member.werally.com Open in urlscan Pro
45.60.33.26 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://s2.bl-1.com/h/dqR2fzrs?url=http://rallyhealth.com/livewellth
Effective URL:
https://member.werally.com/content/register/optum/levi_strauss_and_co/standard
Submission: On July 13 via api (July 13th 2022, 1:30:39 am UTC) from US — Scanned from DE

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 28 HTTP transactions. The main IP is 45.60.33.26, located in United States and belongs to INCAPSULA, US. The main domain is member.werally.com. The Cisco Umbrella rank of the primary domain is 65293.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on August 5th 2021. Valid for: a year.

This is the only time member.werally.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	44.239.222.193 44.239.222.193	16509 (AMAZON-02) (AMAZON-02)
1 1	192.230.74.158 192.230.74.158	19551 (INCAPSULA) (INCAPSULA)
1 1	149.126.77.158 149.126.77.158	19551 (INCAPSULA) (INCAPSULA)
1 3	149.126.77.254 149.126.77.254	19551 (INCAPSULA) (INCAPSULA)
18	45.60.33.26 45.60.33.26	19551 (INCAPSULA) (INCAPSULA)
4	52.11.214.47 52.11.214.47	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:214... 2600:9000:214f:fa00:12:94b3:c380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:24e... 2600:1f18:24e6:b902:8b92:8c43:208f:d1f9	14618 (AMAZON-AES) (AMAZON-AES)
28	6

1 44.239.222.193 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-222-193.us-west-2.compute.amazonaws.com

s2.bl-1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.230.74.158 (United States) 1 redirects

ASN19551 (INCAPSULA, US)
PTR: 192.230.74.158.ip.incapdns.net

rallyhealth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.126.77.158 (Frankfurt am Main, Germany) 1 redirects

ASN19551 (INCAPSULA, US)
PTR: 149.126.77.158.ip.incapdns.net

www.rallyhealth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 149.126.77.254 (Frankfurt am Main, Germany) 1 redirects

ASN19551 (INCAPSULA, US)
PTR: 149.126.77.254.ip.incapdns.net

www.werally.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
accounts.werally.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 45.60.33.26 (United States)

ASN19551 (INCAPSULA, US)

member.werally.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.11.214.47 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-11-214-47.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:214f:fa00:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:24e6:b902:8b92:8c43:208f:d1f9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum-http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	werally.com 1 redirects www.werally.com — Cisco Umbrella Rank: 434142 member.werally.com — Cisco Umbrella Rank: 65293 accounts.werally.com — Cisco Umbrella Rank: 78267	425 KB
4	amplitude.com api.amplitude.com — Cisco Umbrella Rank: 1378	408 B
3	ctfassets.net images.ctfassets.net — Cisco Umbrella Rank: 4000	1 MB
2	rallyhealth.com 2 redirects rallyhealth.com — Cisco Umbrella Rank: 524608 www.rallyhealth.com — Cisco Umbrella Rank: 732042	553 B
1	datadoghq.com rum-http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 3601
1	bl-1.com 1 redirects s2.bl-1.com — Cisco Umbrella Rank: 17880	920 B
28	6

	Domain	Requested by
18	member.werally.com	member.werally.com
4	api.amplitude.com	member.werally.com
3	images.ctfassets.net	member.werally.com
2	accounts.werally.com	member.werally.com accounts.werally.com
1	rum-http-intake.logs.datadoghq.com	member.werally.com
1	www.werally.com	1 redirects
1	www.rallyhealth.com	1 redirects
1	rallyhealth.com	1 redirects
1	s2.bl-1.com	1 redirects
28	9

This site contains no links.

Subject Issuer	Validity	Valid
*.werally.com DigiCert TLS RSA SHA256 2020 CA1	`2021-08-05` - `2022-08-05`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2022-01-28` - `2023-02-28`	a year	crt.sh
images.ctfassets.net Amazon	`2022-02-17` - `2023-03-18`	a year	crt.sh
*.logs.datadoghq.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-26` - `2023-04-26`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://member.werally.com/content/register/optum/levi_strauss_and_co/standard
Frame ID: 14F0F1FDF83AC782127EABC5060E631E
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome to Rally!

