Submitted URL: https://click.email.werally.com/?qs=eb2bb7650aafa9b2b52eb8d417a2dbf11e5626a6f1bd078ca6e4f4a52c5b58dc5dd4d33c6565e592a3fe3d663947...
Effective URL: https://accounts.werally.com/lo?redirect=https://rewards.werally.com/details/marketplace/96dc2d11-c232-4a6b-b5a8-d83452decae7...
Submission: On May 07 via manual from US

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 46 HTTP transactions. The main IP is 149.126.77.254, located in Frankfurt, Germany and belongs to INCAPSULA - Incapsula Inc, US. The main domain is accounts.werally.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on June 20th 2018. Valid for: 2 years.
This is the only time accounts.werally.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.111.100.11 22606 (EXACT-7)
1 1 2600:9000:204... 16509 (AMAZON-02)
5 143.204.214.17 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
19 149.126.77.254 19551 (INCAPSULA)
4 2a00:1450:400... 15169 (GOOGLE)
10 91.235.132.103 30286 (THM)
1 192.225.158.3 30286 (THM)
46 7
Domain Requested by
15 accounts.werally.com rewards.werally.com
accounts.werally.com
10 assets.werally.co accounts.werally.com
assets.werally.co
5 rewards.werally.com rewards.werally.com
4 www.google-analytics.com accounts.werally.com
4 www.werally.com rewards.werally.com
1 aq64275o-d3e42c66c5e5c4ccf1f080c8a21429540778cb2a-am1.d.aa.online-metrix.net
1 ssl.google-analytics.com rewards.werally.com
1 rally125.app.link 1 redirects
1 click.email.werally.com 1 redirects
0 stats.g.doubleclick.net Failed
46 10

This site contains links to these domains. Also see Links.

Domain
helpcenter.werally.com
www.rallyhealth.com
www.werally.com
Subject Issuer Validity Valid
*.werally.com
DigiCert SHA2 Secure Server CA
2018-06-19 -
2020-09-06
2 years crt.sh
*.google-analytics.com
Google Internet Authority G3
2019-04-16 -
2019-07-09
3 months crt.sh
www.werally.com
DigiCert SHA2 Extended Validation Server CA
2018-06-14 -
2020-07-15
2 years crt.sh
assets.werally.co
DigiCert SHA2 Secure Server CA
2018-05-24 -
2020-05-28
2 years crt.sh
*.d.aa.online-metrix.net
Thawte TLS RSA CA G1
2018-01-26 -
2020-05-09
2 years crt.sh

This page contains 4 frames:

Primary Page: https://accounts.werally.com/lo?redirect=https://rewards.werally.com/details/marketplace/96dc2d11-c232-4a6b-b5a8-d83452decae7/?utm_source=Rally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_match_id=654307059888938888
Frame ID: F6A22CE7CDF175D57798092E5B44FE0D
Requests: 45 HTTP requests in this frame

Frame: https://assets.werally.co/fp/check.js;CIS3SID=F472EDF8B227EE7311C8F66FDF0A443F?org_id=aq64275o&session_id=bbf5cecf-f36d-4965-a8af-dfdc8bb7ea3b&nonce=628c985e379893cf
Frame ID: 8CCDE1AB658E13E0F83B5B4013AD3C56
Requests: 8 HTTP requests in this frame

Frame: https://assets.werally.co/fp/ls_fp.html;CIS3SID=F472EDF8B227EE7311C8F66FDF0A443F?org_id=aq64275o&session_id=bbf5cecf-f36d-4965-a8af-dfdc8bb7ea3b&nonce=628c985e379893cf
Frame ID: 263BF981D5E4C2F3DDA16607EAB4481A
Requests: 1 HTTP requests in this frame

Frame: https://assets.werally.co/fp/top_fp.html;CIS3SID=F472EDF8B227EE7311C8F66FDF0A443F?org_id=aq64275o&session_id=bbf5cecf-f36d-4965-a8af-dfdc8bb7ea3b&nonce=628c985e379893cf
Frame ID: 465400E88C83045AE9FB88460F378B3E
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://click.email.werally.com/?qs=eb2bb7650aafa9b2b52eb8d417a2dbf11e5626a6f1bd078ca6e4f4a52c5b58dc5dd4d33c... HTTP 302
    https://rally125.app.link/dEAlGRZsWV HTTP 307
    https://rewards.werally.com/details/marketplace/96dc2d11-c232-4a6b-b5a8-d83452decae7/?utm_source=Rally&u... Page URL
  2. https://accounts.werally.com/lo?redirect=https://rewards.werally.com/details/marketplace/96dc2d11-c232-4a... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • env /^angular$/i

Overall confidence: 100%
Detected patterns
  • headers server /AmazonS3/i

Overall confidence: 100%
Detected patterns
  • env /^gaGlobal$/i

Overall confidence: 100%
Detected patterns
  • env /^webpackJsonp$/i

Page Statistics

46
Requests

87 %
HTTPS

38 %
IPv6

6
Domains

10
Subdomains

7
IPs

4
Countries

960 kB
Transfer

2645 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.email.werally.com/?qs=eb2bb7650aafa9b2b52eb8d417a2dbf11e5626a6f1bd078ca6e4f4a52c5b58dc5dd4d33c6565e592a3fe3d663947ea68324ed4952e343b52 HTTP 302
    https://rally125.app.link/dEAlGRZsWV HTTP 307
    https://rewards.werally.com/details/marketplace/96dc2d11-c232-4a6b-b5a8-d83452decae7/?utm_source=Rally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_match_id=654307059888938888 Page URL
  2. https://accounts.werally.com/lo?redirect=https://rewards.werally.com/details/marketplace/96dc2d11-c232-4a6b-b5a8-d83452decae7/?utm_source=Rally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_match_id=654307059888938888 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://click.email.werally.com/?qs=eb2bb7650aafa9b2b52eb8d417a2dbf11e5626a6f1bd078ca6e4f4a52c5b58dc5dd4d33c6565e592a3fe3d663947ea68324ed4952e343b52 HTTP 302
  • https://rally125.app.link/dEAlGRZsWV HTTP 307
  • https://rewards.werally.com/details/marketplace/96dc2d11-c232-4a6b-b5a8-d83452decae7/?utm_source=Rally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_match_id=654307059888938888

46 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
rewards.werally.com/details/marketplace/96dc2d11-c232-4a6b-b5a8-d83452decae7/
Redirect Chain
  • https://click.email.werally.com/?qs=eb2bb7650aafa9b2b52eb8d417a2dbf11e5626a6f1bd078ca6e4f4a52c5b58dc5dd4d33c6565e592a3fe3d663947ea68324ed4952e343b52
  • https://rally125.app.link/dEAlGRZsWV
  • https://rewards.werally.com/details/marketplace/96dc2d11-c232-4a6b-b5a8-d83452decae7/?utm_source=Rally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_...
4 KB
2 KB
Document
General
Full URL
https://rewards.werally.com/details/marketplace/96dc2d11-c232-4a6b-b5a8-d83452decae7/?utm_source=Rally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_match_id=654307059888938888
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.17 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-214-17.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0f40e4b0ae39a578e89d04a64bb64137f4330b2ba12c7b3ca89719c62f9cb213

Request headers

Host
rewards.werally.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=60
Last-Modified
Wed, 24 Apr 2019 18:09:23 GMT
x-amz-error-code
NoSuchKey
x-amz-error-message
The specified key does not exist.
x-amz-error-detail-Key
details/marketplace/96dc2d11-c232-4a6b-b5a8-d83452decae7/index.html
Date
Tue, 07 May 2019 13:53:06 GMT
Server
AmazonS3
Content-Encoding
gzip
Vary
Accept-Encoding
X-Cache
Error from cloudfront
Via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
X-Amz-Cf-Id
nraunonR9oxlKdQ87fCH9eFz_mzLmC-dVhAWgdDRvHv5XGaxcbEShQ==

Redirect headers

Content-Length
0
Connection
keep-alive
Server
openresty/1.13.6.2
Date
Tue, 07 May 2019 13:53:06 GMT
X-Powered-By
Express
Set-Cookie
_s=XBZXdZtx71qRhn4wzchjP0POGBnVu25FWzchcMsKzXYi%2B4GnW2fMS0cyxYEugAws; Max-Age=31536000; Domain=.app.link; Path=/; Expires=Wed, 06 May 2020 13:53:06 GMT
Last-Modified
Tue, 07 May 2019 13:53:06 GMT
Location
https://rewards.werally.com/details/marketplace/96dc2d11-c232-4a6b-b5a8-d83452decae7/?utm_source=Rally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_match_id=654307059888938888
X-Cache
Miss from cloudfront
Via
1.1 1015c68f2d8c45924ae7198c984dcdde.cloudfront.net (CloudFront)
X-Amz-Cf-Id
injc7RCxyuZF_mdZHQ3i1mAmbY8je-B8fX94LfwSWJWG_mhHvqx1GQ==
polyfills.216487110ca53a84ea5a.js
rewards.werally.com/scripts/
129 KB
42 KB
Script
General
Full URL
https://rewards.werally.com/scripts/polyfills.216487110ca53a84ea5a.js
Requested by
Host: rewards.werally.com
URL: https://rewards.werally.com/details/marketplace/96dc2d11-c232-4a6b-b5a8-d83452decae7/?utm_source=Rally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_match_id=654307059888938888
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.17 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-214-17.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da27a7dff992aa0f01e731013c3d60636ea8a70e16bb28fdd3a6cfbd05077179

