6422
expires: Wed, 12 Jul 2023 05:11:29 GMT

GET
H2 200 UHCSerifHeadline-Semibold-1ba3c397.woff
connect.werally.com/static/media/ 34 KB
37 KB 261ms
260ms Font
font/woff 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/static/media/UHCSerifHeadline-Semibold-1ba3c397.woff

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/static/css/united-unified-e9098bf5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

56032c4940c60d28fde373f46ffa13481b908a6a3edeecabddad239547755150

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com .rally-dev.com .werally.com .werally.in myoptum-stage.akamaized.net .optum.com .liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net .qualtrics.com .doubleclick.net https://.qualtrics.com .liveandworkwell.com .liveperson.net .optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' .liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com .doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com .liveandworkwell.com .myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com .doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net .iperceptions.com .zeronaught.com api.mapbox.com events.mapbox.com .doubleclick.net www.google-analytics.com smetrics.optum.com .qualtrics.com .sendbird.com wss://.sendbird.com unitedhealthgroup.tt.omtrdc.net https://.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com .rally-dev.com .werally.com .werally.in .uhc.com .datadoghq.com .optum.com .liveandworkwell.com ; frame-src https://.werally.in https://.werally.com https://.optum.com https://.uhc.com https://.myuhc.com https://.rallyhealth.com https://.iperceptions.com https://.doubleclick.net https://*.lpsnmedia.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com https://uhg1.co1.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://connect.werally.com/static/css/united-unified-e9098bf5.css
Origin: https://connect.werally.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:07 GMT
content-security-policy: base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com *.rally-dev.com *.werally.com *.werally.in myoptum-stage.akamaized.net *.optum.com *.liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://*.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net *.qualtrics.com *.doubleclick.net https://*.qualtrics.com *.liveandworkwell.com *.liveperson.net *.optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' *.liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com *.doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://*.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com *.liveandworkwell.com *.myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com *.doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net *.iperceptions.com *.zeronaught.com api.mapbox.com events.mapbox.com *.doubleclick.net www.google-analytics.com smetrics.optum.com *.qualtrics.com *.sendbird.com wss://*.sendbird.com unitedhealthgroup.tt.omtrdc.net https://*.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com *.rally-dev.com *.werally.com *.werally.in *.uhc.com *.datadoghq.com *.optum.com *.liveandworkwell.com ; frame-src https://*.werally.in https://*.werally.com https://*.optum.com https://*.uhc.com https://*.myuhc.com https://*.rallyhealth.com https://*.iperceptions.com https://*.doubleclick.net https://*.lpsnmedia.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com https://uhg1.co1.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 06 Jan 2023 18:39:25 GMT
x-cdn: Imperva
etag: "63b86add-89c8"
x-frame-options: DENY
content-type: font/woff
x-iinfo: 12-989909477-989910531 2NNN RT(1673360221838 4917) q(0 0 0 -1) r(1 1)
cache-control: public, max-age=15778463
accept-ranges: bytes
content-length: 35272
x-xss-protection: 1; mode=block

GET
H2 200 gs_icn_place_clinics-1c8b2885.svg
connect.werally.com/static/media/ 1 KB
504 B 275ms
273ms Image
image/svg+xml 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://connect.werally.com/static/media/gs_icn_place_clinics-1c8b2885.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

d42ae714398bbd69d56438fd3bcb87af255a2f5a247fc725077dfa27dfefec42

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com .rally-dev.com .werally.com .werally.in myoptum-stage.akamaized.net .optum.com .liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net .qualtrics.com .doubleclick.net https://.qualtrics.com .liveandworkwell.com .liveperson.net .optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' .liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com .doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com .liveandworkwell.com .myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com .doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net .iperceptions.com .zeronaught.com api.mapbox.com events.mapbox.com .doubleclick.net www.google-analytics.com smetrics.optum.com .qualtrics.com .sendbird.com wss://.sendbird.com unitedhealthgroup.tt.omtrdc.net https://.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com .rally-dev.com .werally.com .werally.in .uhc.com .datadoghq.com .optum.com .liveandworkwell.com ; frame-src https://.werally.in https://.werally.com https://.optum.com https://.uhc.com https://.myuhc.com https://.rallyhealth.com https://.iperceptions.com https://.doubleclick.net https://*.lpsnmedia.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com https://uhg1.co1.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/medicalProvider/root
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:07 GMT
content-security-policy: base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com *.rally-dev.com *.werally.com *.werally.in myoptum-stage.akamaized.net *.optum.com *.liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://*.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net *.qualtrics.com *.doubleclick.net https://*.qualtrics.com *.liveandworkwell.com *.liveperson.net *.optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' *.liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com *.doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://*.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com *.liveandworkwell.com *.myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com *.doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net *.iperceptions.com *.zeronaught.com api.mapbox.com events.mapbox.com *.doubleclick.net www.google-analytics.com smetrics.optum.com *.qualtrics.com *.sendbird.com wss://*.sendbird.com unitedhealthgroup.tt.omtrdc.net https://*.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com *.rally-dev.com *.werally.com *.werally.in *.uhc.com *.datadoghq.com *.optum.com *.liveandworkwell.com ; frame-src https://*.werally.in https://*.werally.com https://*.optum.com https://*.uhc.com https://*.myuhc.com https://*.rallyhealth.com https://*.iperceptions.com https://*.doubleclick.net https://*.lpsnmedia.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com https://uhg1.co1.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 06 Jan 2023 18:39:25 GMT
x-cdn: Imperva
etag: W/"63b86add-4dd"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
x-iinfo: 12-989909477-989908275 2NNN RT(1673360221838 4932) q(0 0 0 -1) r(1 2)
cache-control: public, max-age=15778463
x-xss-protection: 1; mode=block

GET
H2 200 gs_icn_pro_healthcarepro-9f0c825e.svg
connect.werally.com/static/media/ 2 KB
1 KB 296ms
293ms Image
image/svg+xml 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://connect.werally.com/static/media/gs_icn_pro_healthcarepro-9f0c825e.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