Page URL History Show full URLs

https://s2.bl-1.com/h/dqR2fzrs?url=http://rallyhealth.com/livewellth HTTP 302
http://rallyhealth.com/livewellth HTTP 301
https://www.rallyhealth.com/livewellth HTTP 301
https://www.werally.com/partner/optum/levi_strauss_and_co/register HTTP 307
http://member.werally.com/content/register/optum/levi_strauss_and_co/standard HTTP 307
https://member.werally.com/content/register/optum/levi_strauss_and_co/standard Page URL

Detected technologies

Contentful (CMS) Expand

Overall confidence: 100%
Detected patterns

<[^>]+(?:https?:)?//(?:assets|downloads|images|videos)\.(?:ct?fassets\.net|contentful\.com)

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Page Statistics

28
Requests

100 %
HTTPS

25 %
IPv6

6
Domains

9
Subdomains

6
IPs

2
Countries

1532 kB
Transfer

3343 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s2.bl-1.com/h/dqR2fzrs?url=http://rallyhealth.com/livewellth HTTP 302
http://rallyhealth.com/livewellth HTTP 301
https://www.rallyhealth.com/livewellth HTTP 301
https://www.werally.com/partner/optum/levi_strauss_and_co/register HTTP 307
http://member.werally.com/content/register/optum/levi_strauss_and_co/standard HTTP 307
https://member.werally.com/content/register/optum/levi_strauss_and_co/standard Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request standard Show response
member.werally.com/content/register/optum/levi_strauss_and_co/
Redirect Chain

https://s2.bl-1.com/h/dqR2fzrs?url=http://rallyhealth.com/livewellth
http://rallyhealth.com/livewellth
https://www.rallyhealth.com/livewellth
https://www.werally.com/partner/optum/levi_strauss_and_co/register?
http://member.werally.com/content/register/optum/levi_strauss_and_co/standard
https://member.werally.com/content/register/optum/levi_strauss_and_co/standard

1 KB
2 KB

425ms
394ms

Document
text/html

45.60.33.26
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://member.werally.com/content/register/optum/levi_strauss_and_co/standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.26 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a945ae00c9c81f4e03eb1fbfe2465ee09ea7f91e97a2c910ee032b85cea61fee

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .qualtrics.com https://.werally.com; connect-src 'self' .amplitude.com .qualtrics.com wss://.sendbird.com https://.sendbird.com https://api.amplitude.com https://.werally.com https://.logs.datadoghq.com; child-src 'self'; img-src 'self' data: blob: https://* http://; style-src 'self' https://.werally.com 'unsafe-inline'; font-src 'self' https://fonts.gstatic.com https://.werally.com; form-action 'self' .qualtrics.com; media-src 'none'; manifest-src 'self'; object-src 'none'; frame-src .qualtrics.com https://.werally.com; worker-src 'self'; frame-ancestors 'self'; report-uri https://member.werally.com/rest/csp-reporter; report-to https://member.werally.com/rest/csp-reporter;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=60
content-encoding: gzip
content-security-policy: base-uri 'self'; default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.qualtrics.com https://*.werally.com; connect-src 'self' *.amplitude.com *.qualtrics.com wss://*.sendbird.com https://*.sendbird.com https://api.amplitude.com https://*.werally.com https://*.logs.datadoghq.com; child-src 'self'; img-src 'self' data: blob: https://* http://*; style-src 'self' https://*.werally.com 'unsafe-inline'; font-src 'self' https://fonts.gstatic.com https://*.werally.com; form-action 'self' *.qualtrics.com; media-src 'none'; manifest-src 'self'; object-src 'none'; frame-src *.qualtrics.com https://*.werally.com; worker-src 'self'; frame-ancestors 'self'; report-uri https://member.werally.com/rest/csp-reporter; report-to https://member.werally.com/rest/csp-reporter;
content-type: text/html
date: Wed, 13 Jul 2022 01:30:33 GMT
etag: W/"62c8303b-579"
last-modified: Fri, 08 Jul 2022 13:25:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-cdn: Imperva
x-frame-options: DENY
x-iinfo: 13-290815708-290815714 NNNN CT(94 192 0) RT(1657675832244 14) q(0 0 3 0) r(4 4) U12
x-xss-protection: 1; mode=block

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://member.werally.com/content/register/optum/levi_strauss_and_co/standard
Non-Authoritative-Reason: HSTS

GET
H2 200 808.93398c9138bc5095bae6.js Show response
member.werally.com/content/ 889 KB
284 KB 402ms
401ms Script
application/javascript 45.60.33.26
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://member.werally.com/content/808.93398c9138bc5095bae6.js

Requested by

Host: member.werally.com
URL: https://member.werally.com/content/register/optum/levi_strauss_and_co/standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.26 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

bc0f80a2ad5449efffe45cce409c22748efe46d26e527242e914c9d2c0f213cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member.werally.com/content/register/optum/levi_strauss_and_co/standard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 01:30:33 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 13:17:57 GMT
x-cdn: Imperva
etag: W/"62bc5105-de57e"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-iinfo: 13-290815708-290815802 2VNN RT(1657675832244 415) q(0 0 0 -1) r(0 4)
cache-control: max-age=60, public
content-length: 290590
expires: Wed, 13 Jul 2022 01:31:33 GMT