Request headers

Referer
https://rewards.werally.com/details/marketplace/96dc2d11-c232-4a6b-b5a8-d83452decae7/?utm_source=Rally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_match_id=654307059888938888
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 06 May 2019 13:54:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Apr 2019 18:09:29 GMT
Server
AmazonS3
Age
20
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
Cache-Control
max-age=60
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
tZfps4qZI0qrI6HXbg-fRKTCX9_ZAfcdb7_FRNW8Q_CmbAO1VgqutA==
rewards.f0b08b089456aa3de084.js
rewards.werally.com/scripts/
643 KB
172 KB
Script
General
Full URL
https://rewards.werally.com/scripts/rewards.f0b08b089456aa3de084.js
Requested by
Host: rewards.werally.com
URL: https://rewards.werally.com/details/marketplace/96dc2d11-c232-4a6b-b5a8-d83452decae7/?utm_source=Rally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_match_id=654307059888938888
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.17 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-214-17.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b2f46e1b408a111d313c5934fb0dd271aaf4c50b48824118f79595e5c46443d0

Request headers

Referer
https://rewards.werally.com/details/marketplace/96dc2d11-c232-4a6b-b5a8-d83452decae7/?utm_source=Rally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_match_id=654307059888938888
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 05 May 2019 11:25:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Apr 2019 18:09:29 GMT
Server
AmazonS3
Age
20
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
Cache-Control
max-age=60
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
n0tiaMRF3Yp2PL7YqFBf2qIk6VOyNryM3MeERIt1C1fgtUlAAIn3SQ==
ga.js
ssl.google-analytics.com/
45 KB
17 KB
Script
General
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: rewards.werally.com
URL: https://rewards.werally.com/details/marketplace/96dc2d11-c232-4a6b-b5a8-d83452decae7/?utm_source=Rally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_match_id=654307059888938888
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://rewards.werally.com/details/marketplace/96dc2d11-c232-4a6b-b5a8-d83452decae7/?utm_source=Rally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_match_id=654307059888938888
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
2185
date
Tue, 07 May 2019 13:16:42 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17168
expires
Tue, 07 May 2019 15:16:42 GMT
advantage.apremdat.js
rewards.werally.com/scripts/advantage/
25 KB
10 KB
Script
General
Full URL
https://rewards.werally.com/scripts/advantage/advantage.apremdat.js
Requested by
Host: rewards.werally.com
URL: https://rewards.werally.com/scripts/rewards.f0b08b089456aa3de084.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.17 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-214-17.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed7ecf7235e3d1ae33618fbfcc64dc11c6625c219dff8885e284ae3a58ff6811

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://rewards.werally.com/details/marketplace/96dc2d11-c232-4a6b-b5a8-d83452decae7/?utm_source=Rally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_match_id=654307059888938888
Origin
https://rewards.werally.com

Response headers

Date
Sun, 05 May 2019 11:25:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Apr 2019 18:09:35 GMT
Server
AmazonS3
Age
38
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
Cache-Control
max-age=60
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
qFPK0YbFaxDJH5P2bwbUtEWZfmeuYzCKad75Ltsm1ucn_iZmKjvgvQ==
session
www.werally.com/play/rest/
0
871 B
XHR
General
Full URL
https://www.werally.com/play/rest/session
Requested by
Host: rewards.werally.com
URL: https://rewards.werally.com/scripts/polyfills.216487110ca53a84ea5a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains; preload;

Request headers

Access-Control-Request-Method
POST
Origin
https://rewards.werally.com
Referer
https://rewards.werally.com/details/marketplace/96dc2d11-c232-4a6b-b5a8-d83452decae7/?utm_source=Rally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_match_id=654307059888938888
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Tue, 07 May 2019 13:53:08 GMT
server
nginx
access-control-allow-origin
https://rewards.werally.com
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
text/plain charset=UTF-8
status
204
x-iinfo
7-6510595-6510597 NNNN CT(87 179 0) RT(1557237187306 0) q(0 0 2 1) r(3 3) U5
cache-control
max-age=60
access-control-allow-credentials
true
strict-transport-security
max-age=15768000; includeSubDomains; preload;
access-control-allow-headers
accept, origin, xsrf-token, arcade-xsrf-token, x-requested-with, x-rally-auth-token, x-rally-authtoken, x-rally-verification-code, x-rally-locale, x-rally-userId, x-rally-session-token, x-rally-sessiontoken, x-rally-eligibilityid, server-event-uuid, content-type, x-abuse-info, rally-referer, rally-client
content-length
0
x-cdn
Incapsula
expires
Tue, 07 May 2019 13:54:08 GMT
config
www.werally.com/play/rest/
0
366 B
XHR
General
Full URL
https://www.werally.com/play/rest/config
Requested by
Host: rewards.werally.com
URL: https://rewards.werally.com/scripts/polyfills.216487110ca53a84ea5a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains; preload;

Request headers

Access-Control-Request-Method
GET
Origin
https://rewards.werally.com
Referer
https://rewards.werally.com/details/marketplace/96dc2d11-c232-4a6b-b5a8-d83452decae7/?utm_source=Rally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_match_id=654307059888938888
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
rally-client,x-rally-locale

Response headers

date
Tue, 07 May 2019 13:53:08 GMT
server
nginx
access-control-allow-origin
https://rewards.werally.com
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
text/plain charset=UTF-8
status
204
x-iinfo
7-6510596-6510598 NNNN CT(88 179 0) RT(1557237187306 0) q(0 0 2 2) r(3 3) U5
cache-control
max-age=60
access-control-allow-credentials
true
strict-transport-security
max-age=15768000; includeSubDomains; preload;
access-control-allow-headers
accept, origin, xsrf-token, arcade-xsrf-token, x-requested-with, x-rally-auth-token, x-rally-authtoken, x-rally-verification-code, x-rally-locale, x-rally-userId, x-rally-session-token, x-rally-sessiontoken, x-rally-eligibilityid, server-event-uuid, content-type, x-abuse-info, rally-referer, rally-client
content-length
0
x-cdn
Incapsula
expires
Tue, 07 May 2019 13:54:08 GMT
session
www.werally.com/play/rest/
0
427 B
XHR
General
Full URL
https://www.werally.com/play/rest/session
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains; preload;

Request headers

Accept
application/json, text/plain, */*
Referer
https://rewards.werally.com/details/marketplace/96dc2d11-c232-4a6b-b5a8-d83452decae7/?utm_source=Rally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_match_id=654307059888938888
Origin
https://rewards.werally.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

x-rally-correlationid
K5FzEJDYnhxlAg-zenplay
date
Tue, 07 May 2019 13:53:09 GMT
server
nginx
status
401
strict-transport-security
max-age=15768000; includeSubDomains; preload;
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
access-control-allow-origin
https://rewards.werally.com
x-iinfo
9-16466075-16466076 NNNN CT(93 184 0) RT(1557237187855 0) q(0 0 3 0) r(4 4) U5
access-control-allow-credentials
true
x-trace-token
89212918d9e7-10834479
content-length
0
x-cdn
Incapsula
config
www.werally.com/play/rest/
897 B
1 KB
XHR
General
Full URL
https://www.werally.com/play/rest/config
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
nginx /
Resource Hash
3b3168c75fa3eaf26f82f0c77d6743f363af9bf841dabfac469102e42f252618
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains; preload;

Request headers

Accept
application/json, text/plain, */*
Referer
https://rewards.werally.com/details/marketplace/96dc2d11-c232-4a6b-b5a8-d83452decae7/?utm_source=Rally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_match_id=654307059888938888
Origin
https://rewards.werally.com
X-Rally-Locale
en-US
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Rally-Client
Web

