connect.werally.com Open in urlscan Pro
149.126.77.254 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://connect.werally.com/
Effective URL:
https://connect.werally.com/
Submission: On February 21 via manual (February 21st 2024, 7:34:38 pm UTC) from US — Scanned from DE

Summary HTTP 64 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 16 domains to perform 64 HTTP transactions. The main IP is 149.126.77.254, located in Frankfurt am Main, Germany and belongs to INCAPSULA, US. The main domain is connect.werally.com. The Cisco Umbrella rank of the primary domain is 143187.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on June 28th 2023. Valid for: a year.

This is the only time connect.werally.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	149.126.77.254 149.126.77.254	19551 (INCAPSULA) (INCAPSULA)
1	2600:9000:21c... 2600:9000:21c7:6e00:13:f7f9:9540:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::15	15169 (GOOGLE) (GOOGLE)
2	34.120.21.7 34.120.21.7	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:26d... 2600:9000:26db:ee00:1d:be51:5240:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:1f18:24e... 2600:1f18:24e6:b900:6bb1:68d:d4e5:9954	14618 (AMAZON-AES) (AMAZON-AES)
3	2a02:26f0:480... 2a02:26f0:480:79e::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2600:1f18:24e... 2600:1f18:24e6:b901:5072:cd31:71ea:13bb	14618 (AMAZON-AES) (AMAZON-AES)
4	63.32.175.215 63.32.175.215	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1 1	54.229.162.132 54.229.162.132	16509 (AMAZON-02) (AMAZON-02)
1	66.235.152.221 66.235.152.221	16509 (AMAZON-02) (AMAZON-02)
6	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	63.140.62.222 63.140.62.222	16509 (AMAZON-02) (AMAZON-02)
64	17

26 149.126.77.254 (Frankfurt am Main, Germany)

ASN19551 (INCAPSULA, US)
PTR: 149.126.77.254.ip.incapdns.net

connect.werally.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
accounts.werally.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21c7:6e00:13:f7f9:9540:93a1 (United States)

ASN16509 (AMAZON-02, US)

lagoon-psx.uhc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::15 (United States)

ASN15169 (GOOGLE, US)

content.zeronaught.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.21.7 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 7.21.120.34.bc.googleusercontent.com

us.gimp.zeronaught.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26db:ee00:1d:be51:5240:93a1 (United States)

ASN16509 (AMAZON-02, US)

maelstrom-dmz.uhc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:24e6:b900:6bb1:68d:d4e5:9954 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

session-replay.browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:480:79e::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:24e6:b901:5072:cd31:71ea:13bb (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum.browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 63.32.175.215 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-175-215.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
unitedhealthgroup.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.162.132 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-162-132.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.235.152.221 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-66-235-152-221.data.adobedc.net

unitedhealthgroup.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.222 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-222.data.adobedc.net

smetrics.optum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	werally.com connect.werally.com — Cisco Umbrella Rank: 143187 accounts.werally.com — Cisco Umbrella Rank: 86482	2 MB
6	qualtrics.com zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com — Cisco Umbrella Rank: 31098 siteintercept.qualtrics.com — Cisco Umbrella Rank: 911	71 KB
5	browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com — Cisco Umbrella Rank: 8028 rum.browser-intake-datadoghq.com — Cisco Umbrella Rank: 2195	2 KB
4	doubleclick.net 2 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 264 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	4 KB
4	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 238 unitedhealthgroup.demdex.net — Cisco Umbrella Rank: 18993	6 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	224 KB
3	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 439	169 KB
3	zeronaught.com content.zeronaught.com — Cisco Umbrella Rank: 65735 us.gimp.zeronaught.com — Cisco Umbrella Rank: 13198	59 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	563 B
2	uhc.com lagoon-psx.uhc.com — Cisco Umbrella Rank: 149172 maelstrom-dmz.uhc.com — Cisco Umbrella Rank: 31564	148 KB
1	optum.com smetrics.optum.com — Cisco Umbrella Rank: 17694	373 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 367	149 B
1	omtrdc.net unitedhealthgroup.tt.omtrdc.net — Cisco Umbrella Rank: 19112	850 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1322	517 B
0	ib-ibi.com Failed global.ib-ibi.com Failed
0	google.de Failed www.google.de Failed
64	16

	Domain	Requested by
23	connect.werally.com	connect.werally.com
5	siteintercept.qualtrics.com	zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com connect.werally.com siteintercept.qualtrics.com
3	www.googletagmanager.com	assets.adobedtm.com www.googletagmanager.com
3	dpm.demdex.net	connect.werally.com
3	rum.browser-intake-datadoghq.com	connect.werally.com
3	assets.adobedtm.com	connect.werally.com assets.adobedtm.com
3	accounts.werally.com	connect.werally.com accounts.werally.com
2	www.google.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	cm.g.doubleclick.net	2 redirects
2	session-replay.browser-intake-datadoghq.com	connect.werally.com
2	us.gimp.zeronaught.com	connect.werally.com
1	smetrics.optum.com
1	match.adsrvr.org
1	zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com	connect.werally.com
1	unitedhealthgroup.tt.omtrdc.net	connect.werally.com
1	cm.everesttech.net	1 redirects
1	unitedhealthgroup.demdex.net	assets.adobedtm.com
1	maelstrom-dmz.uhc.com	connect.werally.com
1	content.zeronaught.com	connect.werally.com
1	lagoon-psx.uhc.com	connect.werally.com
0	global.ib-ibi.com Failed
0	www.google.de Failed
64	23

This site contains links to these domains. Also see Links.

Domain
www.uhc.com
myuhc.com
www.myuhc.com
www.rallyhealth.com
healthsafeid.optum.com
www.healthsafe-id.com

Subject Issuer	Validity	Valid
*.werally.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-28` - `2024-07-28`	a year	crt.sh
findcare.uhc.com COMODO RSA Organization Validation Secure Server CA	`2023-09-04` - `2024-09-03`	a year	crt.sh
content.zeronaught.com GTS CA 1D4	`2024-01-15` - `2024-04-14`	3 months	crt.sh
*.gimp.zeronaught.com Entrust Certification Authority - L1K	`2023-08-31` - `2024-09-30`	a year	crt.sh
maelstrom-dmz.optum.com COMODO RSA Organization Validation Secure Server CA	`2023-08-12` - `2024-08-11`	a year	crt.sh
*.browser-intake-datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-17` - `2024-06-18`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-08-22` - `2024-09-21`	a year	crt.sh
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-27` - `2024-03-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
smetrics.optum.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2024-04-21`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://connect.werally.com/
Frame ID: AC41C0A29BBED77067439A83F25683BD
Requests: 61 HTTP requests in this frame

Frame: https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0
Frame ID: 21B5043928F453B7C95D05C0125933CE
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log In | Find Care

Page URL History Show full URLs

http://connect.werally.com/ HTTP 307
https://connect.werally.com/ Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Page Statistics

64
Requests

89 %
HTTPS

50 %
IPv6

16
Domains

23
Subdomains

17
IPs

4
Countries

2900 kB
Transfer

11648 kB
Size

24
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.uhc.com/legal/legal-entities
Title: Legal Entities

Search URL Search Domain Scan URL

URL: https://www.uhc.com/legal/provider
Title: Provider Data Information

Search URL Search Domain Scan URL

URL: https://myuhc.com/
Title: myuhc.com

Search URL Search Domain Scan URL

URL: http://www.myuhc.com/
Title: Continue

Search URL Search Domain Scan URL

URL: https://www.rallyhealth.com/
Title: About Rally

Search URL Search Domain Scan URL

URL: https://healthsafeid.optum.com/content/pages/default/TermsOfUse?HTTP_LANGUAGE=en
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.healthsafe-id.com/content/pages/default/PrivacyPolicy?HTTP_LANGUAGE=EN
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://connect.werally.com/ HTTP 307
https://connect.werally.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://cm.everesttech.net/cm/dd?d_uuid=25343294745949812882074484746734883256 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZdZQTAAAAFV0DAOJ

Request Chain 38

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjUzNDMyOTQ3NDU5NDk4MTI4ODIwNzQ0ODQ3NDY3MzQ4ODMyNTY= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MjUzNDMyOTQ3NDU5NDk4MTI4ODIwNzQ0ODQ3NDY3MzQ4ODMyNTY=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFR3ZWi552hsG2gr6F0yThc&google_cver=1?gdpr=0&gdpr_consent=