GET
H2 200 app.ccc9f525cb66d99f4c84.js Show response
member.werally.com/content/ 72 KB
23 KB 429ms
428ms Script
application/javascript 45.60.33.26
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://member.werally.com/content/app.ccc9f525cb66d99f4c84.js

Requested by

Host: member.werally.com
URL: https://member.werally.com/content/register/optum/levi_strauss_and_co/standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.26 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9f23024370af6ac7b46e7c65f475037bd019f59a3a9d7fd47762a69129893b84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member.werally.com/content/register/optum/levi_strauss_and_co/standard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 01:30:33 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 13:17:57 GMT
x-cdn: Imperva
etag: W/"62bc5105-121cb"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-iinfo: 13-290815708-290815806 2VNN RT(1657675832244 419) q(0 0 0 -1) r(0 4)
cache-control: max-age=60, public
content-length: 23674
expires: Wed, 13 Jul 2022 01:31:33 GMT

GET
H2 200 app.f0cf10887eb291605ba9.css
member.werally.com/content/ 111 KB
16 KB 435ms
435ms Stylesheet
text/css 45.60.33.26
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://member.werally.com/content/app.f0cf10887eb291605ba9.css

Requested by

Host: member.werally.com
URL: https://member.werally.com/content/register/optum/levi_strauss_and_co/standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.26 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

cc1c0151f022a3e37987b043eb411cb49c438f64f7a89a4dd237db3c6d0db5c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member.werally.com/content/register/optum/levi_strauss_and_co/standard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 01:30:33 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 13:17:57 GMT
x-cdn: Imperva
etag: W/"62bc5105-1ba9c"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
x-iinfo: 13-290815708-290815804 2VNN RT(1657675832244 417) q(0 0 0 -1) r(0 4)
cache-control: max-age=60, public
content-length: 16476
expires: Wed, 13 Jul 2022 01:31:33 GMT

GET
H2 200 _Incapsula_Resource Show response
member.werally.com/ 141 KB
20 KB 14ms
13ms Script
application/javascript 45.60.33.26
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://member.werally.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=194677330

Requested by

Host: member.werally.com
URL: https://member.werally.com/content/register/optum/levi_strauss_and_co/standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.26 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

759105a6be452cca59d3770db2708fc8be384bd9cea86e740236ba5e8e3a9afb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member.werally.com/content/register/optum/levi_strauss_and_co/standard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 20228
content-type: application/javascript

GET
H2 200 huginn Show response
accounts.werally.com/ 553 B
766 B 441ms
424ms Script
application/javascript 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.werally.com/huginn

Requested by

Host: member.werally.com
URL: https://member.werally.com/content/register/optum/levi_strauss_and_co/standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

7c23e33ab27bb75e8037057462389daa2898a811906b10945da1252ccbc27345

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 01:30:33 GMT
content-encoding: gzip
last-modified: Tue, 28 Jun 2022 16:58:32 GMT
x-cdn: Imperva
etag: W/"62bb3338-229"
vary: Accept-Encoding
content-type: application/javascript
x-iinfo: 6-9554083-9554133 NNNN CT(103 209 0) RT(1657675831527 901) q(0 0 3 0) r(4 4) U2
cache-control: no-store, max-age=0
strict-transport-security: max-age=31536000

GET
H2 200 _Incapsula_Resource
member.werally.com/ 1 B
36 B 7ms
7ms Image
text/plain 45.60.33.26
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://member.werally.com/_Incapsula_Resource?SWKMTFSR=1&e=0.5245864651536014

Requested by

Host: member.werally.com
URL: https://member.werally.com/content/register/optum/levi_strauss_and_co/standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.26 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member.werally.com/content/register/optum/levi_strauss_and_co/standard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 huginn-1.5.0.js Show response
accounts.werally.com/huginn/ 11 KB
4 KB 124ms
123ms Script
application/javascript 149.126.77.254
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.werally.com/huginn/huginn-1.5.0.js

Requested by

Host: accounts.werally.com
URL: https://accounts.werally.com/huginn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

149.126.77.254 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),

Reverse DNS

149.126.77.254.ip.incapdns.net

Software

Resource Hash

542f7a5b200e46d6c0352605c2f5db958931206f535d4ddf9e724c917437b41e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 01:30:32 GMT
content-encoding: gzip
last-modified: Tue, 28 Jun 2022 16:58:32 GMT
x-cdn: Imperva
etag: W/"62bb3338-2d6a"
strict-transport-security: max-age=31536000
content-type: application/javascript
x-iinfo: 6-9554083-9554142 2VNN RT(1657675831527 1328) q(0 0 0 -1) r(0 1)
cache-control: max-age=1209600, public, must-revalidate
content-length: 4249
expires: Wed, 27 Jul 2022 01:30:32 GMT