Response headers

date
Tue, 07 May 2019 13:53:08 GMT
content-encoding
gzip
vary
Accept-Encoding
x-cdn
Incapsula
status
200
x-iinfo
9-16466077-16466078 NNNN CT(0 0 0) RT(1557237187857 0) q(0 0 0 1) r(1 1) U5
x-rally-correlationid
y3Vf6HM9ngjW6m-zenplay
server
nginx
strict-transport-security
max-age=15768000; includeSubDomains; preload;
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://rewards.werally.com
cache-control
no-cache
access-control-allow-credentials
true
x-trace-token
d521163912dd-10875568
access-control-allow-headers
accept, origin, xsrf-token, arcade-xsrf-token, x-requested-with, x-rally-auth-token, x-rally-authtoken, x-rally-verification-code, x-rally-locale, x-rally-userId, x-rally-session-token, x-rally-sessiontoken, x-rally-eligibilityid, server-event-uuid, content-type, x-abuse-info, rally-referer, rally-client
expires
Thu, 01 Jan 1970 00:00:01 GMT
registeredLocales.rewards.bb6a04399927172d8ce2.js
rewards.werally.com/scripts/
47 KB
8 KB
Script
General
Full URL
https://rewards.werally.com/scripts/registeredLocales.rewards.bb6a04399927172d8ce2.js
Requested by
Host: rewards.werally.com
URL: https://rewards.werally.com/scripts/rewards.f0b08b089456aa3de084.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.17 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-214-17.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://rewards.werally.com/details/marketplace/96dc2d11-c232-4a6b-b5a8-d83452decae7/?utm_source=Rally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_match_id=654307059888938888
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 05 May 2019 11:25:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Apr 2019 18:09:29 GMT
Server
AmazonS3
Age
21
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
Cache-Control
max-age=60
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
jeOKKIGDAir_DJDitkFtR8iDR1uIVXqEw6NHKKAekwmpsOP7frlvYg==
Primary Request lo
accounts.werally.com/
625 B
1 KB
Document
General
Full URL
https://accounts.werally.com/lo?redirect=https://rewards.werally.com/details/marketplace/96dc2d11-c232-4a6b-b5a8-d83452decae7/?utm_source=Rally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_match_id=654307059888938888
Requested by
Host: rewards.werally.com
URL: https://rewards.werally.com/scripts/rewards.f0b08b089456aa3de084.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
nginx /
Resource Hash
6c27514460f8f61cd616dc0855e4fdd62bbfedb562becade7b02326ba606caf2
Security Headers
Name Value
Content-Security-Policy img-src 'self' data: *.werally.com *.werally.in assets.werally.co s3.amazonaws.com *.google-analytics.com privacy-policy.truste.com *.online-metrix.net; default-src 'self' *.google-analytics.com ajax.googleapis.com *.werally.com *.werally.in assets.werally.co privacy-policy.truste.com 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
accounts.werally.com
:scheme
https
:path
/lo?redirect=https://rewards.werally.com/details/marketplace/96dc2d11-c232-4a6b-b5a8-d83452decae7/?utm_source=Rally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_match_id=654307059888938888
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://rewards.werally.com/details/marketplace/96dc2d11-c232-4a6b-b5a8-d83452decae7/?utm_source=Rally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_match_id=654307059888938888
accept-encoding
gzip, deflate, br
cookie
visid_incap_675552=Zk0B+3nNRS2EE68lEzfBO8ON0VwAAAAAQUIPAAAAAADGAir0LKpxs5scRJylrGgb; nlbi_675552=EW2MPl5PuSN5UoylFIevIgAAAAAsTBTlG5ZH6Sm+VaV4SNwf; incap_ses_108_675552=cKKZC55MbmEyCn528rN/AcSN0VwAAAAAOH1tcv5J0x7sI2R/LiXeRg==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://rewards.werally.com/details/marketplace/96dc2d11-c232-4a6b-b5a8-d83452decae7/?utm_source=Rally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_match_id=654307059888938888

Response headers

status
200
date
Tue, 07 May 2019 13:53:09 GMT
content-type
text/html
server
nginx
last-modified
Tue, 05 Mar 2019 20:52:56 GMT
etag
"5c7ee1a8-271"
expires
Tue, 07 May 2019 13:53:08 GMT
cache-control
no-cache no-cache
accept-ranges
bytes
strict-transport-security
max-age=15768000; includeSubDomains; preload;
x-frame-options
DENY
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
referrer-policy
strict-origin-when-cross-origin
content-security-policy
img-src 'self' data: *.werally.com *.werally.in assets.werally.co s3.amazonaws.com *.google-analytics.com privacy-policy.truste.com *.online-metrix.net; default-src 'self' *.google-analytics.com ajax.googleapis.com *.werally.com *.werally.in assets.werally.co privacy-policy.truste.com 'unsafe-inline'
content-encoding
gzip
set-cookie
visid_incap_676022=P93PJ8PoRUWPUBmrphXWisSN0VwAAAAAQUIPAAAAAABVG3VBOGoVd0XbPk6q+ixt; expires=Wed, 06 May 2020 13:28:31 GMT; path=/; Domain=.werally.com nlbi_676022=46v7M0KbB0UmngvpxGBX9gAAAADIPgBLP5F2enFOGXxxfp9Y; path=/; Domain=.werally.com incap_ses_108_676022=pt1GTDRS1B3xDH528rN/AcSN0VwAAAAATd70eRMaXAozLmWQVQLzHg==; path=/; Domain=.werally.com
x-iinfo
9-16466261-16466262 NNNN CT(94 196 0) RT(1557237188358 0) q(0 0 3 0) r(4 4) U2
x-cdn
Incapsula
styles.207addf21d1fc1751a380482611e0559.css
accounts.werally.com/
146 KB
40 KB
Stylesheet
General
Full URL
https://accounts.werally.com/styles.207addf21d1fc1751a380482611e0559.css
Requested by
Host: accounts.werally.com
URL: https://accounts.werally.com/lo?redirect=https://rewards.werally.com/details/marketplace/96dc2d11-c232-4a6b-b5a8-d83452decae7/?utm_source=Rally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_match_id=654307059888938888
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
4eb9eafe6d8117d0388a87904766e1ae4388eb5baa09e51fa940d44fc06ec382

Request headers

Referer
https://accounts.werally.com/lo?redirect=https://rewards.werally.com/details/marketplace/96dc2d11-c232-4a6b-b5a8-d83452decae7/?utm_source=Rally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_match_id=654307059888938888
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 07 May 2019 13:53:09 GMT
content-encoding
gzip
last-modified
Tue, 05 Mar 2019 20:52:56 GMT
x-cdn
Incapsula
etag
"5c7ee1a8-24920"
content-type
text/css
status
200
x-iinfo
9-16466423-16462965 2VNN RT(1557237188788 0) q(0 0 0 -1) r(4 4)
content-length
40837
bundle.fc47eccd0cf67d731241.js
accounts.werally.com/
1 MB
445 KB
Script
General
Full URL
https://accounts.werally.com/bundle.fc47eccd0cf67d731241.js
Requested by
Host: accounts.werally.com
URL: https://accounts.werally.com/lo?redirect=https://rewards.werally.com/details/marketplace/96dc2d11-c232-4a6b-b5a8-d83452decae7/?utm_source=Rally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_match_id=654307059888938888
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
96b48e21f36ec0f0e5d18e2fafdc6e9b3d7f30c2adc9cc76a346b79d15af893a

Request headers

Referer
https://accounts.werally.com/lo?redirect=https://rewards.werally.com/details/marketplace/96dc2d11-c232-4a6b-b5a8-d83452decae7/?utm_source=Rally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_match_id=654307059888938888
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 07 May 2019 13:53:09 GMT
content-encoding
gzip
last-modified
Tue, 05 Mar 2019 20:52:56 GMT
x-cdn
Incapsula
etag
"5c7ee1a8-12e0bc"
content-type
application/javascript
status
200
x-iinfo
9-16466424-16466425 2VNN RT(1557237188791 0) q(0 0 0 -1) r(0 4)
content-length
454825
advantage.pks6fylu.js
accounts.werally.com/advantage/
57 KB
24 KB
Script
General
Full URL
https://accounts.werally.com/advantage/advantage.pks6fylu.js
Requested by
Host: accounts.werally.com
URL: https://accounts.werally.com/bundle.fc47eccd0cf67d731241.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
c754ed0de0c5449026cc2054b5812822772c0437eaf4503229e0147984d3edd2

Request headers

Referer
https://accounts.werally.com/lo?redirect=https://rewards.werally.com/details/marketplace/96dc2d11-c232-4a6b-b5a8-d83452decae7/?utm_source=Rally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_match_id=654307059888938888
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 07 May 2019 13:53:09 GMT
content-encoding
gzip
last-modified
Tue, 05 Mar 2019 20:52:56 GMT
x-cdn
Incapsula
etag
"5c7ee1a8-e249"
content-type
application/javascript
status
200
x-iinfo
9-16466650-16466425 2VNN RT(1557237189487 0) q(0 0 0 -1) r(1 1)
content-length
24618
env.json
accounts.werally.com/
69 B
246 B
Fetch
General
Full URL
https://accounts.werally.com/env.json
Requested by
Host: accounts.werally.com
URL: https://accounts.werally.com/bundle.fc47eccd0cf67d731241.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
nginx /
Resource Hash
ae8220926379581d0e100e8b33309101cc6e2d8655229da31651a4d1e81c0c28
Security Headers
Name Value
Content-Security-Policy img-src 'self' data: *.werally.com *.werally.in assets.werally.co s3.amazonaws.com *.google-analytics.com privacy-policy.truste.com *.online-metrix.net; default-src 'self' *.google-analytics.com ajax.googleapis.com *.werally.com *.werally.in assets.werally.co privacy-policy.truste.com 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.werally.com/lo?redirect=https://rewards.werally.com/details/marketplace/96dc2d11-c232-4a6b-b5a8-d83452decae7/?utm_source=Rally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_match_id=654307059888938888
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
content-type
application/json