89efe0af1219e4f6ca46b677181c9db2cf1f5f6bec6195c672a41d87acb9cd92

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com .rally-dev.com .werally.com .werally.in myoptum-stage.akamaized.net .optum.com .liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net .qualtrics.com .doubleclick.net https://.qualtrics.com .liveandworkwell.com .liveperson.net .optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' .liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com .doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com .liveandworkwell.com .myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com .doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net .iperceptions.com .zeronaught.com api.mapbox.com events.mapbox.com .doubleclick.net www.google-analytics.com smetrics.optum.com .qualtrics.com .sendbird.com wss://.sendbird.com unitedhealthgroup.tt.omtrdc.net https://.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com .rally-dev.com .werally.com .werally.in .uhc.com .datadoghq.com .optum.com .liveandworkwell.com ; frame-src https://.werally.in https://.werally.com https://.optum.com https://.uhc.com https://.myuhc.com https://.rallyhealth.com https://.iperceptions.com https://.doubleclick.net https://*.lpsnmedia.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com https://uhg1.co1.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/medicalProvider/root
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:07 GMT
content-security-policy: base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com *.rally-dev.com *.werally.com *.werally.in myoptum-stage.akamaized.net *.optum.com *.liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://*.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net *.qualtrics.com *.doubleclick.net https://*.qualtrics.com *.liveandworkwell.com *.liveperson.net *.optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' *.liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com *.doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://*.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com *.liveandworkwell.com *.myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com *.doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net *.iperceptions.com *.zeronaught.com api.mapbox.com events.mapbox.com *.doubleclick.net www.google-analytics.com smetrics.optum.com *.qualtrics.com *.sendbird.com wss://*.sendbird.com unitedhealthgroup.tt.omtrdc.net https://*.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com *.rally-dev.com *.werally.com *.werally.in *.uhc.com *.datadoghq.com *.optum.com *.liveandworkwell.com ; frame-src https://*.werally.in https://*.werally.com https://*.optum.com https://*.uhc.com https://*.myuhc.com https://*.rallyhealth.com https://*.iperceptions.com https://*.doubleclick.net https://*.lpsnmedia.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com https://uhg1.co1.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 06 Jan 2023 18:39:25 GMT
x-cdn: Imperva
etag: W/"63b86add-79f"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
x-iinfo: 12-989909477-989908599 2NNN RT(1673360221838 4962) q(0 0 0 -1) r(1 1)
cache-control: public, max-age=15778463
x-xss-protection: 1; mode=block

GET
H2 200 gs_icn_pro_place-6f9da682.svg
connect.werally.com/static/media/ 3 KB
628 B 306ms
303ms Image
image/svg+xml 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://connect.werally.com/static/media/gs_icn_pro_place-6f9da682.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

1232296dafcc8fc7574ff7f51669c5ba4521b66ab4a2e2a7333cc67fb9f16131

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com .rally-dev.com .werally.com .werally.in myoptum-stage.akamaized.net .optum.com .liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net .qualtrics.com .doubleclick.net https://.qualtrics.com .liveandworkwell.com .liveperson.net .optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' .liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com .doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com .liveandworkwell.com .myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com .doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net .iperceptions.com .zeronaught.com api.mapbox.com events.mapbox.com .doubleclick.net www.google-analytics.com smetrics.optum.com .qualtrics.com .sendbird.com wss://.sendbird.com unitedhealthgroup.tt.omtrdc.net https://.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com .rally-dev.com .werally.com .werally.in .uhc.com .datadoghq.com .optum.com .liveandworkwell.com ; frame-src https://.werally.in https://.werally.com https://.optum.com https://.uhc.com https://.myuhc.com https://.rallyhealth.com https://.iperceptions.com https://.doubleclick.net https://*.lpsnmedia.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com https://uhg1.co1.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/medicalProvider/root
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:07 GMT
content-security-policy: base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com *.rally-dev.com *.werally.com *.werally.in myoptum-stage.akamaized.net *.optum.com *.liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://*.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net *.qualtrics.com *.doubleclick.net https://*.qualtrics.com *.liveandworkwell.com *.liveperson.net *.optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' *.liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com *.doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://*.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com *.liveandworkwell.com *.myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com *.doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net *.iperceptions.com *.zeronaught.com api.mapbox.com events.mapbox.com *.doubleclick.net www.google-analytics.com smetrics.optum.com *.qualtrics.com *.sendbird.com wss://*.sendbird.com unitedhealthgroup.tt.omtrdc.net https://*.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com *.rally-dev.com *.werally.com *.werally.in *.uhc.com *.datadoghq.com *.optum.com *.liveandworkwell.com ; frame-src https://*.werally.in https://*.werally.com https://*.optum.com https://*.uhc.com https://*.myuhc.com https://*.rallyhealth.com https://*.iperceptions.com https://*.doubleclick.net https://*.lpsnmedia.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com https://uhg1.co1.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 06 Jan 2023 18:39:25 GMT
x-cdn: Imperva
etag: W/"63b86add-d74"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
x-iinfo: 12-989909477-989907277 2NNN RT(1673360221838 4988) q(0 0 0 -1) r(1 1)
cache-control: public, max-age=15778463
x-xss-protection: 1; mode=block

GET
H2 200 gs_icn_pro_preventtreatprocedures-b0175ea7.svg
connect.werally.com/static/media/ 1 KB
3 KB 607ms
604ms Image
image/svg+xml 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://connect.werally.com/static/media/gs_icn_pro_preventtreatprocedures-b0175ea7.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

9ab98efc932ed2e77355af242f89989440d2c54bbf767a7343cf51508b608a4a

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com .rally-dev.com .werally.com .werally.in myoptum-stage.akamaized.net .optum.com .liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net .qualtrics.com .doubleclick.net https://.qualtrics.com .liveandworkwell.com .liveperson.net .optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' .liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com .doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com .liveandworkwell.com .myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com .doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net .iperceptions.com .zeronaught.com api.mapbox.com events.mapbox.com .doubleclick.net www.google-analytics.com smetrics.optum.com .qualtrics.com .sendbird.com wss://.sendbird.com unitedhealthgroup.tt.omtrdc.net https://.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com .rally-dev.com .werally.com .werally.in .uhc.com .datadoghq.com .optum.com .liveandworkwell.com ; frame-src https://.werally.in https://.werally.com https://.optum.com https://.uhc.com https://.myuhc.com https://.rallyhealth.com https://.iperceptions.com https://.doubleclick.net https://*.lpsnmedia.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com https://uhg1.co1.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/medicalProvider/root
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:08 GMT
content-security-policy: base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com *.rally-dev.com *.werally.com *.werally.in myoptum-stage.akamaized.net *.optum.com *.liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://*.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net *.qualtrics.com *.doubleclick.net https://*.qualtrics.com *.liveandworkwell.com *.liveperson.net *.optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' *.liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com *.doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://*.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com *.liveandworkwell.com *.myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com *.doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net *.iperceptions.com *.zeronaught.com api.mapbox.com events.mapbox.com *.doubleclick.net www.google-analytics.com smetrics.optum.com *.qualtrics.com *.sendbird.com wss://*.sendbird.com unitedhealthgroup.tt.omtrdc.net https://*.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com *.rally-dev.com *.werally.com *.werally.in *.uhc.com *.datadoghq.com *.optum.com *.liveandworkwell.com ; frame-src https://*.werally.in https://*.werally.com https://*.optum.com https://*.uhc.com https://*.myuhc.com https://*.rallyhealth.com https://*.iperceptions.com https://*.doubleclick.net https://*.lpsnmedia.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com https://uhg1.co1.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 06 Jan 2023 18:39:25 GMT
x-cdn: Imperva
etag: W/"63b86add-40b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
x-iinfo: 12-989909477-989908296 2NNN RT(1673360221838 5008) q(0 0 0 -1) r(4 4)
cache-control: public, max-age=15778463
x-xss-protection: 1; mode=block