GET
H2 200 chatter-box.esm.js Show response
member.werally.com/chat/chatter-box/ 3 KB
1 KB 410ms
410ms Script
application/javascript 45.60.33.26
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://member.werally.com/chat/chatter-box/chatter-box.esm.js

Requested by

Host: member.werally.com
URL: https://member.werally.com/content/app.ccc9f525cb66d99f4c84.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.26 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c7604da05fbbde54e7093acec619fc02497b4ef6b7bc16b30d2e980eb23d11fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://member.werally.com/content/register/optum/levi_strauss_and_co/standard
Origin: https://member.werally.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 01:30:33 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 18:56:25 GMT
x-cdn: Imperva
etag: W/"62586e59-bf0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
x-iinfo: 13-290815708-290815804 2VNN RT(1657675832244 952) q(0 0 0 -1) r(4 4)
content-length: 1143

GET
H2 200 448.ae14135663c9ffe879e0.js Show response
member.werally.com/content/ 582 B
516 B 396ms
396ms Script
application/javascript 45.60.33.26
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://member.werally.com/content/448.ae14135663c9ffe879e0.js

Requested by

Host: member.werally.com
URL: https://member.werally.com/content/app.ccc9f525cb66d99f4c84.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.26 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

930990b50101b40474c64b719e4f4ddc366aa9e51e9ef4e3fcce2222fd1d82f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member.werally.com/content/register/optum/levi_strauss_and_co/standard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 01:30:33 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 13:17:57 GMT
x-cdn: Imperva
etag: W/"62bc5105-246"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-iinfo: 13-290815708-290815806 2VNN RT(1657675832244 961) q(0 0 0 -1) r(3 3)
cache-control: max-age=60, public
content-length: 358
expires: Wed, 13 Jul 2022 01:31:33 GMT

GET
H2 200 296.901b66f02d907d57cfaa.js Show response
member.werally.com/content/ 998 B
709 B 418ms
417ms Script
application/javascript 45.60.33.26
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://member.werally.com/content/296.901b66f02d907d57cfaa.js

Requested by

Host: member.werally.com
URL: https://member.werally.com/content/app.ccc9f525cb66d99f4c84.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.26 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5d9c95ed391abb07b6edba729a3630f84d18b3f3786626016794fcc855c5c383

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member.werally.com/content/register/optum/levi_strauss_and_co/standard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 01:30:33 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 13:17:57 GMT
x-cdn: Imperva
etag: W/"62bc5105-3e6"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-iinfo: 13-290815708-290815802 2VNN RT(1657675832244 965) q(0 0 0 -1) r(4 4)
cache-control: max-age=60, public
content-length: 551
expires: Wed, 13 Jul 2022 01:31:33 GMT

GET
H2 200 p-074969b7.js Show response
member.werally.com/chat/chatter-box/ 12 KB
6 KB 428ms
428ms Script
application/javascript 45.60.33.26
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://member.werally.com/chat/chatter-box/p-074969b7.js

Requested by

Host: member.werally.com
URL: https://member.werally.com/content/register/optum/levi_strauss_and_co/standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.26 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4dcb69b9882ad3a3e5f898c94ac0382a69af28b1fab8a4b5b62bdfaa87629632

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://member.werally.com/chat/chatter-box/chatter-box.esm.js
Origin: https://member.werally.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 01:30:34 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 18:56:25 GMT
x-cdn: Imperva
etag: W/"62586e59-30f9"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
x-iinfo: 13-290815708-290815645 2VNN RT(1657675832244 1365) q(0 0 0 -1) r(4 4)
content-length: 5787

GET
H2 200 p-1dd0c357.js Show response
member.werally.com/chat/chatter-box/ 1 KB
870 B 415ms
415ms Script
application/javascript 45.60.33.26
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://member.werally.com/chat/chatter-box/p-1dd0c357.js

Requested by

Host: member.werally.com
URL: https://member.werally.com/content/register/optum/levi_strauss_and_co/standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.26 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

48fc8ee37833527dc694155e28e03707c6c07cf553124fd71dceedc29ace166c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://member.werally.com/chat/chatter-box/chatter-box.esm.js
Origin: https://member.werally.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 01:30:34 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 18:56:25 GMT
x-cdn: Imperva
etag: W/"62586e59-4e9"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
x-iinfo: 13-290815708-290816007 2VNN RT(1657675832244 1367) q(0 0 0 -1) r(0 4)
content-length: 767

OPTIONS
H2 200 /
api.amplitude.com/ 0
0 517ms
168ms Preflight 52.11.214.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.214.47 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-214-47.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: cross-origin-resource-policy
Access-Control-Request-Method: POST
Origin: https://member.werally.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: cross-origin-resource-policy
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Wed, 13 Jul 2022 01:30:34 GMT
strict-transport-security: max-age=15768000