Response headers

date
Tue, 07 May 2019 13:53:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
status
200
x-iinfo
9-16466659-16466262 PNNN RT(1557237189500 0) q(0 1 1 -1) r(1 1) U12
x-xss-protection
1; mode=block
x-cdn
Incapsula
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 09 Apr 2019 23:06:10 GMT
server
nginx
x-frame-options
DENY
etag
"5cad2562-45"
strict-transport-security
max-age=15768000; includeSubDomains; preload;
content-type
application/json
content-security-policy
img-src 'self' data: *.werally.com *.werally.in assets.werally.co s3.amazonaws.com *.google-analytics.com privacy-policy.truste.com *.online-metrix.net; default-src 'self' *.google-analytics.com ajax.googleapis.com *.werally.com *.werally.in assets.werally.co privacy-policy.truste.com 'unsafe-inline'
accept-ranges
bytes
analytics.js
www.google-analytics.com/
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: accounts.werally.com
URL: https://accounts.werally.com/bundle.fc47eccd0cf67d731241.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://accounts.werally.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
1241
date
Tue, 07 May 2019 13:32:29 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17543
expires
Tue, 07 May 2019 15:32:29 GMT
metadata
accounts.werally.com/auth/v3/rba/profile/
395 B
768 B
Fetch
General
Full URL
https://accounts.werally.com/auth/v3/rba/profile/metadata?endpoint=login
Requested by
Host: accounts.werally.com
URL: https://accounts.werally.com/bundle.fc47eccd0cf67d731241.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
b178699a62d299288099c73ce40f40031f274092dfbfd479d8e13c1ba76b381d
Security Headers
Name Value
Content-Security-Policy default-src 'self', img-src 'self' *.werally.com *.werally.in assets.werally.co s3.amazonaws.com *.google-analytics.com *.werally.com *.werally.in privacy_policy.truste.com; default-src 'self' *.google-analytics.com ajax.googleapis.com *.werally.com *.werally.in assets.werally.co privacy-policy.truste.com 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

x-rally-correlationid
U5bijVVIHf2f-accounts
Referer
https://accounts.werally.com/lo?redirect=https://rewards.werally.com/details/marketplace/96dc2d11-c232-4a6b-b5a8-d83452decae7/?utm_source=Rally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_match_id=654307059888938888
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
content-type
application/json

Response headers

x-rally-correlationid
U5bijVVIHf2f-accounts
date
Tue, 07 May 2019 13:53:10 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
x-permitted-cross-domain-policies
master-only, master-only
x-frame-options
DENY, DENY
request-time
5
content-type
application/json
status
200
x-iinfo
9-16466859-16466262 PNNN RT(1557237189907 0) q(0 0 0 -1) r(1 1) U2
x-xss-protection
1; mode=block, 1; mode=block
cache-control
no-cache, no-store, must-revalidate, no-cache, must-revalidate
content-security-policy
default-src 'self', img-src 'self' *.werally.com *.werally.in assets.werally.co s3.amazonaws.com *.google-analytics.com *.werally.com *.werally.in privacy_policy.truste.com; default-src 'self' *.google-analytics.com ajax.googleapis.com *.werally.com *.werally.in assets.werally.co privacy-policy.truste.com 'unsafe-inline'
strict-transport-security
max-age=15768000; includeSubDomains; preload;
x-cdn
Incapsula
internationalization
accounts.werally.com/config/v1/
46 B
194 B
Fetch
General
Full URL
https://accounts.werally.com/config/v1/internationalization
Requested by
Host: accounts.werally.com
URL: https://accounts.werally.com/bundle.fc47eccd0cf67d731241.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
313ddeae02d43dab32a2da83f2d1b93198290041f5e490330383074651bf8991
Security Headers
Name Value
Content-Security-Policy default-src 'self', img-src 'self' *.werally.com *.werally.in assets.werally.co s3.amazonaws.com *.google-analytics.com *.werally.com *.werally.in privacy_policy.truste.com; default-src 'self' *.google-analytics.com ajax.googleapis.com *.werally.com *.werally.in assets.werally.co privacy-policy.truste.com 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://accounts.werally.com/lo?redirect=https:%2F%2Frewards.werally.com%2Fdetails%2Fmarketplace%2F96dc2d11-c232-4a6b-b5a8-d83452decae7%2F%3Futm_source%3DRally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_match_id=654307059888938888
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
content-type
application/json

Response headers

x-rally-correlationid
cELX1k2ohnkKmX-authn
date
Tue, 07 May 2019 13:53:11 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
x-permitted-cross-domain-policies
master-only, master-only
x-frame-options
DENY, DENY
request-time
0
content-type
application/json
status
200
x-iinfo
9-16466906-16466262 PNNN RT(1557237190040 0) q(0 0 0 -1) r(1 1) U2
x-xss-protection
1; mode=block, 1; mode=block
cache-control
no-cache, no-store, must-revalidate, no-cache, must-revalidate
content-security-policy
default-src 'self', img-src 'self' *.werally.com *.werally.in assets.werally.co s3.amazonaws.com *.google-analytics.com *.werally.com *.werally.in privacy_policy.truste.com; default-src 'self' *.google-analytics.com ajax.googleapis.com *.werally.com *.werally.in assets.werally.co privacy-policy.truste.com 'unsafe-inline'
strict-transport-security
max-age=15768000; includeSubDomains; preload;
x-cdn
Incapsula
https:%2F%2Frewards.werally.com%2Fdetails%2Fmarketplace%2F96dc2d11-c232-4a6b-b5a8-d83452decae7%2F%3Futm_source%3DRally
accounts.werally.com/auth/v1/validateReferrerUrl/
16 B
155 B
Fetch
General
Full URL
https://accounts.werally.com/auth/v1/validateReferrerUrl/https:%2F%2Frewards.werally.com%2Fdetails%2Fmarketplace%2F96dc2d11-c232-4a6b-b5a8-d83452decae7%2F%3Futm_source%3DRally
Requested by
Host: accounts.werally.com
URL: https://accounts.werally.com/bundle.fc47eccd0cf67d731241.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Content-Security-Policy default-src 'self', img-src 'self' *.werally.com *.werally.in assets.werally.co s3.amazonaws.com *.google-analytics.com *.werally.com *.werally.in privacy_policy.truste.com; default-src 'self' *.google-analytics.com ajax.googleapis.com *.werally.com *.werally.in assets.werally.co privacy-policy.truste.com 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://accounts.werally.com/lo/?redirect=https:%2F%2Frewards.werally.com%2Fdetails%2Fmarketplace%2F96dc2d11-c232-4a6b-b5a8-d83452decae7%2F%3Futm_source%3DRally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_match_id=654307059888938888
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
content-type
application/json

Response headers

x-rally-correlationid
LUDbaRz3n8dm4h-authn
date
Tue, 07 May 2019 13:53:11 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
x-permitted-cross-domain-policies
master-only, master-only
x-frame-options
DENY, DENY
request-time
0
content-type
application/json
status
200
x-iinfo
9-16466940-16466941 NNNN CT(0 0 0) RT(1557237190102 0) q(0 0 0 -1) r(1 1) U2
x-xss-protection
1; mode=block, 1; mode=block
cache-control
no-cache, no-store, must-revalidate, no-cache, must-revalidate
content-security-policy
default-src 'self', img-src 'self' *.werally.com *.werally.in assets.werally.co s3.amazonaws.com *.google-analytics.com *.werally.com *.werally.in privacy_policy.truste.com; default-src 'self' *.google-analytics.com ajax.googleapis.com *.werally.com *.werally.in assets.werally.co privacy-policy.truste.com 'unsafe-inline'
strict-transport-security
max-age=15768000; includeSubDomains; preload;
x-cdn
Incapsula
collect
www.google-analytics.com/r/
0
0

