urlscan.io logo urlscan.io
SecurityTrails logo

www.thebewellportal.com Open in urlscan Pro
2606:4700:20::681a:1be  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.thebewellportal.com/en-gb/login
Submission Tags: @phishunt_io
Submission: On June 08 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 21 HTTP transactions. The main IP is 2606:4700:20::681a:1be, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.thebewellportal.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 28th 2022. Valid for: a year.
This is the only time www.thebewellportal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a02:26f0:df:... 20940 (AKAMAI-ASN1)
2 52.30.67.107 16509 (AMAZON-02)
1 34.241.126.16 16509 (AMAZON-02)
1 15.188.95.229 16509 (AMAZON-02)
2 2 142.250.186.34 15169 (GOOGLE)
21 6
13    2606:4700:20::681a:1be (United States)

ASN13335 (CLOUDFLARENET, US)
www.thebewellportal.com
2    2a02:26f0:df:3a5::1e80 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
2    52.30.67.107 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-67-107.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    34.241.126.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-126-16.eu-west-1.compute.amazonaws.com
barclaysbankplc.demdex.net
1    15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
barclaysexecutionservices.sc.omtrdc.net
2    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
13 thebewellportal.com
www.thebewellportal.com
256 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 186
barclaysbankplc.demdex.net — Cisco Umbrella Rank: 100168
6 KB
2 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 199
1 KB
2 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 436
49 KB
1 omtrdc.net
barclaysexecutionservices.sc.omtrdc.net — Cisco Umbrella Rank: 165951 Failed
393 B
0 everesttech.net Failed
cm.everesttech.net Failed
21 6
Domain Requested by
13 www.thebewellportal.com www.thebewellportal.com
2 cm.g.doubleclick.net 2 redirects
2 dpm.demdex.net assets.adobedtm.com
2 assets.adobedtm.com www.thebewellportal.com
assets.adobedtm.com
1 barclaysexecutionservices.sc.omtrdc.net assets.adobedtm.com
1 barclaysbankplc.demdex.net assets.adobedtm.com
0 cm.everesttech.net Failed
21 7

This site contains links to these domains. Also see Links.

Domain
bewell
bewell.barclays.com
accessibility.barclays.com
Subject Issuer Validity Valid
thebewellportal.com
Cloudflare Inc ECC CA-3		 2022-04-28 -
2023-04-28		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-10 -
2022-09-10		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.sc.omtrdc.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-17 -
2023-03-07		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.thebewellportal.com/en-gb/login
Frame ID: 73B06DF1DADE00497D54AFCAE56A04BF
Requests: 19 HTTP requests in this frame

Frame: https://barclaysbankplc.demdex.net/dest5.html?d_nsid=0
Frame ID: CA3926455C3A8680C430C0FB2536E25A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login - Be Well Portal

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

21
Requests

86 %
HTTPS

33 %
IPv6

6
Domains

7
Subdomains

6
IPs

4
Countries

310 kB
Transfer

832 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjY3NTI3NTMyODk0NDM2MDQyNDAyNjI0NjM3NTA0NjA4NDYxMTE= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MjY3NTI3NTMyODk0NDM2MDQyNDAyNjI0NjM3NTA0NjA4NDYxMTE=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEK_WDWD4sMs4FQu6HjfeOGU&google_cver=1?gdpr=0&gdpr_consent=