POST
H2 200 / Show response
api.amplitude.com/ 7 B
204 B 174ms
174ms XHR
text/html 52.11.214.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: member.werally.com
URL: https://member.werally.com/content/808.93398c9138bc5095bae6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.214.47 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-214-47.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://member.werally.com/
Cross-Origin-Resource-Policy: cross-origin
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 13 Jul 2022 01:30:34 GMT
trace-id: Root=1-62ce203a-091fd8d8496aa24361b2ebb6
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
H2 200 categories Show response
member.werally.com/rest/content/external/public/v1/articles/ 871 B
479 B 125ms
125ms XHR
application/json 45.60.33.26
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://member.werally.com/rest/content/external/public/v1/articles/categories

Requested by

Host: member.werally.com
URL: https://member.werally.com/content/808.93398c9138bc5095bae6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.26 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

cb3417d43ba7fbe73072af83e85afcdaf4e0cc33a305899579e3d11e1f52aa13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Pragma: no-cache
Accept: application/json, text/plain, */*
Referer: https://member.werally.com/content/register/optum/levi_strauss_and_co/standard
X-Rally-Locale: en-US
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-rally-correlationid: nVqn6frBZpDPxV-ichabod
date: Wed, 13 Jul 2022 01:30:34 GMT
content-encoding: gzip
x-cdn: Imperva
vary: Accept-Encoding, Origin
content-type: application/json
x-iinfo: 13-290815708-290815714 PNNN RT(1657675832244 1422) q(0 0 0 -1) r(1 1) U9
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 793.28dce52f17e15bf7e618.js Show response
member.werally.com/content/ 29 KB
8 KB 110ms
109ms Script
application/javascript 45.60.33.26
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://member.werally.com/content/793.28dce52f17e15bf7e618.js

Requested by

Host: member.werally.com
URL: https://member.werally.com/content/app.ccc9f525cb66d99f4c84.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.26 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a8669e09050628375b1c233e6db515d492295fa8b0359a92fa063747f408857c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member.werally.com/content/register/optum/levi_strauss_and_co/standard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 01:30:33 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 13:17:57 GMT
x-cdn: Imperva
etag: W/"62bc5105-7346"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-iinfo: 13-290815708-290815802 2VNN RT(1657675832244 1429) q(0 0 0 -1) r(1 1)
cache-control: max-age=60, public
content-length: 8001
expires: Wed, 13 Jul 2022 01:31:33 GMT

GET
H2 200 standard Show response
member.werally.com/rest/content/external/public/v1/register/partner/optum/levi_strauss_and_co/ 2 KB
937 B 536ms
536ms XHR
application/json 45.60.33.26
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://member.werally.com/rest/content/external/public/v1/register/partner/optum/levi_strauss_and_co/standard?redirect=https://member.werally.com/home

Requested by

Host: member.werally.com
URL: https://member.werally.com/content/808.93398c9138bc5095bae6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.26 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

892828f55edf378bce21aab4c26aeddbf3cbcd3262786bf4847573140237dcbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Pragma: no-cache
Accept: application/json, text/plain, */*
Referer: https://member.werally.com/content/register/optum/levi_strauss_and_co/standard
X-Rally-Locale: en-US
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-rally-correlationid: 8fXC7Ty3xMMdUP-ichabod
date: Wed, 13 Jul 2022 01:30:34 GMT
content-encoding: gzip
x-cdn: Imperva
vary: Accept-Encoding, Origin
content-type: application/json
x-iinfo: 13-290815708-290816028 NNNN CT(103 209 0) RT(1657675832244 1430) q(0 0 3 -1) r(6 6) U9
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 978.7be9f4d9439e4449e45f.js Show response
member.werally.com/content/ 16 KB
6 KB 421ms
420ms Script
application/javascript 45.60.33.26
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://member.werally.com/content/978.7be9f4d9439e4449e45f.js

Requested by

Host: member.werally.com
URL: https://member.werally.com/content/app.ccc9f525cb66d99f4c84.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.26 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

90ed8090d261c69f711a8619e3adf55166275876ccdd856115f1cf3ecacc99b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member.werally.com/content/register/optum/levi_strauss_and_co/standard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 01:30:34 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 13:17:57 GMT
x-cdn: Imperva
etag: W/"62bc5105-3ecd"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-iinfo: 13-290815708-290816058 2VNN RT(1657675832244 1547) q(0 0 0 -1) r(0 5)
cache-control: max-age=60, public
content-length: 5859
expires: Wed, 13 Jul 2022 01:31:34 GMT

GET
H2 200 931.383a2246efdc9bfa11e1.js Show response
member.werally.com/content/ 95 KB
10 KB 397ms
397ms Script
application/javascript 45.60.33.26
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://member.werally.com/content/931.383a2246efdc9bfa11e1.js

Requested by

Host: member.werally.com
URL: https://member.werally.com/content/app.ccc9f525cb66d99f4c84.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.26 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