64 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
connect.werally.com/
Redirect Chain

http://connect.werally.com/
https://connect.werally.com/

28 KB
11 KB

501ms
431ms

Document
text/html

149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

95628adcfe863aefc1597ae458fc05ed60aea9e2c0ee93b0d2ffc5b52372bffa

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com .rally-dev.com .werally.com .werally.in myoptum-stage.akamaized.net .optum.com .liveandworkwell.akamaized.net .prod-laww.akamaized.net .sr-smsc-stg-liveandworkwell.akamaized.net .sr-smsc-stg.liveandworkwell.com .lpsnmedia.net cloudfront.stage.federateddataservices.com cloudfront.federateddataservices.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net .qualtrics.com .doubleclick.net https://.qualtrics.com .liveandworkwell.com .lpsnmedia.net .liveperson.net .optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com cloudfront.stage.federateddataservices.com cloudfront.federateddataservices.com cm.everesttech.net www.onelink-edge.com xapis.onelink-edge.com ; style-src 'self' 'unsafe-inline' .liveandworkwell.com .lpsnmedia.net cloudfront.stage.federateddataservices.com cloudfront.federateddataservices.com ; img-src data: blob: 'self' smetrics.optum.com .doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com .liveandworkwell.com .lpsnmedia.net .liveperson.net .myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com .uhc.com .myuhc.com cloudfront.stage.federateddataservices.com cloudfront.federateddataservices.com ; media-src data: 'self' .lpsnmedia.net .liveperson.net cloudfront.stage.federateddataservices.com cloudfront.federateddataservices.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com .doubleclick.net .liveperson.net .lpsnmedia.net ; connect-src data: 'self' dpm.demdex.net .iperceptions.com .zeronaught.com api.mapbox.com events.mapbox.com .doubleclick.net www.google-analytics.com smetrics.optum.com .qualtrics.com .sendbird.com wss://.sendbird.com unitedhealthgroup.tt.omtrdc.net https://.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com .rally-dev.com .werally.com .werally.in .uhc.com .datadoghq.com .optum.com .liveandworkwell.com .sr-smsc-stg-liveandworkwell.akamaized.net .lpsnmedia.net .liveperson.net .msg.liveperson.net wss://.msg.liveperson.net www.onelink-edge.com xapis.onelink-edge.com ; frame-src https://.werally.in https://.werally.com https://.rally-dev.com https://.optum.com https://.uhc.com https://.myuhc.com https://.rallyhealth.com https://.iperceptions.com https://.doubleclick.net https://.lpsnmedia.net https://.liveperson.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com https://uhg1.co1.qualtrics.com ; object-src data:; frame-ancestors 'self'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: public, max-age=60
content-encoding: gzip
content-security-policy: base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com *.rally-dev.com *.werally.com *.werally.in myoptum-stage.akamaized.net *.optum.com *.liveandworkwell.akamaized.net *.prod-laww.akamaized.net *.sr-smsc-stg-liveandworkwell.akamaized.net *.sr-smsc-stg.liveandworkwell.com *.lpsnmedia.net cloudfront.stage.federateddataservices.com cloudfront.federateddataservices.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://*.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net *.qualtrics.com *.doubleclick.net https://*.qualtrics.com *.liveandworkwell.com *.lpsnmedia.net *.liveperson.net *.optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com cloudfront.stage.federateddataservices.com cloudfront.federateddataservices.com cm.everesttech.net www.onelink-edge.com xapis.onelink-edge.com ; style-src 'self' 'unsafe-inline' *.liveandworkwell.com *.lpsnmedia.net cloudfront.stage.federateddataservices.com cloudfront.federateddataservices.com ; img-src data: blob: 'self' smetrics.optum.com *.doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://*.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com *.liveandworkwell.com *.lpsnmedia.net *.liveperson.net *.myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com *.uhc.com *.myuhc.com cloudfront.stage.federateddataservices.com cloudfront.federateddataservices.com ; media-src data: 'self' *.lpsnmedia.net *.liveperson.net cloudfront.stage.federateddataservices.com cloudfront.federateddataservices.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com *.doubleclick.net *.liveperson.net *.lpsnmedia.net ; connect-src data: 'self' dpm.demdex.net *.iperceptions.com *.zeronaught.com api.mapbox.com events.mapbox.com *.doubleclick.net www.google-analytics.com smetrics.optum.com *.qualtrics.com *.sendbird.com wss://*.sendbird.com unitedhealthgroup.tt.omtrdc.net https://*.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com *.rally-dev.com *.werally.com *.werally.in *.uhc.com *.datadoghq.com *.optum.com *.liveandworkwell.com *.sr-smsc-stg-liveandworkwell.akamaized.net *.lpsnmedia.net *.liveperson.net *.msg.liveperson.net wss://*.msg.liveperson.net www.onelink-edge.com xapis.onelink-edge.com ; frame-src https://*.werally.in https://*.werally.com https://*.rally-dev.com https://*.optum.com https://*.uhc.com https://*.myuhc.com https://*.rallyhealth.com https://*.iperceptions.com https://*.doubleclick.net https://*.lpsnmedia.net https://*.liveperson.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com https://uhg1.co1.qualtrics.com ; object-src data:; frame-ancestors 'self'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
content-type: text/html
date: Wed, 21 Feb 2024 19:34:32 GMT
etag: "65cfd573-6ff2"
last-modified: Fri, 16 Feb 2024 21:36:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-frame-options: DENY
x-iinfo: 13-216209522-216209527 NNYN CT(98 207 0) RT(1708544071773 25) q(0 1 4 2) r(5 5) U12
x-xss-protection: 1; mode=block

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://connect.werally.com/
Non-Authoritative-Reason: HSTS

GET
H2 200 rally_common.js Show response
connect.werally.com/scripts/ 300 KB
170 KB 423ms
423ms Script
application/javascript 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/scripts/rally_common.js

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

f91be55145c79eb8d5ab478198d56591c75bb2219aab9cbe2c7e587be71e146e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 19:34:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
content-type: application/javascript; charset=UTF-8
x-ion-hop: 1
x-iinfo: 13-216209522-216209614 NNNN CT(89 187 0) RT(1708544071773 578) q(0 0 3 -1) r(4 4) U9
cache-control: no-cache, no-store, must-revalidate
expires: 0

GET
H2 200 main-49b19804.css
connect.werally.com/static/css/ 672 B
416 B 419ms
418ms Stylesheet
text/css 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/static/css/main-49b19804.css

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

17ae3ae4c56e2cf933fa55219a4cfc50224a98f8bf953e1af98ffcd3f362fb65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:34:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Feb 2024 18:52:37 GMT
x-cdn: Imperva
etag: "65cd0bf5-2a0"
content-type: text/css
x-iinfo: 13-216209522-216208861 2VNN RT(1708544071773 559) q(0 0 0 -1) r(4 4)
cache-control: max-age=15778463, public
content-length: 281
expires: Thu, 22 Aug 2024 10:28:55 GMT

GET
H2 200 united-49b19804.css
connect.werally.com/static/css/ 6 KB
2 KB 325ms
324ms Stylesheet
text/css 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/static/css/united-49b19804.css

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

c880a458f855a4aa743cfff9ff13931bdd533197c92d978b6023cdf50d797fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:34:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Feb 2024 18:52:37 GMT
x-cdn: Imperva
etag: "65cd0bf5-19e0"
content-type: text/css
x-iinfo: 13-216209522-216209381 2VNN RT(1708544071773 563) q(0 0 0 -1) r(3 3)
cache-control: max-age=15778463, public
content-length: 1461
expires: Thu, 22 Aug 2024 10:28:55 GMT

GET
H2 200 main-49b19804.js Show response
connect.werally.com/static/js/ 8 MB
2 MB 440ms
439ms Script
application/javascript 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/static/js/main-49b19804.js

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

fc9bd8afa6e7086411af00d776bed0c44a68c7d6b335cb86d7b0d35cc8eeb4b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:34:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Feb 2024 18:52:37 GMT
x-cdn: Imperva
etag: "65cd0bf5-1b8511"
content-type: application/javascript
x-iinfo: 13-216209522-216208866 2VNN RT(1708544071773 570) q(0 0 0 -1) r(4 4)
cache-control: max-age=15778463, public
content-length: 1803537
expires: Thu, 22 Aug 2024 10:28:55 GMT

GET
H2 200 united-49b19804.js Show response
connect.werally.com/static/js/ 3 KB
2 KB 430ms
429ms Script
application/javascript 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/static/js/united-49b19804.js

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

a9e528b01119ec2c6d8794ed99dbf598383d8e66e943fe70d08f3f929415f750

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:34:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Feb 2024 18:52:37 GMT
x-cdn: Imperva
etag: "65cd0bf5-ced"
content-type: application/javascript
x-iinfo: 13-216209522-216209375 2VNN RT(1708544071773 573) q(0 0 0 -1) r(4 4)
cache-control: max-age=15778463, public
content-length: 1434
expires: Thu, 22 Aug 2024 10:28:55 GMT

GET
H2 200 _Incapsula_Resource Show response
connect.werally.com/ 137 KB
19 KB 37ms
37ms Script
application/javascript 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1473194853

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

e6faa5d096b976639b48150fc2cf06418c5c7cf7ba8c695ab2c37cdfe3ba322e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 19842
content-type: application/javascript

GET
H2 200 en.json Show response
lagoon-psx.uhc.com/prod/en/ 145 KB
146 KB 491ms
401ms Fetch
application/json 2600:9000:21c7:6e00:13:f7f9:9540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lagoon-psx.uhc.com/prod/en/en.json
Requested by: Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-49b19804.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c7:6e00:13:f7f9:9540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6e8563bcce5d4fe3f859e7ca10dc275c9cfa555770c8579ec07614d19206d0ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:34:35 GMT
x-amz-meta-cache-control: max-age=0,no-cache,no-store,must-revalidate
via: 1.1 6642832e0f3e501fb9fdc5f35d4351d8.cloudfront.net (CloudFront)
x-amz-version-id: 5FB8D32KiCt4akn5xgnATtGZ2Dx10NTj
x-amz-cf-pop: AMS54-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 148788
last-modified: Tue, 20 Feb 2024 08:33:59 GMT
server: AmazonS3
etag: "91885390e028d5a30d2f336e8820a807"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: -KjVE3_iMuFeYX7qq8z6vY3zsngSAJFJ2PMwoeJxmiM1kqkuk9UBiA==

GET
H2 200 rally_health.js Show response
content.zeronaught.com/js/ 107 KB
59 KB 691ms
593ms Script
application/javascript 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://content.zeronaught.com/js/rally_health.js
Requested by: Host: connect.werally.com
URL: https://connect.werally.com/scripts/rally_common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.21.5 /
Resource Hash: 3cc71dbee28027aa344d5f5a344266125ad87ceedfe716303072aec89e3d008b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:34:34 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 15 Sep 2021 17:32:21 GMT
server: nginx/1.21.5
etag: W/"61422e25-1acfd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
expires: Wed, 21 Feb 2024 20:34:34 GMT

GET
H2 200 huginn Show response
accounts.werally.com/ 553 B
783 B 456ms
428ms Script
application/javascript 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.werally.com/huginn

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-49b19804.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