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
www.thebewellportal.com/en-gb/ 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.thebewellportal.com/en-gb/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e2b51a5f823d42d93b689b7193291dc25dc143c951aed77bcbae6219613fa99
Security Headers
Name Value
Content-Security-Policy default-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.vimeocdn.com *.ytimg.com assets.adobedtm.com googletagmanager.com player.vimeo.com;style-src 'self' 'unsafe-inline' *.googleapis.com *.propelwellness.com *.vimeocdn.com;img-src 'self' data: *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.propelwellness.com *.vimeocdn.com *.ytimg.com stats.g.doubleclick.net www.gstatic.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com;connect-src 'self' *.demdex.net *.google-analytics.com *.googleapis.com *.propelwellness.com *.tvcdemo.com *.vimeocdn.com vimeo.com;media-src 'self' *.propelwellness.com *.vimeocdn.com;frame-src 'self' *.demdex.net *.vimeo.com;object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
cf-cache-status
DYNAMIC
cf-ray
7183167b2972d61c-MXP
content-encoding
br
content-security-policy
default-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.vimeocdn.com *.ytimg.com assets.adobedtm.com googletagmanager.com player.vimeo.com;style-src 'self' 'unsafe-inline' *.googleapis.com *.propelwellness.com *.vimeocdn.com;img-src 'self' data: *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.propelwellness.com *.vimeocdn.com *.ytimg.com stats.g.doubleclick.net www.gstatic.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com;connect-src 'self' *.demdex.net *.google-analytics.com *.googleapis.com *.propelwellness.com *.tvcdemo.com *.vimeocdn.com vimeo.com;media-src 'self' *.propelwellness.com *.vimeocdn.com;frame-src 'self' *.demdex.net *.vimeo.com;object-src 'self'
content-type
text/html; charset=utf-8
date
Wed, 08 Jun 2022 16:43:40 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin,origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2BrCaffaJxiIa32H5n66yKKMTGuiBRjUghO4RG0YhrHvBmNbi2DoM2bcc7qDZc3goK0GtPE%2FMTf3XmEYlLsvZHt9L5l8UDwfBJvgqMbpmae%2BU9kZcLBfHQFHpX1Kiszob4OVbvGU9Zwuy2TrKDLV%2Bs0mDzf0"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubdomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
propelfont.css
www.thebewellportal.com/fonts/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thebewellportal.com/fonts/propelfont.css
Requested by
Host: www.thebewellportal.com
URL: https://www.thebewellportal.com/en-gb/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
067f2bdfd0ae61edc0ce989aab383bf1efaa1512edbe704341e2d7f6cfe06662
Security Headers
Name Value
Content-Security-Policy default-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.vimeocdn.com *.ytimg.com assets.adobedtm.com googletagmanager.com player.vimeo.com;style-src 'self' 'unsafe-inline' *.googleapis.com *.propelwellness.com *.vimeocdn.com;img-src 'self' data: *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.propelwellness.com *.vimeocdn.com *.ytimg.com stats.g.doubleclick.net www.gstatic.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com;connect-src 'self' *.demdex.net *.google-analytics.com *.googleapis.com *.propelwellness.com *.tvcdemo.com *.vimeocdn.com vimeo.com;media-src 'self' *.propelwellness.com *.vimeocdn.com;frame-src 'self' *.demdex.net *.vimeo.com;object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thebewellportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:43:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin,origin
last-modified
Fri, 15 Apr 2022 11:29:13 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"a094c18bc50d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7CaFh0BvLKBYti7BWfc2p6SRpjgk9wEUZ2sezZBrMGuKXoXEAF%2BvGXEFn9kLu6yI0ajelkZjFjBoU107AfTNE6u71LF3cbPAp%2B9iOtObh2q6mLWnef%2F99YF8s4l%2F9iy4D85lOdiy4JPhgwwf0wAG0nKuRtX"}],"group":"cf-nel","max_age":604800}
content-type
text/css
content-security-policy