45be64fe3622712827c485f956d3910e8e9d7feae2dc6133f7d207db44f3faab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member.werally.com/content/register/optum/levi_strauss_and_co/standard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 01:30:34 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 13:17:57 GMT
x-cdn: Imperva
etag: W/"62bc5105-17c82"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-iinfo: 13-290815708-290816060 2VNN RT(1657675832244 1549) q(0 0 0 -1) r(0 4)
cache-control: max-age=60, public
content-length: 10174
expires: Wed, 13 Jul 2022 01:31:34 GMT

GET
H2 200 892.67b8dd456f9e8589f4f9.js Show response
member.werally.com/content/ 338 KB
30 KB 108ms
108ms Script
application/javascript 45.60.33.26
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://member.werally.com/content/892.67b8dd456f9e8589f4f9.js

Requested by

Host: member.werally.com
URL: https://member.werally.com/content/app.ccc9f525cb66d99f4c84.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.26 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9d5c2910b284298430a82f0d382b68dc4a2814c3dd6cb7bcf7621e6c165081f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member.werally.com/content/register/optum/levi_strauss_and_co/standard
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 01:30:33 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 13:17:57 GMT
x-cdn: Imperva
etag: W/"62bc5105-54834"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
x-iinfo: 13-290815708-290815802 2VNN RT(1657675832244 1550) q(0 0 0 -1) r(1 1)
cache-control: max-age=60, public
content-length: 30457
expires: Wed, 13 Jul 2022 01:31:33 GMT

GET
H2 200 register_illustration.svg
images.ctfassets.net/na5s3bnn11at/2oCvrxpbJpz7FK1VrT9Anu/bde41ada12917f007d24e8e207d0326e/ 12 KB
4 KB 45ms
26ms Image
image/svg+xml 2600:9000:214f:fa00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/na5s3bnn11at/2oCvrxpbJpz7FK1VrT9Anu/bde41ada12917f007d24e8e207d0326e/register_illustration.svg
Requested by: Host: member.werally.com
URL: https://member.werally.com/content/register/optum/levi_strauss_and_co/standard
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:fa00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: c38ec074f06b85fe85bfee0b6c6bd37b87d0de82fe12da129caa27fd9c98fb68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 01:30:15 GMT
content-encoding: gzip
last-modified: Thu, 17 Dec 2020 14:35:18 GMT
server: Contentful Images API
age: 13567
etag: W/"db5a0bb7d31edee0a65e5ff4dea8d44d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: Wc4ljEU45l2-Qcwiaq0bf186oSfnnPUIkj-GfDIUbGcTRm7T6rwWjA==
via: 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)

GET
H2 200 login_illustration.svg
images.ctfassets.net/na5s3bnn11at/69trCIC7aQQBjWvGKydXtf/79d8e5fded9ed0168793170c35f3388b/ 2 MB
1 MB 27ms
8ms Image
image/svg+xml 2600:9000:214f:fa00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/na5s3bnn11at/69trCIC7aQQBjWvGKydXtf/79d8e5fded9ed0168793170c35f3388b/login_illustration.svg
Requested by: Host: member.werally.com
URL: https://member.werally.com/content/register/optum/levi_strauss_and_co/standard
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:fa00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 3502efb09f3f5d5bc094156299015b6d35efdfee1b77967add97c2b6b5f48236

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 01:30:15 GMT
content-encoding: gzip
last-modified: Thu, 17 Dec 2020 14:33:19 GMT
server: Contentful Images API
age: 13567
etag: W/"158b9aa9d6b08bffac5a3e61a391658e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 8A1ttkBFy14t45TECyyF_rji82Bw7WKi8GMawElYlIxUUyhSlcw7yQ==
via: 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)

GET
H2 200 Levis_-_Logo.png
images.ctfassets.net/na5s3bnn11at/1wxPXNTUr4D7ErCDdrdE9g/cf1eb5e25c994753364e374193612046/ 7 KB
8 KB 50ms
31ms Image
image/png 2600:9000:214f:fa00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/na5s3bnn11at/1wxPXNTUr4D7ErCDdrdE9g/cf1eb5e25c994753364e374193612046/Levis_-_Logo.png?fit=pad&h=110&w=190&f=top
Requested by: Host: member.werally.com
URL: https://member.werally.com/content/register/optum/levi_strauss_and_co/standard
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:fa00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 4ee83184a9f2fcdb071d84f1202b3e27f69497cff52fad9c5098628befb7dfcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member.werally.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 01:29:56 GMT
via: 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 18:24:56 GMT
server: Contentful Images API
age: 38
etag: "ed90e388271684ae93ec0f689b19c167"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
content-length: 7316
x-amz-cf-id: _wooMp3UUTYoBJPH3YbpOVEqXz69eoSdS_XxF_hibZAZ_oFI0HuAHw==