5f3e342371d3d479550f5f98d28f75ecbf50d20dc6961d45fce78a2700e73de4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:34:34 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 08 Jun 2023 01:55:33 GMT
x-cdn: Imperva
etag: "64813515-229"
content-type: application/javascript
x-iinfo: 13-216209522-216209841 NNYN CT(95 197 0) RT(1708544071773 1629) q(0 0 2 0) r(4 4) U2
cache-control: no-store, max-age=0
x-incap-sess-cookie-hdr: p/vvF8lXrQGLhKnhb8IPcklQ1mUAAAAANHdJ+keUmNQ/NGaxGkBGog==
accept-ranges: bytes

GET
H2 200 _Incapsula_Resource
connect.werally.com/ 1 B
36 B 21ms
20ms Image
text/plain 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://connect.werally.com/_Incapsula_Resource?SWKMTFSR=1&e=0.7675001997803652

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
BLOB 200
OK 7a0d5ed8-751f-42fb-9308-267158af200c
https://connect.werally.com/ 25 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://connect.werally.com/7a0d5ed8-751f-42fb-9308-267158af200c
Requested by: Host: connect.werally.com
URL: https://connect.werally.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 528c2ff0c35d20492e8e8cd79eb0b81f479e5f827f613cf693fc6cd7a4e21033

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Length: 25814
Content-Type

GET
BLOB 200
OK 6419fa25-6cb3-45cc-8175-bdf79f2a1133
https://connect.werally.com/ 2 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://connect.werally.com/6419fa25-6cb3-45cc-8175-bdf79f2a1133
Requested by: Host: connect.werally.com
URL: https://connect.werally.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Length: 2479
Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 huginn-1.7.0.js Show response
accounts.werally.com/huginn/ 11 KB
4 KB 425ms
425ms Script
application/javascript 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.werally.com/huginn/huginn-1.7.0.js

Requested by

Host: accounts.werally.com
URL: https://accounts.werally.com/huginn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

6d5181d1bb025f833c37756f4b828fbd8f80239706c317cf934b60c379c5701a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:34:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 08 Jun 2023 01:55:33 GMT
x-cdn: Imperva
etag: "64813515-2ad2"
content-type: application/javascript
x-iinfo: 13-216209522-216208859 2VNN RT(1708544071773 2066) q(0 0 0 -1) r(4 4)
cache-control: max-age=1209600, public, must-revalidate
x-incap-sess-cookie-hdr: OFhKatfHzQyLhKnhb8IPckpQ1mUAAAAAyNjVn2FHGwYWM7/WP3ZL0A==
content-length: 3970
expires: Wed, 06 Mar 2024 19:34:34 GMT

GET
H2 200 location Show response
connect.werally.com/rest/geolocation/v1/user/guest/ 225 B
536 B 466ms
466ms XHR
application/json 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/rest/geolocation/v1/user/guest/location

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-49b19804.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

79c8c2fc3d3d9f6cca0cda8a3447fa9b8e5107050814b83cd3f6413bf9f2ca66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Context-Config-PartnerId: uhc
accept-language: de-DE,de;q=0.9
x-datadog-origin: rum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
x-datadog-sampling-priority: 1
Accept: application/json, text/plain, */*
Context-Config-ConsumerSource: connect-web
Referer: https://connect.werally.com/
x-datadog-parent-id: 3451624935231988690
x-datadog-trace-id: 1320842022710417671
Current-Connect-Session-Type: none

Response headers

x-rally-correlationid: swwTN24kdvpZFi-csedge
date: Wed, 21 Feb 2024 19:34:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-encoding: gzip
x-cdn: Imperva
vary: Origin
content-type: application/json
x-iinfo: 13-216209522-216210043 NNYN CT(124 209 0) RT(1708544071773 2609) q(0 0 4 -1) r(5 5) U9
cache-control: no-cache
server-timing: geolocation-strict, geolocation-total;dur=0, csedge-streamed, csedge-ttfb;dur=3
x-xss-protection: 1; mode=block

POST
H2 200 rallyhealth Show response
us.gimp.zeronaught.com/__imp_apg__/api/dc/ 2 B
194 B 203ms
139ms XHR
application/json 34.120.21.7
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://us.gimp.zeronaught.com/__imp_apg__/api/dc/rallyhealth?key=AIzaSyBSNSqUBneAZSfuYeWzovo86EyOLTgPuZA
Requested by: Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-49b19804.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.21.7 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 7.21.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://connect.werally.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 21 Feb 2024 19:34:35 GMT
x-envoy-decorator-operation: ingress DeviceCategoryPost3
via: 1.1 google
server: envoy
vary: Origin
content-type: application/json
access-control-allow-origin: https://connect.werally.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 400 user Show response
accounts.werally.com/protected/account/v1/ 195 B
885 B 428ms
428ms XHR
application/json 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.werally.com/protected/account/v1/user

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-49b19804.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

db9a96f20a006d1a5db7a178722bb8077f7fa6b6353aa979acc7ee4ca81facb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://connect.werally.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:34:35 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: master-only
x-cdn: Imperva
x-iinfo: 13-216209522-216210149 NNYN CT(101 197 0) RT(1708544071773 3087) q(0 0 3 -1) r(4 4) U11
x-xss-protection: 1; mode=block
x-rally-correlationid: TerYZZ9lsQK11z-authn
access-control-max-age: 86400
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://connect.werally.com
access-control-allow-methods: POST,OPTIONS,GET,PUT
access-control-expose-headers: Content-Type,Set-Cookie,X-Rally-Locale,X-Rally-Correlationid
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-incap-sess-cookie-hdr: nOabRjh6wXyLhKnhb8IPcktQ1mUAAAAApzfExXl3j08bTmL87eNtsg==
access-control-allow-headers: x-datadog-origin,x-datadog-parent-id,x-datadog-sampled,x-datadog-sampling-priority,x-datadog-trace-id,Origin,X-Requested-With,Content-Type,Cookie,Accept,Referer,User-Agent,X-Rally-Correlationid,X-Rally-SortingHat-Env,X-Rally-Auth-Token,XSRF-Token,X-Rally-Locale,Norn-Meta,X-Rally-User-Timezone,x0lgueyvqm-a,x0lgueyvqm-b,x0lgueyvqm-c,x0lgueyvqm-d,x0lgueyvqm-f,x0lgueyvqm-z

POST
H2 200 rallyhealth Show response
us.gimp.zeronaught.com/__imp_apg__/api/dc/ 2 B
54 B 140ms
139ms XHR
application/json 34.120.21.7
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://us.gimp.zeronaught.com/__imp_apg__/api/dc/rallyhealth?key=AIzaSyBSNSqUBneAZSfuYeWzovo86EyOLTgPuZA
Requested by: Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-49b19804.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.21.7 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 7.21.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://connect.werally.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 21 Feb 2024 19:34:36 GMT
x-envoy-decorator-operation: ingress DeviceCategoryPost3
via: 1.1 google
server: envoy
vary: Origin
content-type: application/json
access-control-allow-origin: https://connect.werally.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 prod Show response
maelstrom-dmz.uhc.com/app/lagoon/global-provider-cost-experience-web/env/ 3 KB
2 KB 779ms
563ms Fetch
application/json 2600:9000:26db:ee00:1d:be51:5240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://maelstrom-dmz.uhc.com/app/lagoon/global-provider-cost-experience-web/env/prod
Requested by: Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-49b19804.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:ee00:1d:be51:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 177e59388c471ade84aed4b33ab13d2006afcad7ca7611bfc8f6a334628be1d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

x-amz-meta-cache-control: max-age=0,no-cache,no-store,must-revalidate
content-encoding: gzip
via: 1.1 918459d66ab0cca4258acacb6d3f6edc.cloudfront.net (CloudFront)
date: Wed, 21 Feb 2024 19:34:37 GMT
last-modified: Mon, 19 Feb 2024 22:27:44 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
etag: W/"d99f3ff7193543c8b8b4b18814802a7b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-cf-id: Vf45ADAAbWQwi5AwbeLTmbX49Dkx9smDoIxQUKcqH5jh2dPSizWYIw==

POST
H2 202 replay Show response
session-replay.browser-intake-datadoghq.com/api/v2/ 53 B
344 B 476ms
231ms Fetch
application/json 2600:1f18:24e6:b900:6bb1:68d:d4e5:9954
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://session-replay.browser-intake-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Afetch%2Cenv%3Aprod%2Cservice%3Achopshop-ui%2Cversion%3A7.36.1&dd-api-key=pubb9d400b66085801fda89470302d2eeb6&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=e9758500-f2ae-45d4-a963-212db5828bac

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-49b19804.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b900:6bb1:68d:d4e5:9954 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

06c22afe4e76fa547796ee06bcd726e41450e086aeaba88bb4ab2fe5f7264355

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.werally.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryyxBLzzlkGMmGvNU1

Response headers

date: Wed, 21 Feb 2024 19:34:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53
dd-request-id: e9758500-f2ae-45d4-a963-212db5828bac

GET
H2 200 83-49b19804.chunk.js Show response
connect.werally.com/static/js/chunks/ 30 KB
10 KB 314ms
314ms Script
application/javascript 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/static/js/chunks/83-49b19804.chunk.js

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-49b19804.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

ddb9a25e5365d1fa5d45afb97d996aafbd1bf4500f3530ac418c00bcfa40eee3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/partner-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:34:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Feb 2024 18:52:37 GMT
x-cdn: Imperva
etag: "65cd0bf5-270a"
content-type: application/javascript
x-iinfo: 13-216209522-216209141 2VNN RT(1708544071773 3541) q(0 0 0 -1) r(3 3)
cache-control: max-age=15778463, public
content-length: 9994
expires: Thu, 22 Aug 2024 10:28:58 GMT