default-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.vimeocdn.com *.ytimg.com assets.adobedtm.com googletagmanager.com player.vimeo.com;style-src 'self' 'unsafe-inline' *.googleapis.com *.propelwellness.com *.vimeocdn.com;img-src 'self' data: *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.propelwellness.com *.vimeocdn.com *.ytimg.com stats.g.doubleclick.net www.gstatic.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com;connect-src 'self' *.demdex.net *.google-analytics.com *.googleapis.com *.propelwellness.com *.tvcdemo.com *.vimeocdn.com vimeo.com;media-src 'self' *.propelwellness.com *.vimeocdn.com;frame-src 'self' *.demdex.net *.vimeo.com;object-src 'self'
cf-ray
7183167c7b3bd61c-MXP
portal.css
www.thebewellportal.com/content/themes/barc/ 		298 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.thebewellportal.com/content/themes/barc/portal.css
Requested by
Host: www.thebewellportal.com
URL: https://www.thebewellportal.com/en-gb/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e6f7de8598f2a074a5407c5c097b2db7f9a3f49ba355915295aef62d0e23781
Security Headers
Name Value
Content-Security-Policy default-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.vimeocdn.com *.ytimg.com assets.adobedtm.com googletagmanager.com player.vimeo.com;style-src 'self' 'unsafe-inline' *.googleapis.com *.propelwellness.com *.vimeocdn.com;img-src 'self' data: *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.propelwellness.com *.vimeocdn.com *.ytimg.com stats.g.doubleclick.net www.gstatic.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com;connect-src 'self' *.demdex.net *.google-analytics.com *.googleapis.com *.propelwellness.com *.tvcdemo.com *.vimeocdn.com vimeo.com;media-src 'self' *.propelwellness.com *.vimeocdn.com;frame-src 'self' *.demdex.net *.vimeo.com;object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thebewellportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:43:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin,origin
last-modified
Fri, 15 Apr 2022 11:29:16 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"7a7722abc50d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jo91aKuedRgNkyH3uTf4mGrO1QRhzZ8HvWxS3QcUvAmO%2BTUrDlsIMRCVhbwKtzxwuXF5PDSJEggU5ZymvhvFYg5nhq1UK%2BinEb2uDQCu8kkko3%2BBtveDbrRd%2FlAiYnjpLkxGuiVehH57mdARSznRX3i%2BkSZJ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
content-security-policy
default-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.vimeocdn.com *.ytimg.com assets.adobedtm.com googletagmanager.com player.vimeo.com;style-src 'self' 'unsafe-inline' *.googleapis.com *.propelwellness.com *.vimeocdn.com;img-src 'self' data: *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.propelwellness.com *.vimeocdn.com *.ytimg.com stats.g.doubleclick.net www.gstatic.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com;connect-src 'self' *.demdex.net *.google-analytics.com *.googleapis.com *.propelwellness.com *.tvcdemo.com *.vimeocdn.com vimeo.com;media-src 'self' *.propelwellness.com *.vimeocdn.com;frame-src 'self' *.demdex.net *.vimeo.com;object-src 'self'
cf-ray
7183167c7b3cd61c-MXP
jquery-3.3.1.min.js
www.thebewellportal.com/scripts/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thebewellportal.com/scripts/jquery-3.3.1.min.js
Requested by
Host: www.thebewellportal.com
URL: https://www.thebewellportal.com/en-gb/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
Security Headers
Name Value
Content-Security-Policy default-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.vimeocdn.com *.ytimg.com assets.adobedtm.com googletagmanager.com player.vimeo.com;style-src 'self' 'unsafe-inline' *.googleapis.com *.propelwellness.com *.vimeocdn.com;img-src 'self' data: *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.propelwellness.com *.vimeocdn.com *.ytimg.com stats.g.doubleclick.net www.gstatic.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com;connect-src 'self' *.demdex.net *.google-analytics.com *.googleapis.com *.propelwellness.com *.tvcdemo.com *.vimeocdn.com vimeo.com;media-src 'self' *.propelwellness.com *.vimeocdn.com;frame-src 'self' *.demdex.net *.vimeo.com;object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thebewellportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:43:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin,origin