GET
H2 200 3d4a3e999c927c07c9d5ea584746a787.png
member.werally.com/content/assets/ 10 KB
10 KB 440ms
440ms Image
image/png 45.60.33.26
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://member.werally.com/content/assets/3d4a3e999c927c07c9d5ea584746a787.png

Requested by

Host: member.werally.com
URL: https://member.werally.com/content/app.f0cf10887eb291605ba9.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.26 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

344ee2d9a80ab079705b25ba1ce1bdd54f38ea7b531b70d3d019131b1afb0fb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://member.werally.com/content/app.f0cf10887eb291605ba9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 01:30:34 GMT
last-modified: Wed, 29 Jun 2022 13:17:57 GMT
x-cdn: Imperva
etag: "62bc5105-26ff"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/png
x-iinfo: 13-290815708-290816146 2VNN RT(1657675832244 1978) q(0 0 0 -1) r(0 4)
cache-control: max-age=60, public
content-length: 9983
expires: Wed, 13 Jul 2022 01:31:34 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3120767ef09ca3deb243099e528a8b19de4fef6fc1d3bfe90dfdf058335e277e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

POST
H2 200 pub9b13925b0e9566b9f526af9b8034241e
rum-http-intake.logs.datadoghq.com/v1/input/ 0
0 496ms
271ms Ping
application/json 2600:1f18:24e6:b902:8b92:8c43:208f:d1f9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pub9b13925b0e9566b9f526af9b8034241e?ddsource=browser&ddtags=sdk_version%3A3.6.12%2Cenv%3Aprod%2Cservice%3Anavigation-ichabod-ui%2Cversion%3A2022.6.29-31f9a16&batch_time=1657675834874
Requested by: Host: member.werally.com
URL: https://member.werally.com/content/808.93398c9138bc5095bae6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b902:8b92:8c43:208f:d1f9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://member.werally.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 / Show response
api.amplitude.com/ 7 B
204 B 274ms
273ms XHR
text/html 52.11.214.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: member.werally.com
URL: https://member.werally.com/content/808.93398c9138bc5095bae6.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.214.47 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-214-47.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://member.werally.com/
Cross-Origin-Resource-Policy: cross-origin
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 13 Jul 2022 01:30:35 GMT
trace-id: Root=1-62ce203b-64cd782311ac352172320247
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

OPTIONS
H2 200 /
api.amplitude.com/ 0
0 168ms
168ms Preflight 52.11.214.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.214.47 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-214-47.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: cross-origin-resource-policy
Access-Control-Request-Method: POST
Origin: https://member.werally.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: cross-origin-resource-policy
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Wed, 13 Jul 2022 01:30:34 GMT
strict-transport-security: max-age=15768000