collect
www.google-analytics.com/
35 B
99 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j73&a=287431626&t=event&_s=2&dl=https%3A%2F%2Faccounts.werally.com%2Flo%2F%3Fredirect%3Dhttps%3A%252F%252Frewards.werally.com%252Fdetails%252Fmarketplace%252F96dc2d11-c232-4a6b-b5a8-d83452decae7%252F%253Futm_source%253DRally%26utm_medium%3Demail%26utm_campaign%3DMarketplace_April-Email_UnderArmor%26utm_content%3Dejuafjpx%26_branch_match_id%3D654307059888938888&dr=https%3A%2F%2Frewards.werally.com%2Fdetails%2Fmarketplace%2F96dc2d11-c232-4a6b-b5a8-d83452decae7%2F%3Futm_source%3DRally%26utm_medium%3Demail%26utm_campaign%3DMarketplace_April-Email_UnderArmor%26utm_content%3Dejuafjpx%26_branch_match_id%3D654307059888938888&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Profiling%20Bond&ea=initiated&el=&_u=aEBAAEABE~&jid=&gjid=&cid=773930349.1557237191&tid=UA-69760430-4&_gid=1510978764.1557237191&z=882755178
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://accounts.werally.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Mar 2019 05:19:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
5128418
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
tags.js
assets.werally.co/
23 KB
7 KB
Script
General
Full URL
https://assets.werally.co/tags.js?org_id=aq64275o&session_id=bbf5cecf-f36d-4965-a8af-dfdc8bb7ea3b
Requested by
Host: accounts.werally.com
URL: https://accounts.werally.com/bundle.fc47eccd0cf67d731241.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.103 , Netherlands, ASN30286 (THM - ThreatMetrix Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
5fa1af8d7464e9ebcd67b5ffa6f3f84158feec7fc319a796ad8e08339c00da38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.werally.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 May 2019 13:53:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
P3P
CP=IVAa PSAa
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
tmx-nonce
628c985e379893cf
Connection
Keep-Alive, Keep-Alive
Content-Type
text/javascript;charset=UTF-8
Keep-Alive
timeout=2, max=100
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/
35 B
93 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j73&a=287431626&t=event&_s=3&dl=https%3A%2F%2Faccounts.werally.com%2Flo%2F%3Fredirect%3Dhttps%3A%252F%252Frewards.werally.com%252Fdetails%252Fmarketplace%252F96dc2d11-c232-4a6b-b5a8-d83452decae7%252F%253Futm_source%253DRally%26utm_medium%3Demail%26utm_campaign%3DMarketplace_April-Email_UnderArmor%26utm_content%3Dejuafjpx%26_branch_match_id%3D654307059888938888&dr=https%3A%2F%2Frewards.werally.com%2Fdetails%2Fmarketplace%2F96dc2d11-c232-4a6b-b5a8-d83452decae7%2F%3Futm_source%3DRally%26utm_medium%3Demail%26utm_campaign%3DMarketplace_April-Email_UnderArmor%26utm_content%3Dejuafjpx%26_branch_match_id%3D654307059888938888&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Profiling%20Bond&ea=complete&el=&_u=aEBAAEABE~&jid=&gjid=&cid=773930349.1557237191&tid=UA-69760430-4&_gid=1510978764.1557237191&z=1319321617
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://accounts.werally.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Mar 2019 05:19:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
5128418
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
93 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j73&a=287431626&t=timing&_s=4&dl=https%3A%2F%2Faccounts.werally.com%2Flo%2F%3Fredirect%3Dhttps%3A%252F%252Frewards.werally.com%252Fdetails%252Fmarketplace%252F96dc2d11-c232-4a6b-b5a8-d83452decae7%252F%253Futm_source%253DRally%26utm_medium%3Demail%26utm_campaign%3DMarketplace_April-Email_UnderArmor%26utm_content%3Dejuafjpx%26_branch_match_id%3D654307059888938888&dr=https%3A%2F%2Frewards.werally.com%2Fdetails%2Fmarketplace%2F96dc2d11-c232-4a6b-b5a8-d83452decae7%2F%3Futm_source%3DRally%26utm_medium%3Demail%26utm_campaign%3DMarketplace_April-Email_UnderArmor%26utm_content%3Dejuafjpx%26_branch_match_id%3D654307059888938888&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=Fetch%20Org%20ID&utv=Complete&utt=298&_u=aEBAAEABE~&jid=&gjid=&cid=773930349.1557237191&tid=UA-69760430-4&_gid=1510978764.1557237191&z=574731373
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://accounts.werally.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Mar 2019 05:19:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
5128418
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
US
accounts.werally.com/profile/v1/availableLocales/
98 B
188 B
Fetch
General
Full URL
https://accounts.werally.com/profile/v1/availableLocales/US
Requested by
Host: accounts.werally.com
URL: https://accounts.werally.com/bundle.fc47eccd0cf67d731241.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
f9484c0ccf409deff72f958af59590c37232db1b8dd734deb618716d6fce96f6
Security Headers
Name Value
Content-Security-Policy default-src 'self', img-src 'self' *.werally.com *.werally.in assets.werally.co s3.amazonaws.com *.google-analytics.com *.werally.com *.werally.in privacy_policy.truste.com; default-src 'self' *.google-analytics.com ajax.googleapis.com *.werally.com *.werally.in assets.werally.co privacy-policy.truste.com 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://accounts.werally.com/lo/?redirect=https:%2F%2Frewards.werally.com%2Fdetails%2Fmarketplace%2F96dc2d11-c232-4a6b-b5a8-d83452decae7%2F%3Futm_source%3DRally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_match_id=654307059888938888
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
content-type
application/json

Response headers

x-rally-correlationid
mPPevhdvNiIRIX-authn
date
Tue, 07 May 2019 13:53:11 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
x-permitted-cross-domain-policies
master-only, master-only
x-frame-options
DENY, DENY
request-time
0
content-type
application/json
status
200
x-iinfo
9-16466986-16466941 PNNN RT(1557237190250 0) q(0 0 0 -1) r(1 1) U2
x-xss-protection
1; mode=block, 1; mode=block
cache-control
no-cache, no-store, must-revalidate, no-cache, must-revalidate
content-security-policy
default-src 'self', img-src 'self' *.werally.com *.werally.in assets.werally.co s3.amazonaws.com *.google-analytics.com *.werally.com *.werally.in privacy_policy.truste.com; default-src 'self' *.google-analytics.com ajax.googleapis.com *.werally.com *.werally.in assets.werally.co privacy-policy.truste.com 'unsafe-inline'
strict-transport-security
max-age=15768000; includeSubDomains; preload;
x-cdn
Incapsula
collect
stats.g.doubleclick.net/r/
0
0

logout
accounts.werally.com/auth/v1/
12 B
2 KB
XHR
General
Full URL
https://accounts.werally.com/auth/v1/logout
Requested by
Host: accounts.werally.com
URL: https://accounts.werally.com/bundle.fc47eccd0cf67d731241.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
47a8a0f8cbeef6e67e851bffba4ae30f325684eed744a9acac3eb03b139e3116
Security Headers
Name Value
Content-Security-Policy default-src 'self', img-src 'self' *.werally.com *.werally.in assets.werally.co s3.amazonaws.com *.google-analytics.com *.werally.com *.werally.in privacy_policy.truste.com; default-src 'self' *.google-analytics.com ajax.googleapis.com *.werally.com *.werally.in assets.werally.co privacy-policy.truste.com 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept
application/json, text/plain, */*
X-Rally-CorrelationId
U5bijVVIHf2f-accounts
Referer
https://accounts.werally.com/lo/?redirect=https:%2F%2Frewards.werally.com%2Fdetails%2Fmarketplace%2F96dc2d11-c232-4a6b-b5a8-d83452decae7%2F%3Futm_source%3DRally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_match_id=654307059888938888
Origin
https://accounts.werally.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 07 May 2019 13:53:11 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
x-permitted-cross-domain-policies
master-only, master-only
request-time
4
status
400
x-iinfo
9-16466995-16466262 PNNN RT(1557237190296 0) q(0 0 0 -1) r(2 2) U6
strict-transport-security
max-age=15768000; includeSubDomains; preload;
x-xss-protection
1; mode=block, 1; mode=block
x-rally-correlationid
U5bijVVIHf2f-accounts
x-cdn
Incapsula
x-frame-options
DENY, DENY
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS,GET,PUT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://accounts.werally.com
access-control-expose-headers
Content-Type,Set-Cookie,X-Rally-Locale
cache-control
no-cache, no-store, must-revalidate, no-cache, must-revalidate
access-control-allow-credentials
true
content-security-policy
default-src 'self', img-src 'self' *.werally.com *.werally.in assets.werally.co s3.amazonaws.com *.google-analytics.com *.werally.com *.werally.in privacy_policy.truste.com; default-src 'self' *.google-analytics.com ajax.googleapis.com *.werally.com *.werally.in assets.werally.co privacy-policy.truste.com 'unsafe-inline'
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Cookie,Accept,Referer,User-Agent,X-Rally-SortingHat-Env,X-Rally-Auth-Token,XSRF-Token,X-Rally-Locale,Norn-Meta
https:%2F%2Frewards.werally.com%2Fdetails%2Fmarketplace%2F96dc2d11-c232-4a6b-b5a8-d83452decae7%2F%3Futm_source%3DRally
accounts.werally.com/auth/v1/validateReferrerUrl/
16 B
420 B
Fetch
General
Full URL
https://accounts.werally.com/auth/v1/validateReferrerUrl/https:%2F%2Frewards.werally.com%2Fdetails%2Fmarketplace%2F96dc2d11-c232-4a6b-b5a8-d83452decae7%2F%3Futm_source%3DRally
Requested by
Host: accounts.werally.com
URL: https://accounts.werally.com/bundle.fc47eccd0cf67d731241.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Content-Security-Policy default-src 'self', img-src 'self' *.werally.com *.werally.in assets.werally.co s3.amazonaws.com *.google-analytics.com *.werally.com *.werally.in privacy_policy.truste.com; default-src 'self' *.google-analytics.com ajax.googleapis.com *.werally.com *.werally.in assets.werally.co privacy-policy.truste.com 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options nosniff, nosniff
X-Frame-Options DENY, DENY
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://accounts.werally.com/lo/?redirect=https:%2F%2Frewards.werally.com%2Fdetails%2Fmarketplace%2F96dc2d11-c232-4a6b-b5a8-d83452decae7%2F%3Futm_source%3DRally&utm_medium=email&utm_campaign=Marketplace_April-Email_UnderArmor&utm_content=ejuafjpx&_branch_match_id=654307059888938888
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
content-type
application/json