GET
H2 200 gs_icn_pro_doctor-36938176.svg
connect.werally.com/static/media/ 567 B
506 B 394ms
393ms Image
image/svg+xml 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://connect.werally.com/static/media/gs_icn_pro_doctor-36938176.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

df801d86fe9fb259290f4e123e24b96c9cd1d827d3c09e1ca4492d6b36a345e6

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com .rally-dev.com .werally.com .werally.in myoptum-stage.akamaized.net .optum.com .liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net .qualtrics.com .doubleclick.net https://.qualtrics.com .liveandworkwell.com .liveperson.net .optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' .liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com .doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com .liveandworkwell.com .myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com .doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net .iperceptions.com .zeronaught.com api.mapbox.com events.mapbox.com .doubleclick.net www.google-analytics.com smetrics.optum.com .qualtrics.com .sendbird.com wss://.sendbird.com unitedhealthgroup.tt.omtrdc.net https://.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com .rally-dev.com .werally.com .werally.in .uhc.com .datadoghq.com .optum.com .liveandworkwell.com ; frame-src https://.werally.in https://.werally.com https://.optum.com https://.uhc.com https://.myuhc.com https://.rallyhealth.com https://.iperceptions.com https://.doubleclick.net https://*.lpsnmedia.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com https://uhg1.co1.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/medicalProvider/root
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:07 GMT
content-security-policy: base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com *.rally-dev.com *.werally.com *.werally.in myoptum-stage.akamaized.net *.optum.com *.liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://*.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net *.qualtrics.com *.doubleclick.net https://*.qualtrics.com *.liveandworkwell.com *.liveperson.net *.optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' *.liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com *.doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://*.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com *.liveandworkwell.com *.myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com *.doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net *.iperceptions.com *.zeronaught.com api.mapbox.com events.mapbox.com *.doubleclick.net www.google-analytics.com smetrics.optum.com *.qualtrics.com *.sendbird.com wss://*.sendbird.com unitedhealthgroup.tt.omtrdc.net https://*.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com *.rally-dev.com *.werally.com *.werally.in *.uhc.com *.datadoghq.com *.optum.com *.liveandworkwell.com ; frame-src https://*.werally.in https://*.werally.com https://*.optum.com https://*.uhc.com https://*.myuhc.com https://*.rallyhealth.com https://*.iperceptions.com https://*.doubleclick.net https://*.lpsnmedia.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com https://uhg1.co1.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 06 Jan 2023 18:39:25 GMT
x-cdn: Imperva
etag: W/"63b86add-237"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
x-iinfo: 12-989909477-989908275 2NNN RT(1673360221838 5030) q(0 1 1 -1) r(2 2)
cache-control: public, max-age=15778463
x-xss-protection: 1; mode=block

GET
H2 200 gs_icn_cost_estimates-fce8034b.svg
connect.werally.com/static/media/ 1 KB
816 B 406ms
405ms Image
image/svg+xml 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://connect.werally.com/static/media/gs_icn_cost_estimates-fce8034b.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

6068af3d5d9dff3a75697986dc36275a61bb9ebe754f95b3c5908f0ffff0071e

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com .rally-dev.com .werally.com .werally.in myoptum-stage.akamaized.net .optum.com .liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net .qualtrics.com .doubleclick.net https://.qualtrics.com .liveandworkwell.com .liveperson.net .optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' .liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com .doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com .liveandworkwell.com .myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com .doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net .iperceptions.com .zeronaught.com api.mapbox.com events.mapbox.com .doubleclick.net www.google-analytics.com smetrics.optum.com .qualtrics.com .sendbird.com wss://.sendbird.com unitedhealthgroup.tt.omtrdc.net https://.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com .rally-dev.com .werally.com .werally.in .uhc.com .datadoghq.com .optum.com .liveandworkwell.com ; frame-src https://.werally.in https://.werally.com https://.optum.com https://.uhc.com https://.myuhc.com https://.rallyhealth.com https://.iperceptions.com https://.doubleclick.net https://*.lpsnmedia.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com https://uhg1.co1.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/medicalProvider/root
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:07 GMT
content-security-policy: base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com *.rally-dev.com *.werally.com *.werally.in myoptum-stage.akamaized.net *.optum.com *.liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://*.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net *.qualtrics.com *.doubleclick.net https://*.qualtrics.com *.liveandworkwell.com *.liveperson.net *.optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' *.liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com *.doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://*.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com *.liveandworkwell.com *.myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com *.doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net *.iperceptions.com *.zeronaught.com api.mapbox.com events.mapbox.com *.doubleclick.net www.google-analytics.com smetrics.optum.com *.qualtrics.com *.sendbird.com wss://*.sendbird.com unitedhealthgroup.tt.omtrdc.net https://*.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com *.rally-dev.com *.werally.com *.werally.in *.uhc.com *.datadoghq.com *.optum.com *.liveandworkwell.com ; frame-src https://*.werally.in https://*.werally.com https://*.optum.com https://*.uhc.com https://*.myuhc.com https://*.rallyhealth.com https://*.iperceptions.com https://*.doubleclick.net https://*.lpsnmedia.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com https://uhg1.co1.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 06 Jan 2023 18:39:25 GMT
x-cdn: Imperva
etag: W/"63b86add-4a3"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
x-iinfo: 12-989909477-989909412 2NNN RT(1673360221838 5042) q(0 1 1 -1) r(2 2)
cache-control: public, max-age=15778463
x-xss-protection: 1; mode=block

GET
H2 200 alert_circle-4015d422.svg
connect.werally.com/static/media/ 2 KB
916 B 697ms
696ms Image
image/svg+xml 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://connect.werally.com/static/media/alert_circle-4015d422.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