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
s2.bl-1.com/	1970-01-20 13:13:31	Name: f7bd4d4b8c98a805fa4ea6f99c7461f2 Value: 624d4fb0-024b-11ed-8263-5778938c82fc
.rallyhealth.com/	1970-01-20 13:13:20	Name: visid_incap_661021 Value: gKFFx0BkRq2wxbhbo+zJ4iMgzmIAAAAAQUIPAAAAAAB3zQdOxhkS0d0oHkQMrwtf
.rallyhealth.com/	1969-12-31 23:59:59	Name: incap_ses_878_661021 Value: L03DWzJA+Rn57/GWuEgvDDggzmIAAAAAc7rxvtbIa+4tkTUcBWe9cg==
www.werally.com/	1970-01-20 13:13:20	Name: visid_incap_675552 Value: 4nBMSZ72QKK//unPDBhRQiMgzmIAAAAAQUIPAAAAAACyuBD0GP2Om1I29kbj+xmz
www.werally.com/	1969-12-31 23:59:59	Name: incap_ses_727_675552 Value: HdFOOe0aKglkHEPqT9MWCjcgzmIAAAAAW8z78Bi9Ezof1Mi9woNNcA==
member.werally.com/	1970-01-20 13:13:20	Name: visid_incap_2272812 Value: C8wkfhWTTDqgEN2aEq6mNDggzmIAAAAAQUIPAAAAAADBNlZXXCFcIeSMklrtWW0B
member.werally.com/	1969-12-31 23:59:59	Name: incap_ses_8077_2272812 Value: lvu2K0DoWBJm24pNMEUXcDggzmIAAAAA1ylHcVN5V/4eAxmOLiOhbQ==
accounts.werally.com/	1970-01-20 13:13:20	Name: visid_incap_676022 Value: P3CGqy++SdGEd0HlrZHZ4DggzmIAAAAAQUIPAAAAAABP4UbhABjMfswIleurOIsN
accounts.werally.com/	1969-12-31 23:59:59	Name: incap_ses_727_676022 Value: PBVGY7K7FhcyJ0PqT9MWCjggzmIAAAAA8iUxFigIz/haL+iKVgg06g==
member.werally.com/	1970-01-20 04:27:56	Name: _dd_s Value: rum=1&id=929ba9b1-5a5d-44d0-9d52-68d1b7023906&created=1657675833765&expire=1657676733784&logs=1
.werally.com/	1970-01-20 13:13:31	Name: amp_d10eaa Value: CHN4NKL5Bog_znhXZJsz1d...1g7qiror3.1g7qirorm.1.1.2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	base-uri 'self'; default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' .qualtrics.com https://.werally.com; connect-src 'self' .amplitude.com .qualtrics.com wss://.sendbird.com https://.sendbird.com https://api.amplitude.com https://.werally.com https://.logs.datadoghq.com; child-src 'self'; img-src 'self' data: blob: https://* http://; style-src 'self' https://.werally.com 'unsafe-inline'; font-src 'self' https://fonts.gstatic.com https://.werally.com; form-action 'self' .qualtrics.com; media-src 'none'; manifest-src 'self'; object-src 'none'; frame-src .qualtrics.com https://.werally.com; worker-src 'self'; frame-ancestors 'self'; report-uri https://member.werally.com/rest/csp-reporter; report-to https://member.werally.com/rest/csp-reporter;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.werally.com
api.amplitude.com
images.ctfassets.net
member.werally.com
rallyhealth.com
rum-http-intake.logs.datadoghq.com
s2.bl-1.com
www.rallyhealth.com
www.werally.com
149.126.77.158
149.126.77.254
192.230.74.158
2600:1f18:24e6:b902:8b92:8c43:208f:d1f9
2600:9000:214f:fa00:12:94b3:c380:93a1
44.239.222.193
45.60.33.26
52.11.214.47
3120767ef09ca3deb243099e528a8b19de4fef6fc1d3bfe90dfdf058335e277e
344ee2d9a80ab079705b25ba1ce1bdd54f38ea7b531b70d3d019131b1afb0fb2
3502efb09f3f5d5bc094156299015b6d35efdfee1b77967add97c2b6b5f48236
45be64fe3622712827c485f956d3910e8e9d7feae2dc6133f7d207db44f3faab
48fc8ee37833527dc694155e28e03707c6c07cf553124fd71dceedc29ace166c
4dcb69b9882ad3a3e5f898c94ac0382a69af28b1fab8a4b5b62bdfaa87629632
4ee83184a9f2fcdb071d84f1202b3e27f69497cff52fad9c5098628befb7dfcf
542f7a5b200e46d6c0352605c2f5db958931206f535d4ddf9e724c917437b41e
5d9c95ed391abb07b6edba729a3630f84d18b3f3786626016794fcc855c5c383
759105a6be452cca59d3770db2708fc8be384bd9cea86e740236ba5e8e3a9afb
7c23e33ab27bb75e8037057462389daa2898a811906b10945da1252ccbc27345
892828f55edf378bce21aab4c26aeddbf3cbcd3262786bf4847573140237dcbe
90ed8090d261c69f711a8619e3adf55166275876ccdd856115f1cf3ecacc99b9
930990b50101b40474c64b719e4f4ddc366aa9e51e9ef4e3fcce2222fd1d82f5
9d5c2910b284298430a82f0d382b68dc4a2814c3dd6cb7bcf7621e6c165081f2
9f23024370af6ac7b46e7c65f475037bd019f59a3a9d7fd47762a69129893b84
a8669e09050628375b1c233e6db515d492295fa8b0359a92fa063747f408857c
a945ae00c9c81f4e03eb1fbfe2465ee09ea7f91e97a2c910ee032b85cea61fee
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
bc0f80a2ad5449efffe45cce409c22748efe46d26e527242e914c9d2c0f213cc
c38ec074f06b85fe85bfee0b6c6bd37b87d0de82fe12da129caa27fd9c98fb68
c7604da05fbbde54e7093acec619fc02497b4ef6b7bc16b30d2e980eb23d11fa
cb3417d43ba7fbe73072af83e85afcdaf4e0cc33a305899579e3d11e1f52aa13
cc1c0151f022a3e37987b043eb411cb49c438f64f7a89a4dd237db3c6d0db5c3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

member.werally.com Open in urlscan Pro 45.60.33.26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

100 %HTTPS

25 %IPv6

6 Domains

9 Subdomains

6 IPs

2 Countries

1532 kBTransfer

3343 kBSize

11 Cookies

0 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

member.werally.com Open in urlscan Pro
45.60.33.26 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

100 %
HTTPS

25 %
IPv6

6
Domains

9
Subdomains

6
IPs

2
Countries

1532 kB
Transfer

3343 kB
Size

11
Cookies

28 HTTP transactions
1 data transactions