Response headers

x-rally-correlationid
iOGgHmQg6cggW6-authn
date
Tue, 07 May 2019 13:53:11 GMT
content-encoding
gzip
x-content-type-options
nosniff, nosniff
x-permitted-cross-domain-policies
master-only, master-only
x-frame-options
DENY, DENY
request-time
0
content-type
application/json
status
200
x-iinfo
9-16467069-16466262 PNNN RT(1557237190445 0) q(0 0 0 1) r(1 1) U2
x-xss-protection
1; mode=block, 1; mode=block
cache-control
no-cache, no-store, must-revalidate, no-cache, must-revalidate
content-security-policy
default-src 'self', img-src 'self' *.werally.com *.werally.in assets.werally.co s3.amazonaws.com *.google-analytics.com *.werally.com *.werally.in privacy_policy.truste.com; default-src 'self' *.google-analytics.com ajax.googleapis.com *.werally.com *.werally.in assets.werally.co privacy-policy.truste.com 'unsafe-inline'
strict-transport-security
max-age=15768000; includeSubDomains; preload;
x-cdn
Incapsula
9864e3d475fda02617bf44fecc02d579.woff
accounts.werally.com/
120 KB
121 KB
Font
General
Full URL
https://accounts.werally.com/9864e3d475fda02617bf44fecc02d579.woff
Requested by
Host: accounts.werally.com
URL: https://accounts.werally.com/bundle.fc47eccd0cf67d731241.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
nginx /
Resource Hash
e5de367daaeff1b438ed6a575b61aadbe12c13832a032a38b46334a84a579ddf
Security Headers
Name Value
Content-Security-Policy img-src 'self' data: *.werally.com *.werally.in assets.werally.co s3.amazonaws.com *.google-analytics.com privacy-policy.truste.com *.online-metrix.net; default-src 'self' *.google-analytics.com ajax.googleapis.com *.werally.com *.werally.in assets.werally.co privacy-policy.truste.com 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://accounts.werally.com/styles.207addf21d1fc1751a380482611e0559.css
Origin
https://accounts.werally.com

Response headers

date
Tue, 07 May 2019 13:53:11 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
status
200
x-iinfo
9-16467110-16462930 2NNN RT(1557237190552 0) q(0 0 0 0) r(4 4) U12
strict-transport-security
max-age=15768000; includeSubDomains; preload;
content-length
123048
x-xss-protection
1; mode=block
x-cdn
Incapsula
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 05 Mar 2019 20:52:56 GMT
server
nginx
etag
"5c7ee1a8-1e0a8"
x-frame-options
DENY
content-type
font/woff
content-security-policy
img-src 'self' data: *.werally.com *.werally.in assets.werally.co s3.amazonaws.com *.google-analytics.com privacy-policy.truste.com *.online-metrix.net; default-src 'self' *.google-analytics.com ajax.googleapis.com *.werally.com *.werally.in assets.werally.co privacy-policy.truste.com 'unsafe-inline'
accept-ranges
bytes
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
26bbc24a47cf998c2881b541647bb936631ea885aaf88cd567946a6b73a5eed3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
143d78883b1073cecebdb22865ac8f883546f6c622d9fb0b244f3169a266bf4b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c0d9dee381c224abd0cd3fee7f2f9fca10b6c4f42e98acf8a91573fca3a0745f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
a7ad07ee2c5ee6c7f19ecebb89255407.png
accounts.werally.com/
10 KB
10 KB
Image
General
Full URL
https://accounts.werally.com/a7ad07ee2c5ee6c7f19ecebb89255407.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
1a3f60dd774bf1072b2dc266f41675f80d21b2690b002ae930e77d975ec1052d

Request headers

Referer
https://accounts.werally.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 07 May 2019 13:53:10 GMT
last-modified
Tue, 05 Mar 2019 20:52:56 GMT
x-cdn
Incapsula
etag
"5c7ee1a8-2929"
content-type
image/png
status
200
x-iinfo
9-16467128-16462965 2VNN RT(1557237190656 0) q(0 0 0 -1) r(1 1)
content-length
10537
truncated
/
7 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
183c242273890dfae947071172c59dc5880341596442123c156ed3345e6f38a5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd7b170e9a3076646eb50ea8963e6a147a461df3ec9abd8495dadc8987f11ed5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
997 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f4446b5144459e332903681ef0c96b3f88954eb0191f3812592b6ee75cf37d9e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/svg+xml
kt1emfob.es5.js
accounts.werally.com/advantage/
16 KB
5 KB
Script
General
Full URL
https://accounts.werally.com/advantage/kt1emfob.es5.js
Requested by
Host: accounts.werally.com
URL: https://accounts.werally.com/advantage/advantage.pks6fylu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
4f252893b3bc802f107fe5bb039d97634bb211e5d186c2b2a571c7e816aadaea

Request headers

Referer
https://accounts.werally.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 07 May 2019 13:53:11 GMT
content-encoding
gzip
last-modified
Tue, 05 Mar 2019 20:52:56 GMT
x-cdn
Incapsula
etag
"5c7ee1a8-3ef1"
content-type
application/javascript
status
200
x-iinfo
9-16467129-16464816 2VNN RT(1557237190663 0) q(0 0 0 -1) r(4 4)
content-length
5385
truncated
/
940 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
54e95ecbc1c1de081ccdb047c25eee88d4698f0606dd74152e73310df68745a6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a1120b33b680440f10e2db792c07a2e54d6551b0f1db6da713125d1fc6ac118

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
557 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3124e899f7947eaa99b9e28d28790a4999197ddef6de9a0015e1426a4ec178fe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
image/png
check.js;CIS3SID=F472EDF8B227EE7311C8F66FDF0A443F
assets.werally.co/fp/ Frame 8CCD
105 KB
27 KB
Script
General
Full URL
https://assets.werally.co/fp/check.js;CIS3SID=F472EDF8B227EE7311C8F66FDF0A443F?org_id=aq64275o&session_id=bbf5cecf-f36d-4965-a8af-dfdc8bb7ea3b&nonce=628c985e379893cf
Requested by
Host: assets.werally.co
URL: https://assets.werally.co/tags.js?org_id=aq64275o&session_id=bbf5cecf-f36d-4965-a8af-dfdc8bb7ea3b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.103 , Netherlands, ASN30286 (THM - ThreatMetrix Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
d158d881c1f7603711297e1889ab2f0a98c5b882a5ab38c42f30475e5f26c603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.werally.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 May 2019 13:53:11 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
tmx-nonce
628c985e379893cf
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=99
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
assets.werally.co/fp/ Frame 8CCD
81 B
429 B
Image
General
Full URL
https://assets.werally.co/fp/clear.png?org_id=aq64275o&session_id=bbf5cecf-f36d-4965-a8af-dfdc8bb7ea3b&nonce=628c985e379893cf&w=5c37681d1d7105bc&ck=0&m=1
Requested by
Host: assets.werally.co
URL: https://assets.werally.co/tags.js?org_id=aq64275o&session_id=bbf5cecf-f36d-4965-a8af-dfdc8bb7ea3b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.103 , Netherlands, ASN30286 (THM - ThreatMetrix Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.werally.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 May 2019 13:53:11 GMT
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=98
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
assets.werally.co/fp/ Frame 8CCD
81 B
429 B
Image
General
Full URL
https://assets.werally.co/fp/clear.png?org_id=aq64275o&session_id=bbf5cecf-f36d-4965-a8af-dfdc8bb7ea3b&nonce=628c985e379893cf&ck=0&m=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.103 , Netherlands, ASN30286 (THM - ThreatMetrix Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.werally.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 May 2019 13:53:11 GMT
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=97
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/r/
0
0

collect
stats.g.doubleclick.net/r/
0
0

ls_fp.html;CIS3SID=F472EDF8B227EE7311C8F66FDF0A443F
assets.werally.co/fp/ Frame 263B
0
0
Document
General
Full URL
https://assets.werally.co/fp/ls_fp.html;CIS3SID=F472EDF8B227EE7311C8F66FDF0A443F?org_id=aq64275o&session_id=bbf5cecf-f36d-4965-a8af-dfdc8bb7ea3b&nonce=628c985e379893cf
Requested by
Host: assets.werally.co
URL: https://assets.werally.co/fp/check.js;CIS3SID=F472EDF8B227EE7311C8F66FDF0A443F?org_id=aq64275o&session_id=bbf5cecf-f36d-4965-a8af-dfdc8bb7ea3b&nonce=628c985e379893cf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.103 , Netherlands, ASN30286 (THM - ThreatMetrix Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
assets.werally.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://accounts.werally.com/
Accept-Encoding
gzip, deflate, br
Cookie
thx_guid=45114e729e7b42c8bc77f5ab011cedb5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://accounts.werally.com/