2f980fafa529de9f61b33c9d28afbe0c47348b40b2e21fb9271e98fc67aec5fe

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com .rally-dev.com .werally.com .werally.in myoptum-stage.akamaized.net .optum.com .liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net .qualtrics.com .doubleclick.net https://.qualtrics.com .liveandworkwell.com .liveperson.net .optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' .liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com .doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com .liveandworkwell.com .myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com .doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net .iperceptions.com .zeronaught.com api.mapbox.com events.mapbox.com .doubleclick.net www.google-analytics.com smetrics.optum.com .qualtrics.com .sendbird.com wss://.sendbird.com unitedhealthgroup.tt.omtrdc.net https://.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com .rally-dev.com .werally.com .werally.in .uhc.com .datadoghq.com .optum.com .liveandworkwell.com ; frame-src https://.werally.in https://.werally.com https://.optum.com https://.uhc.com https://.myuhc.com https://.rallyhealth.com https://.iperceptions.com https://.doubleclick.net https://*.lpsnmedia.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com https://uhg1.co1.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/medicalProvider/root
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:08 GMT
content-security-policy: base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com *.rally-dev.com *.werally.com *.werally.in myoptum-stage.akamaized.net *.optum.com *.liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://*.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net *.qualtrics.com *.doubleclick.net https://*.qualtrics.com *.liveandworkwell.com *.liveperson.net *.optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' *.liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com *.doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://*.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com *.liveandworkwell.com *.myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com *.doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net *.iperceptions.com *.zeronaught.com api.mapbox.com events.mapbox.com *.doubleclick.net www.google-analytics.com smetrics.optum.com *.qualtrics.com *.sendbird.com wss://*.sendbird.com unitedhealthgroup.tt.omtrdc.net https://*.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com *.rally-dev.com *.werally.com *.werally.in *.uhc.com *.datadoghq.com *.optum.com *.liveandworkwell.com ; frame-src https://*.werally.in https://*.werally.com https://*.optum.com https://*.uhc.com https://*.myuhc.com https://*.rallyhealth.com https://*.iperceptions.com https://*.doubleclick.net https://*.lpsnmedia.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com https://uhg1.co1.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 06 Jan 2023 18:39:25 GMT
x-cdn: Imperva
etag: W/"63b86add-69d"
vary: Accept-Encoding
x-frame-options: DENY
content-type: image/svg+xml
x-iinfo: 12-989909477-989907277 2NNN RT(1673360221838 5052) q(0 1 1 -1) r(5 5)
cache-control: public, max-age=15778463
x-xss-protection: 1; mode=block

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
14ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=29472913&t=timing&_s=2&dl=https%3A%2F%2Fconnect.werally.com%2F&ul=en-us&de=UTF-8&dt=Medical%20%7C%20Find%20Care&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=SPA%20Minimal%20Load&utv=%2FmedicalProvider%2Froot&utt=6259&_u=aEBAAUABAAAAACAAI~&jid=&gjid=&cid=533470708.1673360227&tid=UA-52357682-5&_gid=1454350126.1673360227&gtm=2ou190&z=975692569

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 09 Jan 2023 18:07:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 72577
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 events Show response
connect.werally.com/rest/tracking/v1/ 0
348 B 395ms
395ms XHR
text/plain 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/rest/tracking/v1/events

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Context-Config-PartnerId: uhc
X-XSRF-TOKEN: 6f3e21d8-61c4-4e5c-b556-65177b0bf710
Context-Config-PlanCode: 52
Accept-Language: de-DE,de;q=0.9
x-datadog-origin: rum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
x-datadog-sampling-priority: 1
Content-Type: application/json
Accept: application/json, text/plain, */*
Context-Config-ConsumerSource: connect-web
Referer: https://connect.werally.com/medicalProvider/root
X-Rally-Locale: en-US
x-datadog-parent-id: 8438832703553206679
x-datadog-trace-id: 5285504079557999736
Current-Connect-Session-Type: guest

Response headers

x-rally-correlationid: mKkobSbqm2nrdp-csedge
date: Tue, 10 Jan 2023 14:17:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-cdn: Imperva
vary: Origin
access-control-allow-origin: https://connect.werally.com
x-iinfo: 12-989909477-989910255 PNNN RT(1673360221838 5119) q(0 0 0 -1) r(1 1) U6
access-control-expose-headers: X-Rally-CorrelationId
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-timing: cstrack-strict, cstrack-total;dur=1, csedge-chunked, csedge-ttfb;dur=4
x-xss-protection: 1; mode=block

POST
H2 204 events Show response
connect.werally.com/rest/tracking/v3/ 0
176 B 442ms
441ms XHR
text/plain 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/rest/tracking/v3/events

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Context-Config-PartnerId: uhc
X-XSRF-TOKEN: 6f3e21d8-61c4-4e5c-b556-65177b0bf710
Context-Config-PlanCode: 52
Accept-Language: de-DE,de;q=0.9
x-datadog-origin: rum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
x-datadog-sampling-priority: 1
Content-Type: application/json
Accept: application/json, text/plain, */*
Context-Config-ConsumerSource: connect-web
Referer: https://connect.werally.com/medicalProvider/root
X-Rally-Locale: en-US
x-datadog-parent-id: 8861189334876689191
x-datadog-trace-id: 3008244735748389011
Current-Connect-Session-Type: guest

Response headers

x-rally-correlationid: yUkuvycUZqYj5U-csedge
date: Tue, 10 Jan 2023 14:17:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-cdn: Imperva
vary: Origin
access-control-allow-origin: https://connect.werally.com
x-iinfo: 12-989909477-989910528 PNNN RT(1673360221838 5133) q(0 1 1 -1) r(2 2) U6
access-control-expose-headers: X-Rally-CorrelationId
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-timing: cstrack-strict, cstrack-total;dur=0, csedge-chunked, csedge-ttfb;dur=3
x-xss-protection: 1; mode=block

GET
H2 200 RC209555219fa949e7934e1fc771557c43-source.min.js Show response
assets.adobedtm.com/512027f42d3c/da94e4cf7aac/ccd2688562ea/ 404 B
535 B 63ms
63ms Script
application/x-javascript 2a02:26f0:f700:495::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/da94e4cf7aac/ccd2688562ea/RC209555219fa949e7934e1fc771557c43-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/da94e4cf7aac/launch-39716f3a8c87.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:495::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7fa6e24940dde475dc185507076006b6070e3718946911d917659ad474ff4f4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:07 GMT
content-encoding: gzip
last-modified: Thu, 05 Jan 2023 07:10:10 GMT
server: AkamaiNetStorage
etag: "d2fcb753314d090b9601b43eef795a21:1672902610.998838"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://connect.werally.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 267
expires: Tue, 10 Jan 2023 15:17:07 GMT

POST
H2 204 delivery
unitedhealthgroup.tt.omtrdc.net/rest/v1/ 0
207 B 38ms
37ms Ping
text/plain 54.77.201.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://unitedhealthgroup.tt.omtrdc.net/rest/v1/delivery?client=unitedhealthgroup&sessionId=a3abddd781644a498f1f2b7b2f04b355&version=2.8.2
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/da94e4cf7aac/launch-39716f3a8c87.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.201.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-201-84.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://connect.werally.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://connect.werally.com
date: Tue, 10 Jan 2023 14:17:07 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-request-id: 2eb3731da5882e44a62da549cc55db69

POST
H2 202 replay
session-replay.browser-intake-datadoghq.com/api/v2/ 0
0 295ms
294ms Ping
application/json 2600:1f18:24e6:b901:7c4f:374c:6b44:3956
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://session-replay.browser-intake-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A4.15.0%2Cenv%3Aprod%2Cservice%3Achopshop-ui%2Cversion%3A6.133.11-stable&dd-api-key=pubb9d400b66085801fda89470302d2eeb6&dd-evp-origin-version=4.15.0&dd-evp-origin=browser&dd-request-id=15de1718-7be2-4d25-9935-aa1ece3f810b
Requested by: Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-e9098bf5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:7c4f:374c:6b44:3956 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://connect.werally.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryyls5wCfwcyeJCGAC