GET
H2 200 launch-e6edd8af55ce.min.js Show response
assets.adobedtm.com/512027f42d3c/a42495d21182/ 676 KB
156 KB 95ms
23ms Script
application/x-javascript 2a02:26f0:480:79e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/a42495d21182/launch-e6edd8af55ce.min.js
Requested by: Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-49b19804.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:79e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 79b2c83dc54748de9dabfc6f846c38808f4bc19fbf55a20ce37ab5cd10d491c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:34:36 GMT
content-encoding: gzip
last-modified: Mon, 12 Feb 2024 09:37:39 GMT
server: AkamaiNetStorage
etag: "77e2088135f40a9cc452227eb3c96d57:1707730659.72322"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://connect.werally.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 159098
expires: Wed, 21 Feb 2024 20:34:36 GMT

GET
H2 200 uhc Show response
connect.werally.com/rest/partner/v3/content/ 13 KB
3 KB 128ms
128ms XHR
application/json 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/rest/partner/v3/content/uhc?policyId=&coverageTypes=medical

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-49b19804.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

aa60d1373b6ec955a20f32f8dc323b70de10f11745e8d4ff84545c3f3444c96c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Context-Config-PartnerId: uhc
Accept-Language: de-DE,de;q=0.9
x-datadog-origin: rum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
x-datadog-sampling-priority: 1
Accept: application/json, text/plain, */*
Context-Config-ConsumerSource: connect-web
Referer: https://connect.werally.com/partner-login
X-Rally-Locale: en-US
x-datadog-parent-id: 264406979138683036
x-datadog-trace-id: 2083892767862344560
Current-Connect-Session-Type: none

Response headers

x-rally-correlationid: se5gQyqVjaPsU7-csedge
date: Wed, 21 Feb 2024 19:34:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-encoding: gzip
x-cdn: Imperva
vary: Origin
content-type: application/json
x-iinfo: 13-216209522-216209527 PNYN RT(1708544071773 3547) q(0 0 0 -1) r(1 1) U9
cache-control: no-cache, no-store, must-revalidate
server-timing: partner-strict, partner-total;dur=1, csedge-streamed, csedge-ttfb;dur=3
x-xss-protection: 1; mode=block

GET
H2 200 78-49b19804.chunk.js Show response
connect.werally.com/static/js/chunks/ 33 KB
8 KB 331ms
331ms Script
application/javascript 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/static/js/chunks/78-49b19804.chunk.js

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-49b19804.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

2f381b4aec09916943b7d17fa2ce0f3d99c24035eb2edd1f3369663390d60f8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/partner-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:34:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Feb 2024 18:52:37 GMT
x-cdn: Imperva
etag: "65cd0bf5-20ac"
content-type: application/javascript
x-iinfo: 13-216209522-216208859 2VNN RT(1708544071773 3622) q(0 0 0 -1) r(4 4)
cache-control: max-age=15778463, public
content-length: 8364
expires: Thu, 22 Aug 2024 10:28:58 GMT

GET
H2 200 3-49b19804.chunk.js Show response
connect.werally.com/static/js/chunks/ 635 KB
158 KB 443ms
443ms Script
application/javascript 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/static/js/chunks/3-49b19804.chunk.js

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-49b19804.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

72b006f8009bbf7bfe2b198a65eea0fc92348e8c0d4f6f68bbc5ebf6a8035d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/partner-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:34:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Feb 2024 18:52:37 GMT
x-cdn: Imperva
etag: "65cd0bf5-27827"
content-type: application/javascript
x-iinfo: 13-216209522-216208864 2VNN RT(1708544071773 3638) q(0 0 0 -1) r(4 4)
cache-control: max-age=15778463, public
content-length: 161831
expires: Thu, 22 Aug 2024 10:28:58 GMT

GET
H2 200 2-49b19804.chunk.js Show response
connect.werally.com/static/js/chunks/ 74 KB
20 KB 320ms
319ms Script
application/javascript 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/static/js/chunks/2-49b19804.chunk.js

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-49b19804.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

57fc9d0aaede8b47ac09fdc14bc3536e65cabe02fa3cfc0e89ac017383ba0df5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/partner-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:34:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Feb 2024 18:52:37 GMT
x-cdn: Imperva
etag: "65cd0bf5-4fc6"
content-type: application/javascript
x-iinfo: 13-216209522-216210277 2VNN RT(1708544071773 3640) q(0 0 0 -1) r(0 3)
cache-control: max-age=15778463, public
content-length: 20422
expires: Thu, 22 Aug 2024 10:28:58 GMT

GET
H2 200 66-49b19804.chunk.js Show response
connect.werally.com/static/js/chunks/ 11 KB
4 KB 318ms
318ms Script
application/javascript 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/static/js/chunks/66-49b19804.chunk.js

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-49b19804.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

6372e5137036c329e4d954b2290bfd457f600334a8b2c1c980265a48ae105c82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/partner-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:34:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Feb 2024 18:52:37 GMT
x-cdn: Imperva
etag: "65cd0bf5-da2"
content-type: application/javascript
x-iinfo: 13-216209522-216208871 2VNN RT(1708544071773 3642) q(0 0 0 -1) r(3 3)
cache-control: max-age=15778463, public
content-length: 3490
expires: Thu, 22 Aug 2024 10:28:58 GMT

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.com/api/v2/ 53 B
343 B 546ms
275ms Fetch
application/json 2600:1f18:24e6:b901:5072:cd31:71ea:13bb
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Afetch%2Cenv%3Aprod%2Cservice%3Achopshop-ui%2Cversion%3A7.36.1&dd-api-key=pubb9d400b66085801fda89470302d2eeb6&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=bf82cb71-b8f3-4a7f-a6f8-29e6216f6ef3&batch_time=1708544076156

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-49b19804.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b901:5072:cd31:71ea:13bb Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

7ac2d6bdf523ad458d86688c484e5256ac0207afbc1ed91926f571390dcc24cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.werally.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 21 Feb 2024 19:34:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53
dd-request-id: bf82cb71-b8f3-4a7f-a6f8-29e6216f6ef3

GET
H2 200 id Show response
dpm.demdex.net/ 974 B
1 KB 140ms
46ms XHR
application/json 63.32.175.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1708544076199

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-49b19804.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.32.175.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-32-175-215.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bdf5b0d83262deb50cd6ba7fbade9a66d2697f1a4550d0725ec767ab6187a890

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://connect.werally.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

dcs: dcs-prod-irl1-1-v056-053402f4d.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Wed, 21 Feb 2024 19:34:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: jWfc2SdPSgo=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://connect.werally.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 557
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/ 34 KB
13 KB 29ms
29ms Script
application/x-javascript 2a02:26f0:480:79e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPef068a8d6dd34a43866d9a80cc98baab/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/a42495d21182/launch-e6edd8af55ce.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:79e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:34:36 GMT
content-encoding: gzip
last-modified: Tue, 12 Sep 2023 05:33:26 GMT
server: AkamaiNetStorage
etag: "208eb534ea01036a4fca64e6715ccf3f:1694496806.451282"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://connect.werally.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12687
expires: Wed, 21 Feb 2024 20:34:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 188 KB
69 KB 90ms
40ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8584968

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/a42495d21182/launch-e6edd8af55ce.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7f6e3fa384c10d6162acf09c753ccb535e95f4da8436507e069f1c4a67b62d6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:34:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70114
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 18:38:57 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Feb 2024 19:34:36 GMT

GET
H2 200 RC677313e9249940d589449a826cea5bb3-source.min.js Show response
assets.adobedtm.com/512027f42d3c/a42495d21182/6b1665fcbebf/ 577 B
590 B 21ms
21ms Script
application/x-javascript 2a02:26f0:480:79e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/a42495d21182/6b1665fcbebf/RC677313e9249940d589449a826cea5bb3-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/a42495d21182/launch-e6edd8af55ce.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:79e::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 78621cbbe86b9bdb10ffc990a595522aa18b11ef26a7c59962f9f57fb587237a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:34:36 GMT
content-encoding: gzip
last-modified: Mon, 12 Feb 2024 09:37:44 GMT
server: AkamaiNetStorage
etag: "3d46248e54cb46454388dc9faea6e29e:1707730664.304303"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://connect.werally.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 330
expires: Wed, 21 Feb 2024 20:34:36 GMT

GET
H2 200 dest5.html Show response
unitedhealthgroup.demdex.net/ Frame 21B5 7 KB
3 KB 75ms
44ms Document
text/html 63.32.175.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/a42495d21182/launch-e6edd8af55ce.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.32.175.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-32-175-215.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://connect.werally.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Wed, 21 Feb 2024 19:34:36 GMT
dcs: dcs-prod-irl1-1-v056-08b66dfed.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 21 Feb 2024 08:19:45 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: WG0Zvb88RTs=

GET
H2

200

ibs:dpid=411&dpuuid=ZdZQTAAAAFV0DAOJ
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=25343294745949812882074484746734883256
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZdZQTAAAAFV0DAOJ

42 B
719 B

46ms
46ms

Image
image/gif

63.32.175.215
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZdZQTAAAAFV0DAOJ

Protocol

Server

63.32.175.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-32-175-215.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v056-08a457323.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Wed, 21 Feb 2024 19:34:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: O6yMvR2tQUk=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZdZQTAAAAFV0DAOJ
Date: Wed, 21 Feb 2024 19:34:36 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 200 delivery Show response
unitedhealthgroup.tt.omtrdc.net/rest/v1/ 360 B
850 B 187ms
78ms XHR
application/json 66.235.152.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://unitedhealthgroup.tt.omtrdc.net/rest/v1/delivery?client=unitedhealthgroup&sessionId=5f3d6f86d10c430abd22252845013e8a&version=2.10.2

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-49b19804.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.235.152.221 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-66-235-152-221.data.adobedc.net