Response headers

Date
Tue, 07 May 2019 13:53:11 GMT
Server
Apache
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive, Keep-Alive
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=2, max=96
Transfer-Encoding
chunked
clear.png
assets.werally.co/fp/ Frame 8CCD
0
342 B
Script
General
Full URL
https://assets.werally.co/fp/clear.png?org_id=aq64275o&session_id=bbf5cecf-f36d-4965-a8af-dfdc8bb7ea3b&nonce=628c985e379893cf&jd=35352426753d37613b35343a316c316c353138356a632462666c3d3338246864683d63306133643130396761693466313369346c33346a363f306769383063303031246866746c3f323833353b3a3332
Requested by
Host: assets.werally.co
URL: https://assets.werally.co/fp/check.js;CIS3SID=F472EDF8B227EE7311C8F66FDF0A443F?org_id=aq64275o&session_id=bbf5cecf-f36d-4965-a8af-dfdc8bb7ea3b&nonce=628c985e379893cf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.103 , Netherlands, ASN30286 (THM - ThreatMetrix Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.werally.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 May 2019 13:53:12 GMT
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=95
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
top_fp.html;CIS3SID=F472EDF8B227EE7311C8F66FDF0A443F
assets.werally.co/fp/ Frame 4654
0
0
Document
General
Full URL
https://assets.werally.co/fp/top_fp.html;CIS3SID=F472EDF8B227EE7311C8F66FDF0A443F?org_id=aq64275o&session_id=bbf5cecf-f36d-4965-a8af-dfdc8bb7ea3b&nonce=628c985e379893cf
Requested by
Host: assets.werally.co
URL: https://assets.werally.co/fp/check.js;CIS3SID=F472EDF8B227EE7311C8F66FDF0A443F?org_id=aq64275o&session_id=bbf5cecf-f36d-4965-a8af-dfdc8bb7ea3b&nonce=628c985e379893cf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.103 , Netherlands, ASN30286 (THM - ThreatMetrix Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
assets.werally.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://accounts.werally.com/
Accept-Encoding
gzip, deflate, br
Cookie
thx_guid=45114e729e7b42c8bc77f5ab011cedb5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://accounts.werally.com/

Response headers

Date
Tue, 07 May 2019 13:53:12 GMT
Server
Apache
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive, Keep-Alive
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=2, max=93
Transfer-Encoding
chunked
clear.png
assets.werally.co/fp/ Frame 8CCD
0
173 B
Script
General
Full URL
https://assets.werally.co/fp/clear.png?org_id=aq64275o&session_id=bbf5cecf-f36d-4965-a8af-dfdc8bb7ea3b&nonce=628c985e379893cf&ja=3530322624773f376b31353438396439663739303d62612e633f3024723f3224663d333432327a313030322469643f3336383070333238302e73616c3d303424646a3f6a7474727127314325304627304e6361616f7d6e7c712e7f657a616e64792c636d652730442664703f6a767670712531432d304427324e726d75617a647b2e756d72636c6e712c616d6d253044666776616b6c71273a446f637263657c726c69636d25304e393464613a6633332d633031302f366134622f603d633a2f6430333c37326c656b61673f253046273b4477766d5f716d7770616527334650696e6e7b253a367d766d576d6d646b7d6d2733466d6f636b6c25303477766f5f61616f72696b656c253b4445637263657c706e6963675f4378706b6e2d456f636b6e5d556c64677049706f6d722d323e7774655f6b6f6c7c656c74273b46676875616468727a2732345f6070696c616a5f65617c616857696c25314c363734313835323739383a3a3b313a383a38247235726e7767616e57646c6973605e64696c716523786e7765696e5d756b6c666f75735d6f6d666b635f786c697b657a5e6e616e7b6523706e7d656b6c5f61666d60675d6161726d6069765c646164736d237064756f696c577177696163766b6f655e64636e716721726c7765616c5d716867636375617e6556666364736721726477656b6e5f7067636e726c637967705664636e736d21786e756f69665f7464635d706e697b67705e66636e716723706e75656b665d666776696c7e705e6e6164736729706e7565616c5d7176675d746b677565705e6463647167237064756f6b6e576a6976635666636c716d246a6a3d6361603b616333663367613931336364303639303469333131316d376736326c2468716f3d4e6b6c777a266873603f4b6a706d6d6d203e352666686b3d3a2e7478643f5d5641246578313f366760663038303a3a676760303e373864303c356965616e6132623a693766323165673732666436&jb=33373b266e713f4f67786b6e6c69253a443526302d3232204d63636b66766d7168253140273032496c74676e2d30324f616b253a324f5b253a305a2d323231325733315d35292730324372706e6555676a496b76253a463d313726333e25303828494856454e2730432530326e6b6965273232456d61696d292d323841687a6f6565273a4634372c382c313139362c3a35273030516164637a6b2730463d333f2c333e
Requested by
Host: assets.werally.co
URL: https://assets.werally.co/fp/check.js;CIS3SID=F472EDF8B227EE7311C8F66FDF0A443F?org_id=aq64275o&session_id=bbf5cecf-f36d-4965-a8af-dfdc8bb7ea3b&nonce=628c985e379893cf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.103 , Netherlands, ASN30286 (THM - ThreatMetrix Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://accounts.werally.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 07 May 2019 13:53:12 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=94
Content-Type
text/javascript;charset=UTF-8
clear.png
assets.werally.co/fp/ Frame 8CCD
81 B
432 B
Image
General
Full URL
https://assets.werally.co/fp/clear.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.103 , Netherlands, ASN30286 (THM - ThreatMetrix Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Request headers

Referer
https://accounts.werally.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 07 May 2019 13:53:12 GMT
Last-Modified
Tue, 07 May 2019 13:53:12 GMT
Server
Apache
Etag
a7c1c4571ae1416fb1eab3e49e2aecfe
Content-Type
image/png
Cache-Control
private, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
Expires
Sun, 05 May 2024 13:53:12 GMT
clear.png
aq64275o-d3e42c66c5e5c4ccf1f080c8a21429540778cb2a-am1.d.aa.online-metrix.net/fp/ Frame 8CCD
81 B
393 B
Image
General
Full URL
https://aq64275o-d3e42c66c5e5c4ccf1f080c8a21429540778cb2a-am1.d.aa.online-metrix.net/fp/clear.png?org_id=aq64275o&session_id=bbf5cecf-f36d-4965-a8af-dfdc8bb7ea3b&nonce=628c985e379893cf&di=yes
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.3 San Jose, United States, ASN30286 (THM - ThreatMetrix Inc., US),
Reverse DNS
d.aa.online-metrix.net
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.werally.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 May 2019 13:53:12 GMT
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
chunk-59f56f29.es5.js
accounts.werally.com/advantage/
4 KB
1 KB
Script
General
Full URL
https://accounts.werally.com/advantage/chunk-59f56f29.es5.js
Requested by
Host: accounts.werally.com
URL: https://accounts.werally.com/advantage/advantage.pks6fylu.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.254 Frankfurt, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
149.126.77.254.ip.incapdns.net
Software
/
Resource Hash
37802909181d34c889a4778a9e22295964fd5d27b1ae0c2ca4384cf87789773b

Request headers

Referer
https://accounts.werally.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 07 May 2019 13:53:11 GMT
content-encoding
gzip
last-modified
Tue, 05 Mar 2019 20:52:56 GMT
x-cdn
Incapsula
etag
"5c7ee1a8-105b"
content-type
application/javascript
status
200
x-iinfo
9-16467260-16464808 2VNN RT(1557237191204 0) q(0 0 0 -1) r(3 3)
content-length
1314
clear.png
assets.werally.co/fp/ Frame 8CCD
0
342 B
Script
General
Full URL
https://assets.werally.co/fp/clear.png?org_id=aq64275o&session_id=bbf5cecf-f36d-4965-a8af-dfdc8bb7ea3b&nonce=628c985e379893cf&jac=1&je=3a362426756560707c615d6b6e7c657a6c61645f61703f39343a2e303d332c36352e3335322e3061323138366e3a3830303a3a693b3a32322e77676a7276635d6d7a7667726e636e5d6b723d3a332c3b3f2c30312e3931
Requested by
Host: assets.werally.co
URL: https://assets.werally.co/fp/check.js;CIS3SID=F472EDF8B227EE7311C8F66FDF0A443F?org_id=aq64275o&session_id=bbf5cecf-f36d-4965-a8af-dfdc8bb7ea3b&nonce=628c985e379893cf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.103 , Netherlands, ASN30286 (THM - ThreatMetrix Inc., US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.werally.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 May 2019 13:53:12 GMT
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=92
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/r/
0
0