Response headers

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 37 KB
4 KB 152ms
151ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0Neqx1dGGrrlV4y&Q_CLIENTVERSION=1.82.1&Q_CLIENTTYPE=web

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0662e3f3e85d19b68ac6c0c94c80925b8121b463e06cee8f6583134fdd500a51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.werally.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 10 Jan 2023 14:17:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://connect.werally.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: d856c2cdb60ba326
cf-ray: 787608ce696c9142-FRA
timing-allow-origin: *

POST
H2 202 replay Show response
session-replay.browser-intake-datadoghq.com/api/v2/ 53 B
285 B 421ms
328ms XHR
application/json 2600:1f18:24e6:b901:7c4f:374c:6b44:3956
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b901:7c4f:374c:6b44:3956 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

755a4959d4324abd325567ea2063c3749c0dc39c9d6ecd740aab1d63607c5f17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800;
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.werally.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryNovnL57feOk33mFv

Response headers

date: Tue, 10 Jan 2023 14:17:07 GMT
strict-transport-security: max-age=15724800;
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53

GET
H2 200 RCca2d41537f1a40e295ec3e02d089b0d0-source.min.js Show response
assets.adobedtm.com/512027f42d3c/da94e4cf7aac/ccd2688562ea/ 349 B
489 B 65ms
65ms Script
application/x-javascript 2a02:26f0:f700:495::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/da94e4cf7aac/ccd2688562ea/RCca2d41537f1a40e295ec3e02d089b0d0-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/da94e4cf7aac/launch-39716f3a8c87.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:495::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 79a5a8a7ab22e4b1bfd7075ceee2c014a3b186eb5d48fc1234e491eece6a87ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:07 GMT
content-encoding: gzip
last-modified: Thu, 05 Jan 2023 07:10:10 GMT
server: AkamaiNetStorage
etag: "d2fcb753314d090b9601b43eef795a21:1672902610.998838"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://connect.werally.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 222
expires: Tue, 10 Jan 2023 15:17:07 GMT

GET
H2 200 harvest_12426.js Show response
art.azureedge.net/harvest/ 9 KB
2 KB 13ms
12ms Script
application/x-javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://art.azureedge.net/harvest/harvest_12426.js
Requested by: Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48BA) /
Resource Hash: 6e0b58d9b7952c332d9c9ce2a2c54447f3858e09f66d5e542414b24aabb9f77d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 10 Jan 2023 14:17:07 GMT
content-encoding: gzip
last-modified: Tue, 21 Jan 2020 17:36:10 GMT
server: ECAcc (ama/48BA)
age: 380648
etag: 0x8D79E98674A1069
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
x-ms-request-id: 9df0d543-501e-00bf-5687-21225f000000
x-ms-version: 2009-09-19
content-length: 2019

GET
H2 200 RC727b97b260b64fc19ebee960dd4cf120-source.min.js Show response
assets.adobedtm.com/512027f42d3c/da94e4cf7aac/ccd2688562ea/ 851 B
752 B 62ms
62ms Script
application/x-javascript 2a02:26f0:f700:495::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/da94e4cf7aac/ccd2688562ea/RC727b97b260b64fc19ebee960dd4cf120-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/da94e4cf7aac/launch-39716f3a8c87.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:495::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 67b31c35d58718bcf0d42504cbf01f21fe24dcc922dccad86fc4f38da1f6ba87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:07 GMT
content-encoding: gzip
last-modified: Thu, 05 Jan 2023 07:10:10 GMT
server: AkamaiNetStorage
etag: "d2fcb753314d090b9601b43eef795a21:1672902610.998838"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://connect.werally.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 484
expires: Tue, 10 Jan 2023 15:17:07 GMT

GET
H2 200 ip.gif Show response
post.iperceptions.com/ 32 B
571 B 291ms
290ms XHR
image/gif 2600:9000:223c:400:15:bf9a:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:400:15:bf9a:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADMa DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cross-origin-resource-policy: cross-origin
content-length: 32
last-modified: Mon, 06 Nov 2017 18:05:13 GMT
server: Apache
etag: "576fcca2957d31:0"
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 6Y0x9lvt-aBihlIPBpqeadrAqDpqBlGrf7ieRjvVBtapMF2eHyprJg==

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 117ms
115ms Ping
application/json 2600:1f18:24e6:b902:6a0d:5266:caed:e4b0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.15.0%2Cenv%3Aprod%2Cservice%3Achopshop-ui%2Cversion%3A6.133.11-stable&dd-api-key=pubb9d400b66085801fda89470302d2eeb6&dd-evp-origin-version=4.15.0&dd-evp-origin=browser&dd-request-id=990a6436-a177-4969-a363-1e7db12e68dc&batch_time=1673360227803
Requested by: Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-e9098bf5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:6a0d:5266:caed:e4b0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://connect.werally.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 58ms
27ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8584968

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/da94e4cf7aac/launch-39716f3a8c87.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3531928478ec934307c6d04056a2a3c7f8ea0b583ceb57785f249ed66cfe069a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45324
x-xss-protection: 0
last-modified: Tue, 10 Jan 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 Jan 2023 14:17:07 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
69 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-801669703&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-52357682-5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9064909c77e4f51c3a15e5d2773c07407ad826f827ff86d82935b71dcf9c411

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 14:17:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70770
x-xss-protection: 0
last-modified: Tue, 10 Jan 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 Jan 2023 14:17:07 GMT

GET
H2 200 s03694541929668
smetrics.optum.com/b/ss/uhgmyuhcprod/1/JS-2.22.4-LCXS/ 43 B
224 B 192ms
190ms Image
image/gif 13.37.25.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.optum.com/b/ss/uhgmyuhcprod/1/JS-2.22.4-LCXS/s03694541929668?AQB=1&ndh=1&pf=1&t=10%2F0%2F2023%2014%3A17%3A7%202%200&mid=09700312572160783714190343607671049721&aamlh=6&ce=UTF-8&pageName=uhc%3Awerally%3Aguest%3Afind%20medical%20care%3Aoverview&g=https%3A%2F%2Fconnect.werally.com%2FmedicalProvider%2Froot&cc=USD&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=https%3A%2F%2Fconnect.werally.com%2FmedicalProvider%2Froot&v1=uhc&v2=werally&c3=guest&v3=https%3A%2F%2Fconnect.werally.com%2FmedicalProvider%2Froot&c4=find%20medical%20care&c12=connect.werally.com&c13=%2Fmedicalprovider%2Froot&c14=true&v19=false&c21=vcp%3Af&v23=not%20loggedin&c25=D%3DpageName&v25=D%3DpageName&v31=guided%20search&v38=e%26i&v72=D%3Dmid&v87=choice%20plus&v104=2023&v106=1600%20x%201200&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=8E391C8B533058250A490D4D%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.37.25.97 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-37-25-97.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Jan 2023 14:17:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 11 Jan 2023 14:17:08 GMT
server: jag
etag: 3593513728581402624-4619370091509876831
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 09 Jan 2023 14:17:08 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/801669703/ 2 KB
1 KB 98ms
58ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801669703/?random=1673360227983&cv=11&fst=1673360227983&bg=ffffff&guid=ON&async=1&gtm=2oa190&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fconnect.werally.com%2FmedicalProvider%2Froot&tiba=Medical%20%7C%20Find%20Care&auid=137568134.1673360228&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-801669703&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea582f84e17e0659d7e715d44181ba047ec7ee88fbc8751310c093161dac48ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Jan 2023 14:17:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 895
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/801669703/ 42 B
548 B 72ms
27ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/801669703/?random=1673360227983&cv=11&fst=1673359200000&bg=ffffff&guid=ON&async=1&gtm=2oa190&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fconnect.werally.com%2FmedicalProvider%2Froot&tiba=Medical%20%7C%20Find%20Care&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2945980739&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Jan 2023 14:17:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
www.google.de/pagead/1p-user-list/801669703/ 0
0