Software

jag /

Resource Hash

37b3361fce71296482bdf2fe39089557f90e6037d7486f959ebe5bb980d26556

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://connect.werally.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 21 Feb 2024 19:34:36 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
server: jag
x-content-type-options: nosniff
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://connect.werally.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
x-request-id: 2613c262-31dc-470e-b1d8-493b41d96c4f

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
79 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-801669703&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2b897596894c8119f066103202c5c54ef445bc7f15c4c0379fa7724f78f6993c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:34:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80816
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 18:38:57 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Feb 2024 19:34:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
76 KB 43ms
43ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-801664645&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8584968

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2b78947fa9d9e3bd9f6ebfa804c3b049d7fe1f0a4cd614d1d7c87f53a60c01f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:34:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78208
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 18:38:57 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Feb 2024 19:34:36 GMT

GET
H2 200 / Show response
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/ 9 KB
4 KB 120ms
41ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44e284135d6b537af01469a3082f541dbc064962264b883aaf9282504c628633

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:34:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 157466
cf-polished: origSize=9889
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"26a1-WW7G5WY67wD9afTNMbHULF7+uq8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 85916d7ddeb191f6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2

200

ibs:dpid=771&dpuuid=CAESEFR3ZWi552hsG2gr6F0yThc&google_cver=1
dpm.demdex.net/ Frame 21B5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjUzNDMyOTQ3NDU5NDk4MTI4ODIwNzQ0ODQ3NDY3MzQ4ODMyNTY=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MjUzNDMyOTQ3NDU5NDk4MTI4ODIwNzQ0ODQ3NDY3MzQ4ODMyNTY=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFR3ZWi552hsG2gr6F0yThc&google_cver=1?gdpr=0&gdpr_consent=

42 B
719 B

45ms
45ms

Image
image/gif

63.32.175.215
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFR3ZWi552hsG2gr6F0yThc&google_cver=1?gdpr=0&gdpr_consent=

Protocol

Server

63.32.175.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-32-175-215.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://unitedhealthgroup.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v056-090cba3b7.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Wed, 21 Feb 2024 19:34:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: NoS1QR5OT9o=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 21 Feb 2024 19:34:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFR3ZWi552hsG2gr6F0yThc&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/801669703/ 3 KB
2 KB 105ms
57ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801669703/?random=1708544076440&cv=11&fst=1708544076440&bg=ffffff&guid=ON&async=1&gtm=45be42h0v886616604za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fconnect.werally.com%2Fpartner-login&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1790600501.1708544076&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-801669703&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf3457ce14f1b1b0dff10686d656a5d273db76f5dac4540d6a82592aeb74f192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 19:34:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1271
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/801664645/ 3 KB
1 KB 94ms
59ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801664645/?random=1708544076455&cv=11&fst=1708544076455&bg=ffffff&guid=ON&async=1&gtm=45be42h0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fconnect.werally.com%2Fpartner-login&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=1790600501.1708544076&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-801664645&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3f5d1724895c28e70cc52b18acb7000813c1af906361cc394ea923bceeb3446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 19:34:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1265
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 12.93f2ca20511a668d8998.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 73 KB
22 KB 40ms
40ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/12.93f2ca20511a668d8998.chunk.js?Q_CLIENTVERSION=2.1.0&Q_CLIENTTYPE=web&Q_BRANDID=connect.werally.com

Requested by

Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

490f73ccaadf6bf9f121713e241e05fc959039104fdbca9c72780b2822296375

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:34:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 157483
cf-polished: origSize=75209
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 19 Feb 2024 20:16:06 GMT
cf-bgj: minify
server: cloudflare
etag: W/"125c9-18dc302ef70"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 85916d7e1ed891f6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

POST
H2 202 replay Show response
session-replay.browser-intake-datadoghq.com/api/v2/ 53 B
343 B 490ms
377ms XHR
application/json 2600:1f18:24e6:b900:6bb1:68d:d4e5:9954
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://session-replay.browser-intake-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Axhr%2Cenv%3Aprod%2Cservice%3Achopshop-ui%2Cversion%3A7.36.1&dd-api-key=pubb9d400b66085801fda89470302d2eeb6&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=23fd71ae-14bc-41ce-babb-1f588fd79d8d

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-49b19804.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b900:6bb1:68d:d4e5:9954 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

7d3abfb53004685619d1becad746d82a7fd902426dc15693a57b2e3490b7c04a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.werally.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryjf1LjMXBXvXBAfDT

Response headers

date: Wed, 21 Feb 2024 19:34:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53
dd-request-id: 23fd71ae-14bc-41ce-babb-1f588fd79d8d

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 21B5 70 B
149 B 151ms
48ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=connect.werally.com&ttd_tpi=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://unitedhealthgroup.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:34:36 GMT
server: Kestrel
content-length: 70
content-type: image/gif

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 69 KB
6 KB 72ms
72ms XHR
application/json 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0Neqx1dGGrrlV4y&Q_CLIENTVERSION=2.1.0&Q_CLIENTTYPE=web

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-49b19804.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e22dd01208e2054dbe87486afe1fa9926501724d6f0399a857c5673efbb66d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.werally.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 21 Feb 2024 19:34:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://connect.werally.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 2d11475a4a6b217f
cf-ray: 85916d7e6f0191f6-FRA
timing-allow-origin: *

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.com/api/v2/ 53 B
344 B 152ms
152ms Fetch
application/json 2600:1f18:24e6:b901:5072:cd31:71ea:13bb
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Afetch%2Cenv%3Aprod%2Cservice%3Achopshop-ui%2Cversion%3A7.36.1&dd-api-key=pubb9d400b66085801fda89470302d2eeb6&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=e0091ba2-819f-4ba8-9e7c-8928226876ea&batch_time=1708544076536

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-49b19804.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b901:5072:cd31:71ea:13bb Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

866e9a7c04271e8a1dac4ccb199e67fefbf63a9f8533e3012f3dc29814982f3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.werally.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 21 Feb 2024 19:34:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53
dd-request-id: e0091ba2-819f-4ba8-9e7c-8928226876ea

GET
H2 200 /
www.google.com/pagead/1p-user-list/801669703/ 42 B
455 B 78ms
30ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/801669703/?random=1708544076440&cv=11&fst=1708542000000&bg=ffffff&guid=ON&async=1&gtm=45be42h0v886616604za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fconnect.werally.com%2Fpartner-login&frm=0&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_dcNOKBxX_nF7LyLFJpp6gve7kM2zUQ&random=2506492740&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 19:34:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
www.google.de/pagead/1p-user-list/801669703/ 0
0

GET
H2 200 /
www.google.com/pagead/1p-user-list/801664645/ 42 B
108 B 76ms
31ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/801664645/?random=1708544076455&cv=11&fst=1708542000000&bg=ffffff&guid=ON&async=1&gtm=45be42h0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fconnect.werally.com%2Fpartner-login&frm=0&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_fxnAYQzcoSX08kMrHQgkFp0UxoeA8Q&random=479601082&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 19:34:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
www.google.de/pagead/1p-user-list/801664645/ 0
0

GET
H2 200 82-49b19804.chunk.js Show response
connect.werally.com/static/js/chunks/ 4 KB
2 KB 129ms
129ms Script
application/javascript 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/static/js/chunks/82-49b19804.chunk.js

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-49b19804.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

6c0a467a5d2d666c1489c19b0ce8f2cf4405a1b39b9f11605eccfbbcbdfaa2d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/partner-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:34:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Feb 2024 18:52:37 GMT
x-cdn: Imperva
etag: "65cd0bf5-107a"
content-type: application/javascript
x-iinfo: 13-216209522-216208864 2VNN RT(1708544071773 4172) q(0 0 0 -1) r(1 1)
cache-control: max-age=15778463, public
content-length: 1685
expires: Thu, 22 Aug 2024 10:28:59 GMT

GET
H2 200 116-49b19804.chunk.js Show response
connect.werally.com/static/js/chunks/ 418 B
449 B 129ms
128ms Script
application/javascript 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/static/js/chunks/116-49b19804.chunk.js

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-49b19804.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

85e51ca98cc8034703ac4e90d1dc9a3789722afd3842ca39e240246d65fe059d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/partner-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:34:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Feb 2024 18:52:37 GMT
x-cdn: Imperva
etag: "65cd0bf5-1a2"
content-type: application/javascript
x-iinfo: 13-216209522-216208871 2VNN RT(1708544071773 4175) q(0 0 0 -1) r(1 1)
cache-control: max-age=15778463, public
content-length: 313
expires: Thu, 22 Aug 2024 10:28:59 GMT

GET
H2 200 logo-e6567e5c.svg
connect.werally.com/static/media/ 7 KB
2 KB 314ms
313ms Image
image/svg+xml 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://connect.werally.com/static/media/logo-e6567e5c.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

a232d397087067853daa9a8df775d85b961dc3e9eb91211bb10e4bfb75c3e597

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/partner-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:34:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Feb 2024 18:52:37 GMT
x-cdn: Imperva
etag: "65cd0bf5-1ad8"
content-type: image/svg+xml
x-iinfo: 13-216209522-216210277 2VNN RT(1708544071773 4179) q(0 0 0 -1) r(3 3)
cache-control: max-age=15778463, public
content-length: 2342
expires: Thu, 22 Aug 2024 10:28:59 GMT

GET
H2 200 rally_footer-b3841f4d.svg
connect.werally.com/static/media/ 2 KB
1 KB 399ms
398ms Image
image/svg+xml 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://connect.werally.com/static/media/rally_footer-b3841f4d.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

940efd0e484c110b53e2118e1bcdcf8760f04df2d8032416dd63a461fc3e950a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/partner-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:34:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Feb 2024 18:52:37 GMT
x-cdn: Imperva
etag: "65cd0bf5-88a"
content-type: image/svg+xml
x-iinfo: 13-216209522-216209077 2VNN RT(1708544071773 4182) q(0 0 0 -1) r(4 4)
cache-control: max-age=15778463, public
content-length: 890
expires: Thu, 22 Aug 2024 10:28:59 GMT