last-modified
Fri, 15 Apr 2022 11:29:16 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"19173fabc50d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=llHBOJ7ywIe8iCokTkvi%2BUx3Rb%2BovkXwNKi3V64Iq42fTditIvGNN%2BZNqK6o3VN0i8vvMJvqv8RLuwGsO0XaSgGm%2BkaGLM%2B7NJEhK8W23SGa4co7CPaLyb3QDP%2FPJECMjzOE3kbCCRFdEUza66Me7XpgVxFP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
content-security-policy
default-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.vimeocdn.com *.ytimg.com assets.adobedtm.com googletagmanager.com player.vimeo.com;style-src 'self' 'unsafe-inline' *.googleapis.com *.propelwellness.com *.vimeocdn.com;img-src 'self' data: *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.propelwellness.com *.vimeocdn.com *.ytimg.com stats.g.doubleclick.net www.gstatic.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com;connect-src 'self' *.demdex.net *.google-analytics.com *.googleapis.com *.propelwellness.com *.tvcdemo.com *.vimeocdn.com vimeo.com;media-src 'self' *.propelwellness.com *.vimeocdn.com;frame-src 'self' *.demdex.net *.vimeo.com;object-src 'self'
cf-ray
7183167c7b3fd61c-MXP
jquery-ui-widgetfactory.js
www.thebewellportal.com/scripts/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thebewellportal.com/scripts/jquery-ui-widgetfactory.js
Requested by
Host: www.thebewellportal.com
URL: https://www.thebewellportal.com/en-gb/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
165c0e0d2f738baf2d7dc381f5a37a968cf0f323c00acabeb12372ec45ed97cf
Security Headers
Name Value
Content-Security-Policy default-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.vimeocdn.com *.ytimg.com assets.adobedtm.com googletagmanager.com player.vimeo.com;style-src 'self' 'unsafe-inline' *.googleapis.com *.propelwellness.com *.vimeocdn.com;img-src 'self' data: *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.propelwellness.com *.vimeocdn.com *.ytimg.com stats.g.doubleclick.net www.gstatic.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com;connect-src 'self' *.demdex.net *.google-analytics.com *.googleapis.com *.propelwellness.com *.tvcdemo.com *.vimeocdn.com vimeo.com;media-src 'self' *.propelwellness.com *.vimeocdn.com;frame-src 'self' *.demdex.net *.vimeo.com;object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thebewellportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:43:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin,origin
last-modified
Fri, 15 Apr 2022 11:29:16 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"567a3fabc50d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zW569PnOimntEgXNjhJq2dxmVFcza5TyeA212Ycp2NAkbkmoD6kSza3Rcng%2FMaTKFcZkBhqdFEgX0vS1Vk%2Bqy1%2BiaQhPHKQvWoKdarc7SLh7pwalqQsf1zu%2B8fJjylsWmlS5TfUw5KynsXK6U9f6dJtt2USA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
content-security-policy
default-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.vimeocdn.com *.ytimg.com assets.adobedtm.com googletagmanager.com player.vimeo.com;style-src 'self' 'unsafe-inline' *.googleapis.com *.propelwellness.com *.vimeocdn.com;img-src 'self' data: *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.propelwellness.com *.vimeocdn.com *.ytimg.com stats.g.doubleclick.net www.gstatic.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com;connect-src 'self' *.demdex.net *.google-analytics.com *.googleapis.com *.propelwellness.com *.tvcdemo.com *.vimeocdn.com vimeo.com;media-src 'self' *.propelwellness.com *.vimeocdn.com;frame-src 'self' *.demdex.net *.vimeo.com;object-src 'self'
cf-ray
7183167c7b40d61c-MXP
jquery.validate-1.16.0.min.js
www.thebewellportal.com/scripts/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thebewellportal.com/scripts/jquery.validate-1.16.0.min.js
Requested by
Host: www.thebewellportal.com
URL: https://www.thebewellportal.com/en-gb/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4ec8763c6f7c6b9efc4a180baadbc2a4eaf9317f2781c9a4705c8c56774993d
Security Headers
Name Value