POST
H2 202 rum
rum.browser-intake-datadoghq.com/api/v2/ 0
0 229ms
228ms Ping
application/json 2600:1f18:24e6:b902:6a0d:5266:caed:e4b0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.15.0%2Cenv%3Aprod%2Cservice%3Achopshop-ui%2Cversion%3A6.133.11-stable&dd-api-key=pubb9d400b66085801fda89470302d2eeb6&dd-evp-origin-version=4.15.0&dd-evp-origin=browser&dd-request-id=42f321ca-dd48-41ae-9a5d-43bacf5bb7c3&batch_time=1673360228884
Requested by: Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-e9098bf5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:6a0d:5266:caed:e4b0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://connect.werally.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 / Show response
api.amplitude.com/ 7 B
205 B 224ms
224ms XHR
text/html 52.10.218.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.218.229 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-10-218-229.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://connect.werally.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 10 Jan 2023 14:17:08 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-63bd7364-3623ed726ba7f9c5549e8dc6
content-length: 7
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: unitedhealthgroup.demdex.net
URL: https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0

Domain: www.google.de
URL: https://www.google.de/pagead/1p-user-list/801669703/?random=1673360227983&cv=11&fst=1673359200000&bg=ffffff&guid=ON&async=1&gtm=2oa190&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fconnect.werally.com%2FmedicalProvider%2Froot&tiba=Medical%20%7C%20Find%20Care&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2945980739&rmt_tld=1&ipr=y