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 101 KB
31 KB 44ms
43ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=2.1.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise

Requested by

Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.93f2ca20511a668d8998.chunk.js?Q_CLIENTVERSION=2.1.0&Q_CLIENTTYPE=web&Q_BRANDID=connect.werally.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d356ee389de59db1fbab4a45c7abe6b7bc3d3e9c9260e0fce55ebd2c3bd2e23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:34:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 157465
cf-polished: origSize=103878
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 19 Feb 2024 20:16:06 GMT
cf-bgj: minify
server: cloudflare
etag: W/"195c6-18dc302ef70"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 85916d7f4f7391f6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

POST
H2 401 events Show response
connect.werally.com/rest/tracking/v1/ 15 B
359 B 403ms
402ms XHR
text/plain 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/rest/tracking/v1/events

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-49b19804.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

b51d0a1178453d5deda9c42db26ff1bac2d43c5e0e23492fb7397cc260d41610

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Context-Config-PartnerId: uhc
Accept-Language: de-DE,de;q=0.9
x-datadog-origin: rum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
x-datadog-sampling-priority: 1
Content-Type: application/json
Accept: application/json, text/plain, */*
Context-Config-ConsumerSource: connect-web
Referer: https://connect.werally.com/partner-login
X-Rally-Locale: en-US
x-datadog-parent-id: 7460749390982542461
x-datadog-trace-id: 5790290519807462037
Current-Connect-Session-Type: none

Response headers

date: Wed, 21 Feb 2024 19:34:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-cdn: Imperva
x-iinfo: 13-216209522-216210403 NNYN CT(92 189 0) RT(1708544071773 4204) q(0 0 3 -1) r(4 4) U6
server-timing: cstrack-strict, cstrack-total;dur=1, csedge-streamed, csedge-ttfb;dur=2
x-xss-protection: 1; mode=block
x-rally-correlationid: NJhee2mKVX2gfA-csedge
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
vary: Origin
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://connect.werally.com
access-control-expose-headers: X-Rally-CorrelationId
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-incap-sess-cookie-hdr: AP3jY1ygByE+gKnhb8IPckxQ1mUAAAAA7aHxb/1JzxxctiRVs7phqA==

POST
H2 401 events Show response
connect.werally.com/rest/tracking/v3/ 15 B
313 B 141ms
141ms XHR
text/plain 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/rest/tracking/v3/events

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-49b19804.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

b51d0a1178453d5deda9c42db26ff1bac2d43c5e0e23492fb7397cc260d41610

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Context-Config-PartnerId: uhc
Accept-Language: de-DE,de;q=0.9
x-datadog-origin: rum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
x-datadog-sampling-priority: 1
Content-Type: application/json
Accept: application/json, text/plain, */*
Context-Config-ConsumerSource: connect-web
Referer: https://connect.werally.com/partner-login
X-Rally-Locale: en-US
x-datadog-parent-id: 1889674524855540989
x-datadog-trace-id: 6499088040374080589
Current-Connect-Session-Type: none

Response headers

date: Wed, 21 Feb 2024 19:34:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-cdn: Imperva
x-iinfo: 13-216209522-216210043 PNYN RT(1708544071773 4213) q(0 0 0 -1) r(1 1) U6
server-timing: cstrack-strict, cstrack-total;dur=1, csedge-streamed, csedge-ttfb;dur=3
x-xss-protection: 1; mode=block
x-rally-correlationid: Hm4ZWTrW9JxuRC-csedge
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
vary: Origin
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://connect.werally.com
access-control-expose-headers: X-Rally-CorrelationId
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-incap-sess-cookie-hdr: kon3cuiHbGQ+gKnhb8IPckxQ1mUAAAAAmzKvAEjKDOcJFdVmt0tZ8w==

GET image.sbix
global.ib-ibi.com/ Frame 21B5 0
0

GET
H2 200 7.5f000cafeed9b3b29059.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 2 KB
1 KB 41ms
41ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/7.5f000cafeed9b3b29059.chunk.js?Q_CLIENTVERSION=2.1.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise

Requested by

Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9863e955ed039e7f56ae28ece3c54e5d029cd566154ac973365c2505880c2872

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:34:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 157464
cf-polished: origSize=2898
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 19 Feb 2024 20:16:06 GMT
cf-bgj: minify
server: cloudflare
etag: W/"b52-18dc302ef70"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 85916d7fbfba91f6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

GET
H2 200 1.5f4f8c3e3982904758f5.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 28 KB
7 KB 49ms
49ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.5f4f8c3e3982904758f5.chunk.js?Q_CLIENTVERSION=2.1.0&Q_CLIENTTYPE=web&Q_BRANDID=uhgenterprise

Requested by

Host: zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
URL: https://zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_0Neqx1dGGrrlV4y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93bedc0adfe3f37ae0156fc936a5b15f2b769369ed30b469a9d872b684597732

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:34:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 157464
cf-polished: origSize=29688
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 19 Feb 2024 20:16:06 GMT
cf-bgj: minify
server: cloudflare
etag: W/"73f8-18dc302ef70"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
cf-ray: 85916d7fbfbc91f6-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin: *

POST
H2 202 rum Show response
rum.browser-intake-datadoghq.com/api/v2/ 53 B
343 B 165ms
164ms Fetch
application/json 2600:1f18:24e6:b901:5072:cd31:71ea:13bb
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rum.browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A4.50.1%2Capi%3Afetch%2Cenv%3Aprod%2Cservice%3Achopshop-ui%2Cversion%3A7.36.1&dd-api-key=pubb9d400b66085801fda89470302d2eeb6&dd-evp-origin-version=4.50.1&dd-evp-origin=browser&dd-request-id=8fd443a6-844d-402c-a23d-d7b9e1af891f&batch_time=1708544076789

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/static/js/main-49b19804.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b901:5072:cd31:71ea:13bb Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

126f606440010e087af3a31bda38db549c92e05c1ce1d631ce5fb27ba87220de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://connect.werally.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 21 Feb 2024 19:34:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53
dd-request-id: 8fd443a6-844d-402c-a23d-d7b9e1af891f

GET
H2 200 s8862170374202
smetrics.optum.com/b/ss/uhguhcmemberstdprod,uhgenterprisecoreprod/1/JS-2.25.0-LDQM/ 43 B
373 B 230ms
36ms Image
image/gif 63.140.62.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.optum.com/b/ss/uhguhcmemberstdprod,uhgenterprisecoreprod/1/JS-2.25.0-LDQM/s8862170374202?AQB=1&ndh=1&pf=1&t=21%2F1%2F2024%2020%3A34%3A36%203%20-60&sdid=1226AF34E591A375-5205D073224C108B&mid=32252124606963287691379212530612162129&aamlh=6&ce=UTF-8&pageName=uhc%3Amyuhc%3Apublic%3Afpc%3Apartnerlogin&g=https%3A%2F%2Fconnect.werally.com%2Fpartner-login&c.&apl=4.0&inList=3.0&getPreviousValue=3.0.1&manageVars=3.0&lowerCaseVars=1.0&pt=3.0&getPercentPageViewed=5.0.2&handlePPVevents=4.0&p_fo=3.0&.c&cc=USD&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=2.25.0%7Eproduction%7E2024-02-12t09%3A35%3A08z&c2=initialpercent%3D%20%7C%20highestpercent%3D&c3=connect.werally.com&c4=%2Fpartner-login&v139=pagenavevent&v140=uhc&v141=myuhc&v142=myuhc&v143=website&v145=uhc%3Amyuhc%3Apublic%3Afpc%3Apartnerlogin&v149=1708544076&v150=mozilla%2F5.0%20%28windows%20nt%2010.0%3B%20win64%3B%20x64%29%20applewebkit%2F537.36%20%28khtml%2C%20like%20gecko%29%20chrome%2F122.0.6261.57%20safari%2F537.36&v152=D%3Dmid&v153=https%3A%2F%2Fconnect.werally.com%2Fpartner-login&v154=https%3A%2F%2Fconnect.werally.com%2Fpartner-login&v157=ce%20%7C%20acdl%20-%20all%20pages%20-%20page%20load%20-%20aa%20-%20send%20beacon%28%20specific%20%3A%20fpc%29&v162=not%20logged%20in&v169=guest&v181=public&v182=fpc&v184=uhc%3Amyuhc%3Apublic%3Afpc&v191=member%3Eguest&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=8E391C8B533058250A490D4D%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.222 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-222.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 19:34:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 22 Feb 2024 19:34:37 GMT
server: jag
etag: 3669070467973840896-4617847608578237173
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 20 Feb 2024 19:34:37 GMT

GET
H2 200 login-a2fb43a4.svg
connect.werally.com/static/media/ 2 KB
900 B 419ms
419ms Image
image/svg+xml 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://connect.werally.com/static/media/login-a2fb43a4.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

6438504bff067c45eaf09441f9f5daaefd97caff542e57badcced52dce8c06cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.werally.com/partner-login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:34:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Feb 2024 18:52:37 GMT
x-cdn: Imperva
etag: "65cd0bf5-66f"
content-type: image/svg+xml
x-iinfo: 13-216209522-216208871 2VNN RT(1708544071773 4324) q(0 1 1 -1) r(4 4)
cache-control: max-age=15778463, public
content-length: 763
expires: Thu, 22 Aug 2024 10:28:59 GMT

GET
H2 200 UHCSerifHeadline-Semibold-1ba3c397.woff
connect.werally.com/static/media/ 34 KB
35 KB 327ms
327ms Font
font/woff 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.werally.com/static/media/UHCSerifHeadline-Semibold-1ba3c397.woff

Requested by

Host: connect.werally.com
URL: https://connect.werally.com/static/css/united-49b19804.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