Content-Security-Policy default-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.vimeocdn.com *.ytimg.com assets.adobedtm.com googletagmanager.com player.vimeo.com;style-src 'self' 'unsafe-inline' *.googleapis.com *.propelwellness.com *.vimeocdn.com;img-src 'self' data: *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.propelwellness.com *.vimeocdn.com *.ytimg.com stats.g.doubleclick.net www.gstatic.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com;connect-src 'self' *.demdex.net *.google-analytics.com *.googleapis.com *.propelwellness.com *.tvcdemo.com *.vimeocdn.com vimeo.com;media-src 'self' *.propelwellness.com *.vimeocdn.com;frame-src 'self' *.demdex.net *.vimeo.com;object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thebewellportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:43:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin,origin
last-modified
Fri, 15 Apr 2022 11:29:16 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"2d6340abc50d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I9QHoPyrnRqDmWzuM8gNStrvdRFGpE13InwgZ9yxs3KZMXZSMiCceobNT7OIzTk19AUpYmLG3BKE1u7txToZW4amSiYmlisXrwkXY99p%2F%2FPqmdx3bsNs%2Bj6mn3GP3yHdRghev3Rmznv8YKL79o40x26zXJ7f"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
content-security-policy
default-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.vimeocdn.com *.ytimg.com assets.adobedtm.com googletagmanager.com player.vimeo.com;style-src 'self' 'unsafe-inline' *.googleapis.com *.propelwellness.com *.vimeocdn.com;img-src 'self' data: *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.propelwellness.com *.vimeocdn.com *.ytimg.com stats.g.doubleclick.net www.gstatic.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com;connect-src 'self' *.demdex.net *.google-analytics.com *.googleapis.com *.propelwellness.com *.tvcdemo.com *.vimeocdn.com vimeo.com;media-src 'self' *.propelwellness.com *.vimeocdn.com;frame-src 'self' *.demdex.net *.vimeo.com;object-src 'self'
cf-ray
7183167c7b41d61c-MXP
jquery.validate.unobtrusive-mvc5.2.3.min.js
www.thebewellportal.com/scripts/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thebewellportal.com/scripts/jquery.validate.unobtrusive-mvc5.2.3.min.js
Requested by
Host: www.thebewellportal.com
URL: https://www.thebewellportal.com/en-gb/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11f24140f22f336529a89c2ef3a8c39263c2d48979dd5f4c7c700b022d14a650
Security Headers
Name Value
Content-Security-Policy default-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.vimeocdn.com *.ytimg.com assets.adobedtm.com googletagmanager.com player.vimeo.com;style-src 'self' 'unsafe-inline' *.googleapis.com *.propelwellness.com *.vimeocdn.com;img-src 'self' data: *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.propelwellness.com *.vimeocdn.com *.ytimg.com stats.g.doubleclick.net www.gstatic.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com;connect-src 'self' *.demdex.net *.google-analytics.com *.googleapis.com *.propelwellness.com *.tvcdemo.com *.vimeocdn.com vimeo.com;media-src 'self' *.propelwellness.com *.vimeocdn.com;frame-src 'self' *.demdex.net *.vimeo.com;object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thebewellportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:43:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin,origin
last-modified
Fri, 15 Apr 2022 11:29:16 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"de8f40abc50d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2Bfm045wpc%2F2z6rTQONexxbw1bzHPXQ1Ig%2FAyvfRRT4pjSkYVjMbx8b%2FoBvbM7XzU1RvHE8jvrei6CXKTHr0s4fnF2r4duN%2Bh4mTI49qkThTwEAv3yOy57hkz3cd3cSDavgwGS2OOaYuO4NNrGLc9kYNNLx7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
content-security-policy
default-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.vimeocdn.com *.ytimg.com assets.adobedtm.com googletagmanager.com player.vimeo.com;style-src 'self' 'unsafe-inline' *.googleapis.com *.propelwellness.com *.vimeocdn.com;img-src 'self' data: *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.propelwellness.com *.vimeocdn.com *.ytimg.com stats.g.doubleclick.net www.gstatic.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com;connect-src 'self' *.demdex.net *.google-analytics.com *.googleapis.com *.propelwellness.com *.tvcdemo.com *.vimeocdn.com vimeo.com;media-src 'self' *.propelwellness.com *.vimeocdn.com;frame-src 'self' *.demdex.net *.vimeo.com;object-src 'self'