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
connect.werally.com/guest	1969-12-31 23:59:59	Name: language Value: en
fhs.umr.com/	1969-12-31 23:59:59	Name: BIGipServerwww-tpa-elr.uhc.com_1080 Value: 2152476682.14340.0000
fhs.umr.com/	1969-12-31 23:59:59	Name: TS01053ce1 Value: 014b5a756f9828bfb75e06011e09e0dd44280d9bfc3589eaa1258668212a03ccf20977ba7153bcd1869dd0990713ba909817b91a0d
connect.werally.com/	1970-01-20 08:49:41	Name: X-Rally-Canary Value: never
connect.werally.com/	1969-12-31 23:59:59	Name: incap_ses_8077_676033 Value: hCKCLPWhumah9LteSkUXcF5zvWMAAAAATo3pec7CQOV5GBDyYUrsKA==
accounts.werally.com/	1970-01-20 17:33:59	Name: visid_incap_676022 Value: VscPO0RiROqhjd7oxPGe9l9zvWMAAAAAQUIPAAAAAAAQvBvq8qwk5nc4B9NcvFKW
accounts.werally.com/	1969-12-31 23:59:59	Name: incap_ses_1309_676022 Value: yrt6OU+c1XXBTaiWOIEqEl9zvWMAAAAA+nHp6a2Wpei9/cf5ElHgeA==
.werally.com/	1969-12-31 23:59:59	Name: at_check Value: true
.demdex.net/	1970-01-20 13:08:32	Name: demdex Value: 01890817350406834663877293411592655376
.werally.com/	1969-12-31 23:59:59	Name: AMCVS_8E391C8B533058250A490D4D%40AdobeOrg Value: 1
.everesttech.net/	1970-01-20 17:34:56	Name: everest_g_v2 Value: g_surferid~Y71zYQAAAFwwGANn
connect.werally.com/	1970-01-20 08:50:46	Name: CHOPSHOP_SESSION Value: 22017fda9c5c9478f16f950229cf9833e33ef809-created=2023-01-10T14%3A17%3A05.608Z&heartbeat=2023-01-10T14%3A17%3A05.608Z&X-Rally-Guest-Session=guest4674432971525406656&sid=6f3e21d8-61c4-4e5c-b556-65177b0bf710
connect.werally.com/	1970-01-20 08:50:46	Name: XSRF-TOKEN Value: 6f3e21d8-61c4-4e5c-b556-65177b0bf710
.werally.com/	1969-12-31 23:59:59	Name: x_rally_locale Value: en-US
.dpm.demdex.net/	1970-01-20 13:08:32	Name: dpm Value: 01890817350406834663877293411592655376
connect.werally.com/	1969-12-31 23:59:59	Name: ipe_s Value: 6333e378-dbd1-e5ba-c499-b5bf9f1f9d08
.werally.com/	1969-12-31 23:59:59	Name: xGFajjParSn_dc Value: %7B%22error%22%3A%20%22Customer%20rallyhealth%20not%20found%20in%20config%22%7D
.werally.com/	1970-01-20 18:25:20	Name: _ga Value: GA1.2.533470708.1673360227
.werally.com/	1970-01-20 08:50:46	Name: _gid Value: GA1.2.1454350126.1673360227
.werally.com/	1970-01-20 08:49:20	Name: _gat_gtag_UA_52357682_5 Value: 1
connect.werally.com/	1969-12-31 23:59:59	Name: IPE_LandingTime Value: 1673360227015
connect.werally.com/	1969-12-31 23:59:59	Name: ipe.12426.pageViewedDay Value: 10
connect.werally.com/	1970-01-20 17:34:28	Name: visid_incap_676033 Value: /vR/RyWaR+i+lnN6PP9Ws2JzvWMAAAAAQUIPAAAAAADP7BJPYBPq61EuoTqwVtPr
connect.werally.com/	1969-12-31 23:59:59	Name: incap_ses_1538_676033 Value: JUePb7F9cTQz+RFWGxNYFWJzvWMAAAAA5PGeWt0rql7ti2NPNr17PA==
.werally.com/	1970-01-20 17:35:17	Name: xGFajjParSn Value: A7esCpyFAQAA2mmtnCBTvHn9iHj75GS_CJRegq2oDDbMufBbdlKz-aX2G8rPAdlAl0WucgBSwH8AAEB3AAAAAA\|1\|1\|56ccca5e6a573f620b63c11a20350ba1b4810e29
connect.werally.com/	1970-01-20 18:25:20	Name: ipe_v Value: f2064cce-e6db-d67e-4c91-5080ce221952
.werally.com/	1970-01-20 18:25:20	Name: mbox Value: session#a3abddd781644a498f1f2b7b2f04b355#1673362088\|PC#a3abddd781644a498f1f2b7b2f04b355.37_0#1736605026
.werally.com/	1970-01-20 18:25:20	Name: AMCV_8E391C8B533058250A490D4D%40AdobeOrg Value: 1176715910%7CMCIDTS%7C19368%7CMCMID%7C09700312572160783714190343607671049721%7CMCAAMLH-1673965025%7C6%7CMCAAMB-1673965025%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1673367427s%7CNONE%7CMCSYNCSOP%7C411-19375%7CMCAID%7CNONE%7CvVersion%7C5.4.0
connect.werally.com/	1969-12-31 23:59:59	Name: ipe.12426.pageViewedCount Value: 2
connect.werally.com/	1970-01-20 09:32:32	Name: ipe_12426_fov Value: %7B%22numberOfVisits%22%3A1%2C%22sessionId%22%3A%226333e378-dbd1-e5ba-c499-b5bf9f1f9d08%22%2C%22expiry%22%3A%222023-02-09T14%3A17%3A07.020Z%22%2C%22lastVisit%22%3A%222023-01-10T14%3A17%3A07.728Z%22%7D
.werally.com/	1970-01-20 10:58:56	Name: _gcl_au Value: 1.1.137568134.1673360228
.werally.com/	1969-12-31 23:59:59	Name: s_plt Value: 4.18
.werally.com/	1969-12-31 23:59:59	Name: s_pltp Value: uhc%3Awerally%3Aguest%3Afind%20medical%20care%3Aoverview
.werally.com/	1969-12-31 23:59:59	Name: s_ips Value: 1200
.werally.com/	1969-12-31 23:59:59	Name: s_tp Value: 1514
.werally.com/	1969-12-31 23:59:59	Name: s_ppv Value: uhc%253Awerally%253Aguest%253Afind%2520medical%2520care%253Aoverview%2C79%2C79%2C1200%2C1%2C1
.werally.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.doubleclick.net/	1970-01-20 08:49:21	Name: test_cookie Value: CheckForPermission
connect.werally.com/	1970-01-20 08:49:21	Name: _dd_s Value: logs=1&id=d2cb8f50-47fd-481c-965c-7a3e4c9a16a8&created=1673360224749&expire=1673361124753&rum=1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://connect.werally.com/scripts/rally_common.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
security	error	URL: https://assets.adobedtm.com/512027f42d3c/da94e4cf7aac/launch-39716f3a8c87.min.js(Line 4) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://unitedhealthgroup.demdex.net') does not match the recipient window's origin ('null').
rendering	warning	URL: https://connect.werally.com/scripts/rally_common.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
security	error	URL: https://connect.werally.com/medicalProvider/root Message: Refused to load the image 'https://www.google.de/pagead/1p-user-list/801669703/?random=1673360227983&cv=11&fst=1673359200000&bg=ffffff&guid=ON&async=1&gtm=2oa190&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fconnect.werally.com%2FmedicalProvider%2Froot&tiba=Medical%20%7C%20Find%20Care&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2945980739&rmt_tld=1&ipr=y' because it violates the following Content Security Policy directive: "img-src data: blob: 'self' smetrics.optum.com .doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com .liveandworkwell.com .myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com .rally-dev.com .werally.com .werally.in myoptum-stage.akamaized.net .optum.com .liveandworkwell.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com cdn.amplitude.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net .qualtrics.com .doubleclick.net https://.qualtrics.com .liveandworkwell.com .liveperson.net .optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com ; style-src 'self' 'unsafe-inline' .liveandworkwell.com ; img-src data: blob: 'self' smetrics.optum.com .doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com .liveandworkwell.com .myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com .doubleclick.net ; connect-src data: 'self' api.amplitude.com dpm.demdex.net .iperceptions.com .zeronaught.com api.mapbox.com events.mapbox.com .doubleclick.net www.google-analytics.com smetrics.optum.com .qualtrics.com .sendbird.com wss://.sendbird.com unitedhealthgroup.tt.omtrdc.net https://.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com .rally-dev.com .werally.com .werally.in .uhc.com .datadoghq.com .optum.com .liveandworkwell.com ; frame-src https://.werally.in https://.werally.com https://.optum.com https://.uhc.com https://.myuhc.com https://.rallyhealth.com https://.iperceptions.com https://.doubleclick.net https://*.lpsnmedia.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com https://uhg1.co1.qualtrics.com ; object-src data:; frame-ancestors 'none'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.werally.com