56032c4940c60d28fde373f46ffa13481b908a6a3edeecabddad239547755150

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://connect.werally.com/static/css/united-49b19804.css
Origin: https://connect.werally.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 19:34:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 14 Feb 2024 18:52:37 GMT
x-cdn: Imperva
etag: "65cd0bf5-89c8"
content-type: font/woff
x-iinfo: 13-216209522-216208859 2VNN RT(1708544071773 4332) q(0 0 0 -1) r(3 3)
cache-control: max-age=15778463, public
x-incap-sess-cookie-hdr: nnIzPGUm3j0+gKnhb8IPckxQ1mUAAAAAggC6zll0ak0yV0j4FLqaXw==
content-length: 35272
expires: Thu, 22 Aug 2024 10:28:59 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google.de
URL: https://www.google.de/pagead/1p-user-list/801669703/?random=1708544076440&cv=11&fst=1708542000000&bg=ffffff&guid=ON&async=1&gtm=45be42h0v886616604za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fconnect.werally.com%2Fpartner-login&frm=0&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_dcNOKBxX_nF7LyLFJpp6gve7kM2zUQ&random=2506492740&rmt_tld=1&ipr=y

Domain: www.google.de
URL: https://www.google.de/pagead/1p-user-list/801664645/?random=1708544076455&cv=11&fst=1708542000000&bg=ffffff&guid=ON&async=1&gtm=45be42h0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fconnect.werally.com%2Fpartner-login&frm=0&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_fxnAYQzcoSX08kMrHQgkFp0UxoeA8Q&random=479601082&rmt_tld=1&ipr=y

Domain: global.ib-ibi.com
URL: https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=25343294745949812882074484746734883256

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
connect.werally.com/	1970-01-20 18:36:05	Name: X-Rally-Canary Value: never
connect.werally.com/	1970-01-21 03:20:03	Name: visid_incap_676033 Value: zBiQvJoiRQee8+CK2BEmw0dQ1mUAAAAAQUIPAAAAAACZsW1SMUZqoLQC+lfFqkR0
connect.werally.com/	1969-12-31 23:59:59	Name: incap_ses_8219_676033 Value: 08fvMa7LoGo+gKnhb8IPckhQ1mUAAAAAnurkzXi7WUYYbNmPH3YREg==
.werally.com/	1970-01-21 04:11:44	Name: xGFajjParSn Value: A66eKc2NAQAA61ATH6l8p4OjsebyJHyCvMhI9Bv3on122XTOlxEzqzwrzB4PAdly14WucrZKwH8AAEB3AAAAAA\|1\|0\|b222cbf06d2358c8de0bac4ce73fac2c0709fbc7
accounts.werally.com/	1970-01-21 03:20:03	Name: visid_incap_676022 Value: ngP/VKAmQuGvhqMWNcNu00lQ1mUAAAAAQUIPAAAAAAB8c3bFfYO1zuX3W0Ada4L3
accounts.werally.com/	1969-12-31 23:59:59	Name: incap_ses_8219_676022 Value: vXH4ai1D4HqLhKnhb8IPcklQ1mUAAAAA30hT+035VQOV+T9e7BjE9A==
.werally.com/	1969-12-31 23:59:59	Name: xGFajjParSn_dc Value: %7B%7D
connect.werally.com/	1969-12-31 23:59:59	Name: language Value: en
.werally.com/	1969-12-31 23:59:59	Name: x_rally_locale Value: en-US
.werally.com/	1969-12-31 23:59:59	Name: at_check Value: true
.demdex.net/	1970-01-20 22:54:56	Name: demdex Value: 25343294745949812882074484746734883256
.werally.com/	1969-12-31 23:59:59	Name: AMCVS_8E391C8B533058250A490D4D%40AdobeOrg Value: 1
.werally.com/	1970-01-20 20:45:20	Name: _gcl_au Value: 1.1.1790600501.1708544076
.werally.com/	1970-01-21 04:11:44	Name: mbox Value: session#5f3d6f86d10c430abd22252845013e8a#1708545937\|PC#5f3d6f86d10c430abd22252845013e8a.37_0#1771788877
.everesttech.net/	1970-01-21 03:21:20	Name: everest_g_v2 Value: g_surferid~ZdZQTAAAAFV0DAOJ
.doubleclick.net/	1970-01-21 03:57:20	Name: IDE Value: AHWqTUnPiqEbU7bEEgmJJmYfnstdDEuJo_0L1lDto7kG11ItyGJZJ8MRcCFV9gqivNo
.dpm.demdex.net/	1970-01-20 22:54:56	Name: dpm Value: 25343294745949812882074484746734883256
.werally.com/	1970-01-21 04:11:44	Name: AMCV_8E391C8B533058250A490D4D%40AdobeOrg Value: 179643557%7CMCIDTS%7C19775%7CMCMID%7C32252124606963287691379212530612162129%7CMCAAMLH-1709148876%7C6%7CMCAAMB-1709148876%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1708551276s%7CNONE%7CMCSYNCSOP%7C411-19782%7CvVersion%7C5.5.0
.demdex.net/	1970-01-20 22:54:56	Name: dextp Value: 771-1-1708544076427\|903-1-1708544076533\|285689-1-1708544076695
.werally.com/	1969-12-31 23:59:59	Name: s_ips Value: 1200
.werally.com/	1969-12-31 23:59:59	Name: s_tp Value: 1200
.werally.com/	1969-12-31 23:59:59	Name: s_ppv Value: uhc%253Amyuhc%253Apublic%253Afpc%253Apartnerlogin%2C100%2C100%2C1200%2C1%2C1
.werally.com/	1969-12-31 23:59:59	Name: s_cc Value: true
connect.werally.com/	1970-01-20 18:35:44	Name: _dd_s Value: logs=1&id=152292aa-8906-443a-a3e4-fc0034dd3ffd&created=1708544074036&expire=1708544974038&rum=1

37 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://connect.werally.com/scripts/rally_common.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://connect.werally.com/scripts/rally_common.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://connect.werally.com/scripts/rally_common.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
network	error	URL: https://accounts.werally.com/protected/account/v1/user Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://connect.werally.com/partner-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.werally.com/partner-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.werally.com/partner-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.werally.com/partner-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.werally.com/partner-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.werally.com/partner-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://connect.werally.com/partner-login Message: Refused to load the image 'https://www.google.de/pagead/1p-user-list/801669703/?random=1708544076440&cv=11&fst=1708542000000&bg=ffffff&guid=ON&async=1&gtm=45be42h0v886616604za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fconnect.werally.com%2Fpartner-login&frm=0&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_dcNOKBxX_nF7LyLFJpp6gve7kM2zUQ&random=2506492740&rmt_tld=1&ipr=y' because it violates the following Content Security Policy directive: "img-src data: blob: 'self' smetrics.optum.com .doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com .liveandworkwell.com .lpsnmedia.net .liveperson.net .myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com .uhc.com .myuhc.com cloudfront.stage.federateddataservices.com cloudfront.federateddataservices.com".
other	warning	URL: https://connect.werally.com/partner-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	URL: https://connect.werally.com/partner-login Message: Refused to load the image 'https://www.google.de/pagead/1p-user-list/801664645/?random=1708544076455&cv=11&fst=1708542000000&bg=ffffff&guid=ON&async=1&gtm=45be42h0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fconnect.werally.com%2Fpartner-login&frm=0&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_fxnAYQzcoSX08kMrHQgkFp0UxoeA8Q&random=479601082&rmt_tld=1&ipr=y' because it violates the following Content Security Policy directive: "img-src data: blob: 'self' smetrics.optum.com .doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com .liveandworkwell.com .lpsnmedia.net .liveperson.net .myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com .uhc.com .myuhc.com cloudfront.stage.federateddataservices.com cloudfront.federateddataservices.com".
other	warning	URL: https://connect.werally.com/partner-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.werally.com/partner-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.werally.com/partner-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.werally.com/partner-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.werally.com/partner-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.werally.com/partner-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.werally.com/partner-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.werally.com/partner-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.werally.com/partner-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.werally.com/partner-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.werally.com/partner-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.werally.com/partner-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.werally.com/partner-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.werally.com/partner-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.werally.com/partner-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.werally.com/partner-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.werally.com/partner-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.werally.com/partner-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.werally.com/partner-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.werally.com/partner-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.werally.com/partner-login Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://connect.werally.com/rest/tracking/v3/events Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://connect.werally.com/rest/tracking/v1/events Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=25343294745949812882074484746734883256 Message: Failed to load resource: net::ERR_CONNECTION_RESET