collect
stats.g.doubleclick.net/r/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google-analytics.com
URL
https://www.google-analytics.com/r/collect?v=1&_v=j73&a=287431626&t=pageview&_s=1&dl=https%3A%2F%2Faccounts.werally.com%2Flo%2F%3Fredirect%3Dhttps%3A%252F%252Frewards.werally.com%252Fdetails%252Fmarketplace%252F96dc2d11-c232-4a6b-b5a8-d83452decae7%252F%253Futm_source%253DRally%26utm_medium%3Demail%26utm_campaign%3DMarketplace_April-Email_UnderArmor%26utm_content%3Dejuafjpx%26_branch_match_id%3D654307059888938888&dr=https%3A%2F%2Frewards.werally.com%2Fdetails%2Fmarketplace%2F96dc2d11-c232-4a6b-b5a8-d83452decae7%2F%3Futm_source%3DRally%26utm_medium%3Demail%26utm_campaign%3DMarketplace_April-Email_UnderArmor%26utm_content%3Dejuafjpx%26_branch_match_id%3D654307059888938888&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABE~&jid=2018910834&gjid=635662745&cid=773930349.1557237191&tid=UA-69760430-4&_gid=1510978764.1557237191&_r=1&z=593440028
Domain
stats.g.doubleclick.net
URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-69760430-4&cid=773930349.1557237191&jid=2018910834&_gid=1510978764.1557237191&gjid=635662745&_v=j73&z=593440028
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/r/collect?v=1&_v=j73&a=287431626&t=timing&_s=5&dl=https%3A%2F%2Faccounts.werally.com%2Flo%2F%3Fredirect%3Dhttps%3A%252F%252Frewards.werally.com%252Fdetails%252Fmarketplace%252F96dc2d11-c232-4a6b-b5a8-d83452decae7%252F%253Futm_source%253DRally%26utm_medium%3Demail%26utm_campaign%3DMarketplace_April-Email_UnderArmor%26utm_content%3Dejuafjpx%26_branch_match_id%3D654307059888938888&dr=https%3A%2F%2Frewards.werally.com%2Fdetails%2Fmarketplace%2F96dc2d11-c232-4a6b-b5a8-d83452decae7%2F%3Futm_source%3DRally%26utm_medium%3Demail%26utm_campaign%3DMarketplace_April-Email_UnderArmor%26utm_content%3Dejuafjpx%26_branch_match_id%3D654307059888938888&ul=en-us&de=UTF-8&dt=Welcome%20Back!%20-%20Rally&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TMX%20Script&utv=Load&utt=646&_u=aEBAAEABE~&jid=1687705202&gjid=475965882&cid=773930349.1557237191&tid=UA-69760430-4&_gid=1510978764.1557237191&_r=1&z=1325878406
Domain
stats.g.doubleclick.net
URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-69760430-4&cid=773930349.1557237191&jid=1687705202&_gid=1510978764.1557237191&gjid=475965882&_v=j73&z=1325878406
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/r/collect?v=1&_v=j73&a=287431626&t=timing&_s=6&dl=https%3A%2F%2Faccounts.werally.com%2Flo%2F%3Fredirect%3Dhttps%3A%252F%252Frewards.werally.com%252Fdetails%252Fmarketplace%252F96dc2d11-c232-4a6b-b5a8-d83452decae7%252F%253Futm_source%253DRally%26utm_medium%3Demail%26utm_campaign%3DMarketplace_April-Email_UnderArmor%26utm_content%3Dejuafjpx%26_branch_match_id%3D654307059888938888&dr=https%3A%2F%2Frewards.werally.com%2Fdetails%2Fmarketplace%2F96dc2d11-c232-4a6b-b5a8-d83452decae7%2F%3Futm_source%3DRally%26utm_medium%3Demail%26utm_campaign%3DMarketplace_April-Email_UnderArmor%26utm_content%3Dejuafjpx%26_branch_match_id%3D654307059888938888&ul=en-us&de=UTF-8&dt=Welcome%20Back!%20-%20Rally&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=TMX%20Profiling&utv=Complete&utt=2405&_u=aEBAAEABE~&jid=1717418044&gjid=1805207842&cid=773930349.1557237191&tid=UA-69760430-4&_gid=1510978764.1557237191&_r=1&z=2118535111
Domain
stats.g.doubleclick.net
URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-69760430-4&cid=773930349.1557237191&jid=1717418044&_gid=1510978764.1557237191&gjid=1805207842&_v=j73&z=2118535111

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| webpackJsonp object| __core-js_shared__ object| core function| $ object| angular object| advantage object| s-apps function| tmx_profiling_complete object| google_tag_data function| ga object| gaplugins boolean| s-ce1 function| ES6Promise object| $definedCmps object| s-defined object| gaGlobal object| gaData object| td_3x function| tmx_run_page_fingerprinting boolean| tmx_profiling_started function| tmx_post_session_params_fixed

6 Cookies

Domain/Path Name / Value
assets.werally.co/ Name: thx_guid
Value: 45114e729e7b42c8bc77f5ab011cedb5
.werally.com/ Name: incap_ses_108_676022
Value: 8UtWTzJssEK/EX528rN/AcaN0VwAAAAA+nqJBr9ODN/NNdqvpLSD8w==
accounts.werally.com/ Name: redirect
Value: https:%252F%252Frewards.werally.com%252Fdetails%252Fmarketplace%252F96dc2d11-c232-4a6b-b5a8-d83452decae7%252F%253Futm_source%253DRally
.werally.com/ Name: _gat
Value: 1
.werally.com/ Name: nlbi_676022
Value: doMhevvZ6wLkzBZXxGBX9gAAAABN1RJiyspnMGQrPHHqy+5H
.werally.com/ Name: visid_incap_676022
Value: u/D3V9xiRkGg9b2iW/gtNMaN0VwAAAAAQUIPAAAAAAB+Kzswy0A79yfGtL7L2VmE

7 Console Messages

Source Level URL
Text
console-api error URL: https://rewards.werally.com/scripts/rewards.f0b08b089456aa3de084.js(Line 723)
Message:
Error: Request failed with status code 401
console-api error URL: https://rewards.werally.com/scripts/rewards.f0b08b089456aa3de084.js(Line 723)
Message:
session fetch failed
console-api error URL: https://rewards.werally.com/scripts/rewards.f0b08b089456aa3de084.js(Line 723)
Message:
TypeError: Cannot read property 'bootstrap' of undefined
console-api error URL: https://rewards.werally.com/scripts/rewards.f0b08b089456aa3de084.js(Line 723)
Message:
unable to load app bundle
console-api error URL: https://rewards.werally.com/scripts/rewards.f0b08b089456aa3de084.js(Line 723)
Message:
TypeError: Cannot read property 'data' of null
console-api error URL: https://rewards.werally.com/scripts/rewards.f0b08b089456aa3de084.js(Line 723)
Message:
unable to load program overview data
console-api warning URL: https://accounts.werally.com/bundle.fc47eccd0cf67d731241.js(Line 100)
Message:
logout failed because:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.werally.com
aq64275o-d3e42c66c5e5c4ccf1f080c8a21429540778cb2a-am1.d.aa.online-metrix.net
assets.werally.co
click.email.werally.com
rally125.app.link
rewards.werally.com
ssl.google-analytics.com
stats.g.doubleclick.net
www.google-analytics.com
www.werally.com
stats.g.doubleclick.net
www.google-analytics.com
13.111.100.11
143.204.214.17
149.126.77.254
192.225.158.3
2600:9000:2047:a200:19:9934:6a80:93a1
2a00:1450:4001:81d::2008
2a00:1450:4001:81f::200e
91.235.132.103
0f40e4b0ae39a578e89d04a64bb64137f4330b2ba12c7b3ca89719c62f9cb213
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
143d78883b1073cecebdb22865ac8f883546f6c622d9fb0b244f3169a266bf4b
183c242273890dfae947071172c59dc5880341596442123c156ed3345e6f38a5
1a3f60dd774bf1072b2dc266f41675f80d21b2690b002ae930e77d975ec1052d
26bbc24a47cf998c2881b541647bb936631ea885aaf88cd567946a6b73a5eed3
3124e899f7947eaa99b9e28d28790a4999197ddef6de9a0015e1426a4ec178fe
313ddeae02d43dab32a2da83f2d1b93198290041f5e490330383074651bf8991
37802909181d34c889a4778a9e22295964fd5d27b1ae0c2ca4384cf87789773b
3b3168c75fa3eaf26f82f0c77d6743f363af9bf841dabfac469102e42f252618
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
47a8a0f8cbeef6e67e851bffba4ae30f325684eed744a9acac3eb03b139e3116
4a1120b33b680440f10e2db792c07a2e54d6551b0f1db6da713125d1fc6ac118
4eb9eafe6d8117d0388a87904766e1ae4388eb5baa09e51fa940d44fc06ec382
4f252893b3bc802f107fe5bb039d97634bb211e5d186c2b2a571c7e816aadaea
54e95ecbc1c1de081ccdb047c25eee88d4698f0606dd74152e73310df68745a6
5fa1af8d7464e9ebcd67b5ffa6f3f84158feec7fc319a796ad8e08339c00da38
6c27514460f8f61cd616dc0855e4fdd62bbfedb562becade7b02326ba606caf2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
96b48e21f36ec0f0e5d18e2fafdc6e9b3d7f30c2adc9cc76a346b79d15af893a
ae8220926379581d0e100e8b33309101cc6e2d8655229da31651a4d1e81c0c28
b178699a62d299288099c73ce40f40031f274092dfbfd479d8e13c1ba76b381d
b2f46e1b408a111d313c5934fb0dd271aaf4c50b48824118f79595e5c46443d0
c0d9dee381c224abd0cd3fee7f2f9fca10b6c4f42e98acf8a91573fca3a0745f
c754ed0de0c5449026cc2054b5812822772c0437eaf4503229e0147984d3edd2
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cd7b170e9a3076646eb50ea8963e6a147a461df3ec9abd8495dadc8987f11ed5
d158d881c1f7603711297e1889ab2f0a98c5b882a5ab38c42f30475e5f26c603
da27a7dff992aa0f01e731013c3d60636ea8a70e16bb28fdd3a6cfbd05077179
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5de367daaeff1b438ed6a575b61aadbe12c13832a032a38b46334a84a579ddf
ed7ecf7235e3d1ae33618fbfcc64dc11c6625c219dff8885e284ae3a58ff6811
f4446b5144459e332903681ef0c96b3f88954eb0191f3812592b6ee75cf37d9e
f9484c0ccf409deff72f958af59590c37232db1b8dd734deb618716d6fce96f6