api.amplitude.com
api.iperceptions.com
art.azureedge.net
assets.adobedtm.com
cm.everesttech.net
connect.facebook.net
connect.werally.com
content.zeronaught.com
dpm.demdex.net
fhs.umr.com
googleads.g.doubleclick.net
post.iperceptions.com
rum.browser-intake-datadoghq.com
sd.iperceptions.com
session-replay.browser-intake-datadoghq.com
siteintercept.qualtrics.com
smetrics.optum.com
stats.g.doubleclick.net
unitedhealthgroup.demdex.net
unitedhealthgroup.tt.omtrdc.net
universal.iperceptions.com
us.gimp.zeronaught.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
unitedhealthgroup.demdex.net
www.google.de
104.17.209.240
13.37.25.97
149.111.144.172
149.126.77.254
2001:4860:4802:32::15
2600:1f18:24e6:b901:7c4f:374c:6b44:3956
2600:1f18:24e6:b902:6a0d:5266:caed:e4b0
2600:9000:2156:b000:18:ee0c:6e00:93a1
2600:9000:223c:400:15:bf9a:3f00:93a1
2600:9000:225e:7600:8:e7ba:7440:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2a00:1450:4001:80e::2004
2a00:1450:4001:811::2008
2a00:1450:4001:812::2002
2a00:1450:4001:831::200e
2a00:1450:4025:401::9d
2a02:26f0:f700:495::1e80
2a03:2880:f02d:12:face:b00c:0:3
34.120.21.7
45.60.57.254
52.10.218.229
52.138.200.61
52.215.109.101
54.171.1.252
54.77.201.84
034fb9937f594cebf9af8c5895b8bfafe05b39d4feab728169d11cbe287919f7
0662e3f3e85d19b68ac6c0c94c80925b8121b463e06cee8f6583134fdd500a51
07195cde986a478b94346dc6f5184a512ad2c47bdacd35932fbadf9ef7c79d2d
0db9d29f883011e006204f0994166366b5b2b1133a3dbaf0782b5ae2ce1172a1
0f1029f29c512db69b990c88df7878d2a9276e4b088d8dee247597cee0eab6f8
10bec3be4bb65403cfcd3222e9ed06b96e8d66242c61a5818ae1509f5f926a8f
1232296dafcc8fc7574ff7f51669c5ba4521b66ab4a2e2a7333cc67fb9f16131
14e18fc55f1d797941cf5499b21b6c5a41420412d45f9150750043bd0d17c172
17ae3ae4c56e2cf933fa55219a4cfc50224a98f8bf953e1af98ffcd3f362fb65
1e1748e5e554cf973e4f4b492a09f07d619811348bf5e01569ab7e766917a0bf
20a72e84ae088c60ea378c051c63d29cd54b56716893bf3eb2bbbb8920f0cd7c
22f66e1c3399206e5b69c4639160d43adf00e67e42c875bbbc31502ecb6e2aaa
2a5b934ee0f22c19e23ed141f2985e248932e43098743c4337234354aa588f6f
2f980fafa529de9f61b33c9d28afbe0c47348b40b2e21fb9271e98fc67aec5fe
322ac41e3f05521ba1efe5310257d85ae581e120a8d0feaf9c52ca019101eb27
3531928478ec934307c6d04056a2a3c7f8ea0b583ceb57785f249ed66cfe069a
380d598304c575b71bc6592b668e32cecf888a433428e266d4ac446646097574
3cc71dbee28027aa344d5f5a344266125ad87ceedfe716303072aec89e3d008b
3e05a7afebd85a4c087ebfe9584f1fdb501e55b4a431addb857e4fa3ac5f1ff6
4a1cb8840fd0e43274c780fced5df8fab39f5f85839c2f39f01ef5c276e81c7d
4c88311f8b42cc58dafaebc388d6cee36c3d2e13057610ca740a15d6b82f2060
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
542f7a5b200e46d6c0352605c2f5db958931206f535d4ddf9e724c917437b41e
550311e1cfa0c5fcc65f0bd663a98a4e378e08fbe06dcee69427d6c0df1f5f54
55875eb206c4b11d2e3293bdfca29e1973d8919559797c222245e27e314a2e2a
56032c4940c60d28fde373f46ffa13481b908a6a3edeecabddad239547755150
6054289fc6c96208fbbe72b035ebaf3298e26be3cbd4b3b1446232acbb58e357
6068af3d5d9dff3a75697986dc36275a61bb9ebe754f95b3c5908f0ffff0071e
64b5a35bf484de20e542420cde68a25346c1cea028f22edf1c7c5530c9fcd8c2
653f1146d0372e049126565823cd3cd710c8675b94cbdd90a997f5e25c4d2054
67b31c35d58718bcf0d42504cbf01f21fe24dcc922dccad86fc4f38da1f6ba87
67e43869e62f4a2619fc6a41c23f3540d545b249a66f693bb8afdf3912740aa6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e0b58d9b7952c332d9c9ce2a2c54447f3858e09f66d5e542414b24aabb9f77d
6ee061eef7576dce5b886582d4d222b9f8c8ac530e341d0cf906d96a6e47c2e0
6f32e81f2c4bf5fbf92b17f8c5435e97637d24ff12e35d7064347f3522a54c63
70364596947c3e52ded4e02b70d097aae8c0f055dd07e752df318da380d80bc1
70dc97a60ab824c4b4f362341733bde439ac6bd7534d2b5b193fbd37d9413ea6
729d6411c6631a4b21c42200ac8a537fb9ec5c00986b2253be6b99be8203b4c6
741772fa59394f807bb33cea0e33f48a3745618b73bbf6e928289be2e02e411f
755a4959d4324abd325567ea2063c3749c0dc39c9d6ecd740aab1d63607c5f17
77627505ed017c20486b472ed2679efa7157fb0690a7ac5cc82e2d24211df448
79a5a8a7ab22e4b1bfd7075ceee2c014a3b186eb5d48fc1234e491eece6a87ee
7c23e33ab27bb75e8037057462389daa2898a811906b10945da1252ccbc27345
7d0bae598799d3c42ca5d7d7c8a8b79b67de62afe2e9d3dcee258328e40f39eb
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
7fa6e24940dde475dc185507076006b6070e3718946911d917659ad474ff4f4b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
89efe0af1219e4f6ca46b677181c9db2cf1f5f6bec6195c672a41d87acb9cd92
8ea805972ca39aa120747ceabfd2fbaa352f7257b513462fa3834f00c7647619
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
92394823c4d0cdf8dbe50ed532bd1aea500f9507a9ed00144409b6cbbffac4f7
940efd0e484c110b53e2118e1bcdcf8760f04df2d8032416dd63a461fc3e950a
962d83de183651c6c15d9dce622d311455a9e6bd8cf09dd1cbf9ec3a3892a1ab
983f20be1f8e20e4a9fb6c513f8351f3c6e38509976ae863504343ecbf7c2210
9ab98efc932ed2e77355af242f89989440d2c54bbf767a7343cf51508b608a4a
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a232d397087067853daa9a8df775d85b961dc3e9eb91211bb10e4bfb75c3e597
a8457bd19dace532c704735edab5c58d5836ad68b6817524cb918b6a8733485a
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b1d28e9a1d937da280d58a86f9e52a33a91a2d748839aed0653dcf6e4a0c8d68
b3e2185d6d8c64a24965474ffde2ed0a350a6b71d1ca43ceb5bee8c990d0ce48
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bd64e686eecb17e1df172c4d820f3178f7791a03dc133f1bf3fca27cc99487db
c84e4bcd88b32d5966e7ea1bc5d08cf447f70fcf3e3c3e6bbde1b5eb471ef82a
ca243642647ae7b4e4688ae136d45b8d4dd72a1ecb71ad98382654ead581bd37
cba8862bc0eeff77ab390c0669021b95055e809f226aa0e7dc438d79e3ad399f
d42ae714398bbd69d56438fd3bcb87af255a2f5a247fc725077dfa27dfefec42
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df801d86fe9fb259290f4e123e24b96c9cd1d827d3c09e1ca4492d6b36a345e6
e129ff90cea298072ee16370a9b6f1c205c1ab0ed9e83bebd542882209f9e7b7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8477b6409506da34979e90c6995517faf03c12904141d338e4bacb0956a2935
ea582f84e17e0659d7e715d44181ba047ec7ee88fbc8751310c093161dac48ca
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9064909c77e4f51c3a15e5d2773c07407ad826f827ff86d82935b71dcf9c411
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
ffbbc0f2a0e276384d94d71954af7d75ca787ea6243b06984ea4905477510e8f

connect.werally.com Open in urlscan Pro 149.126.77.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

100 Requests

95 %HTTPS

56 %IPv6

19 Domains

28 Subdomains

24 IPs

7 Countries

2732 kBTransfer

11026 kBSize

39 Cookies

8 Outgoing links

Page URL History

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

connect.werally.com Open in urlscan Pro
149.126.77.254 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

95 %
HTTPS

56 %
IPv6

19
Domains

28
Subdomains

24
IPs

7
Countries

2732 kB
Transfer

11026 kB
Size

39
Cookies

100 HTTP transactions
1 data transactions