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	base-uri 'self'; default-src data: 'self'; font-src data: 'self' collect.iperceptions.com fonts.gstatic.com .rally-dev.com .werally.com .werally.in myoptum-stage.akamaized.net .optum.com .liveandworkwell.akamaized.net .prod-laww.akamaized.net .sr-smsc-stg-liveandworkwell.akamaized.net .sr-smsc-stg.liveandworkwell.com .lpsnmedia.net cloudfront.stage.federateddataservices.com cloudfront.federateddataservices.com ; script-src data: 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.werally.com https://.werally.in art.azureedge.net sd.iperceptions.com universal.iperceptions.com www.google-analytics.com www.googletagmanager.com www.googleadservices.com assets.adobedtm.com connect.facebook.net content.zeronaught.com ips-invite.iperceptions.com unitedhealthgroup.tt.omtrdc.net .qualtrics.com .doubleclick.net https://.qualtrics.com .liveandworkwell.com .lpsnmedia.net .liveperson.net .optum.com member.int.uhc.com member.uat.uhc.com member.uhc.com cloudfront.stage.federateddataservices.com cloudfront.federateddataservices.com cm.everesttech.net www.onelink-edge.com xapis.onelink-edge.com ; style-src 'self' 'unsafe-inline' .liveandworkwell.com .lpsnmedia.net cloudfront.stage.federateddataservices.com cloudfront.federateddataservices.com ; img-src data: blob: 'self' smetrics.optum.com .doubleclick.net s3.amazonaws.com dpm.demdex.net www.google.com www.google-analytics.com www.googletagmanager.com cm.eversttech.net cm.everesttech.net ips-img.iperceptions.com www.facebook.com rally-non-prod.s3.amazonaws.com rally-prod.s3.amazonaws.com https://.qualtrics.com carevergesurveyicons.s3.amazonaws.com rally-connect-fpc-prod.s3.amazonaws.com .liveandworkwell.com .lpsnmedia.net .liveperson.net .myoptum.com nextportal-dev.s3.amazonaws.com nextportal-prod.s3.amazonaws.com .uhc.com .myuhc.com cloudfront.stage.federateddataservices.com cloudfront.federateddataservices.com ; media-src data: 'self' .lpsnmedia.net .liveperson.net cloudfront.stage.federateddataservices.com cloudfront.federateddataservices.com ; child-src data: blob: myoptum.optum.com www.myoptum.com rallyhealth.com universal.iperceptions.com unitedhealthgroup.demdex.net collect.iperceptions.com .doubleclick.net .liveperson.net .lpsnmedia.net ; connect-src data: 'self' dpm.demdex.net .iperceptions.com .zeronaught.com api.mapbox.com events.mapbox.com .doubleclick.net www.google-analytics.com smetrics.optum.com .qualtrics.com .sendbird.com wss://.sendbird.com unitedhealthgroup.tt.omtrdc.net https://.qualtrics.com rum-http-intake.logs.datadoghq.com browser-http-intake.logs.datadoghq.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com .rally-dev.com .werally.com .werally.in .uhc.com .datadoghq.com .optum.com .liveandworkwell.com .sr-smsc-stg-liveandworkwell.akamaized.net .lpsnmedia.net .liveperson.net .msg.liveperson.net wss://.msg.liveperson.net www.onelink-edge.com xapis.onelink-edge.com ; frame-src https://.werally.in https://.werally.com https://.rally-dev.com https://.optum.com https://.uhc.com https://.myuhc.com https://.rallyhealth.com https://.iperceptions.com https://.doubleclick.net https://.lpsnmedia.net https://.liveperson.net https://unitedhealthgroup.demdex.net https://uhgenterprise.qualtrics.com https://uhg1.co1.qualtrics.com ; object-src data:; frame-ancestors 'self'; report-uri /rest/csp-reporter; report-to /rest/csp-reporter;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.werally.com
assets.adobedtm.com
cm.everesttech.net
cm.g.doubleclick.net
connect.werally.com
content.zeronaught.com
dpm.demdex.net
global.ib-ibi.com
googleads.g.doubleclick.net
lagoon-psx.uhc.com
maelstrom-dmz.uhc.com
match.adsrvr.org
rum.browser-intake-datadoghq.com
session-replay.browser-intake-datadoghq.com
siteintercept.qualtrics.com
smetrics.optum.com
unitedhealthgroup.demdex.net
unitedhealthgroup.tt.omtrdc.net
us.gimp.zeronaught.com
www.google.com
www.google.de
www.googletagmanager.com
zn0neqx1dggrrlv4y-uhgenterprise.siteintercept.qualtrics.com
global.ib-ibi.com
www.google.de
104.17.209.240
142.250.185.194
149.126.77.254
2001:4860:4802:34::15
2600:1f18:24e6:b900:6bb1:68d:d4e5:9954
2600:1f18:24e6:b901:5072:cd31:71ea:13bb
2600:9000:21c7:6e00:13:f7f9:9540:93a1
2600:9000:26db:ee00:1d:be51:5240:93a1
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2008
2a00:1450:4001:830::2004
2a02:26f0:480:79e::1e80
34.120.21.7
52.223.40.198
54.229.162.132
63.140.62.222
63.32.175.215
66.235.152.221
06c22afe4e76fa547796ee06bcd726e41450e086aeaba88bb4ab2fe5f7264355
126f606440010e087af3a31bda38db549c92e05c1ce1d631ce5fb27ba87220de
177e59388c471ade84aed4b33ab13d2006afcad7ca7611bfc8f6a334628be1d8
17ae3ae4c56e2cf933fa55219a4cfc50224a98f8bf953e1af98ffcd3f362fb65
1eec5d0bc72fba33ce753f6009a277e07041fb92d221ae5839bbc5e8fff1d0bb
2b78947fa9d9e3bd9f6ebfa804c3b049d7fe1f0a4cd614d1d7c87f53a60c01f2
2b897596894c8119f066103202c5c54ef445bc7f15c4c0379fa7724f78f6993c
2f381b4aec09916943b7d17fa2ce0f3d99c24035eb2edd1f3369663390d60f8a
37b3361fce71296482bdf2fe39089557f90e6037d7486f959ebe5bb980d26556
3cc71dbee28027aa344d5f5a344266125ad87ceedfe716303072aec89e3d008b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44e284135d6b537af01469a3082f541dbc064962264b883aaf9282504c628633
490f73ccaadf6bf9f121713e241e05fc959039104fdbca9c72780b2822296375
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
528c2ff0c35d20492e8e8cd79eb0b81f479e5f827f613cf693fc6cd7a4e21033
56032c4940c60d28fde373f46ffa13481b908a6a3edeecabddad239547755150
57fc9d0aaede8b47ac09fdc14bc3536e65cabe02fa3cfc0e89ac017383ba0df5
5e22dd01208e2054dbe87486afe1fa9926501724d6f0399a857c5673efbb66d7
5f3e342371d3d479550f5f98d28f75ecbf50d20dc6961d45fce78a2700e73de4
6372e5137036c329e4d954b2290bfd457f600334a8b2c1c980265a48ae105c82
6438504bff067c45eaf09441f9f5daaefd97caff542e57badcced52dce8c06cc
6c0a467a5d2d666c1489c19b0ce8f2cf4405a1b39b9f11605eccfbbcbdfaa2d7
6c789117a5f69b39293256e6899288c8317358589e20c6d08278223f948cd2cf
6d5181d1bb025f833c37756f4b828fbd8f80239706c317cf934b60c379c5701a
6e8563bcce5d4fe3f859e7ca10dc275c9cfa555770c8579ec07614d19206d0ae
72b006f8009bbf7bfe2b198a65eea0fc92348e8c0d4f6f68bbc5ebf6a8035d36
78621cbbe86b9bdb10ffc990a595522aa18b11ef26a7c59962f9f57fb587237a
79b2c83dc54748de9dabfc6f846c38808f4bc19fbf55a20ce37ab5cd10d491c6
79c8c2fc3d3d9f6cca0cda8a3447fa9b8e5107050814b83cd3f6413bf9f2ca66
7ac2d6bdf523ad458d86688c484e5256ac0207afbc1ed91926f571390dcc24cc
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d3abfb53004685619d1becad746d82a7fd902426dc15693a57b2e3490b7c04a
7f6e3fa384c10d6162acf09c753ccb535e95f4da8436507e069f1c4a67b62d6e
85e51ca98cc8034703ac4e90d1dc9a3789722afd3842ca39e240246d65fe059d
866e9a7c04271e8a1dac4ccb199e67fefbf63a9f8533e3012f3dc29814982f3b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
93bedc0adfe3f37ae0156fc936a5b15f2b769369ed30b469a9d872b684597732
940efd0e484c110b53e2118e1bcdcf8760f04df2d8032416dd63a461fc3e950a
95628adcfe863aefc1597ae458fc05ed60aea9e2c0ee93b0d2ffc5b52372bffa
9863e955ed039e7f56ae28ece3c54e5d029cd566154ac973365c2505880c2872
9d356ee389de59db1fbab4a45c7abe6b7bc3d3e9c9260e0fce55ebd2c3bd2e23
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a232d397087067853daa9a8df775d85b961dc3e9eb91211bb10e4bfb75c3e597
a3f5d1724895c28e70cc52b18acb7000813c1af906361cc394ea923bceeb3446
a9e528b01119ec2c6d8794ed99dbf598383d8e66e943fe70d08f3f929415f750
aa60d1373b6ec955a20f32f8dc323b70de10f11745e8d4ff84545c3f3444c96c
b51d0a1178453d5deda9c42db26ff1bac2d43c5e0e23492fb7397cc260d41610
bdf5b0d83262deb50cd6ba7fbade9a66d2697f1a4550d0725ec767ab6187a890
c880a458f855a4aa743cfff9ff13931bdd533197c92d978b6023cdf50d797fab
cf3457ce14f1b1b0dff10686d656a5d273db76f5dac4540d6a82592aeb74f192
db9a96f20a006d1a5db7a178722bb8077f7fa6b6353aa979acc7ee4ca81facb0
ddb9a25e5365d1fa5d45afb97d996aafbd1bf4500f3530ac418c00bcfa40eee3
e6faa5d096b976639b48150fc2cf06418c5c7cf7ba8c695ab2c37cdfe3ba322e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f91be55145c79eb8d5ab478198d56591c75bb2219aab9cbe2c7e587be71e146e
fc9bd8afa6e7086411af00d776bed0c44a68c7d6b335cb86d7b0d35cc8eeb4b3

connect.werally.com Open in urlscan Pro 149.126.77.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

64 Requests

89 %HTTPS

50 %IPv6

16 Domains

23 Subdomains

17 IPs

4 Countries

2900 kBTransfer

11648 kBSize

24 Cookies

7 Outgoing links

Page URL History

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

connect.werally.com Open in urlscan Pro
149.126.77.254 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

89 %
HTTPS

50 %
IPv6

16
Domains

23
Subdomains

17
IPs

4
Countries

2900 kB
Transfer

11648 kB
Size

24
Cookies

64 HTTP transactions
1 data transactions