cf-ray
7183167c7b43d61c-MXP
velocity.min.js
www.thebewellportal.com/scripts/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thebewellportal.com/scripts/velocity.min.js
Requested by
Host: www.thebewellportal.com
URL: https://www.thebewellportal.com/en-gb/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74c3851ffe69f4c341c57ce94398b4d6efdf2cefdfc090e69ee64ff5b5f57cdd
Security Headers
Name Value
Content-Security-Policy default-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.vimeocdn.com *.ytimg.com assets.adobedtm.com googletagmanager.com player.vimeo.com;style-src 'self' 'unsafe-inline' *.googleapis.com *.propelwellness.com *.vimeocdn.com;img-src 'self' data: *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.propelwellness.com *.vimeocdn.com *.ytimg.com stats.g.doubleclick.net www.gstatic.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com;connect-src 'self' *.demdex.net *.google-analytics.com *.googleapis.com *.propelwellness.com *.tvcdemo.com *.vimeocdn.com vimeo.com;media-src 'self' *.propelwellness.com *.vimeocdn.com;frame-src 'self' *.demdex.net *.vimeo.com;object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thebewellportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:43:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin,origin
last-modified
Fri, 15 Apr 2022 11:29:16 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"685f4aabc50d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d48ptZScUw%2BW65r8ml0kxfbFtZt%2By9L1DQWRkDb6TBMzN%2FY4LjRmz%2FA2ss%2FUvlv%2BAB81I%2BzJCs77uR2pN8SLAJLWaYUbLY%2FhkeISOjo8ptVDEhxd5jvKMix8ScB6Ad7axDyhzRC10%2FVSMzv4WtwA8ieWf30V"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
content-security-policy
default-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.vimeocdn.com *.ytimg.com assets.adobedtm.com googletagmanager.com player.vimeo.com;style-src 'self' 'unsafe-inline' *.googleapis.com *.propelwellness.com *.vimeocdn.com;img-src 'self' data: *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.propelwellness.com *.vimeocdn.com *.ytimg.com stats.g.doubleclick.net www.gstatic.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com;connect-src 'self' *.demdex.net *.google-analytics.com *.googleapis.com *.propelwellness.com *.tvcdemo.com *.vimeocdn.com vimeo.com;media-src 'self' *.propelwellness.com *.vimeocdn.com;frame-src 'self' *.demdex.net *.vimeo.com;object-src 'self'
cf-ray
7183167c7b45d61c-MXP
propelapp.js
www.thebewellportal.com/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thebewellportal.com/scripts/propelapp.js
Requested by
Host: www.thebewellportal.com
URL: https://www.thebewellportal.com/en-gb/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d65b97fbf5c4011f77d2642040dc05173d508a66f97ca21387f5288fd1d3e69c
Security Headers
Name Value
Content-Security-Policy default-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.vimeocdn.com *.ytimg.com assets.adobedtm.com googletagmanager.com player.vimeo.com;style-src 'self' 'unsafe-inline' *.googleapis.com *.propelwellness.com *.vimeocdn.com;img-src 'self' data: *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.propelwellness.com *.vimeocdn.com *.ytimg.com stats.g.doubleclick.net www.gstatic.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com;connect-src 'self' *.demdex.net *.google-analytics.com *.googleapis.com *.propelwellness.com *.tvcdemo.com *.vimeocdn.com vimeo.com;media-src 'self' *.propelwellness.com *.vimeocdn.com;frame-src 'self' *.demdex.net *.vimeo.com;object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thebewellportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:43:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin,origin
last-modified
Fri, 15 Apr 2022 11:29:16 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"9d5646abc50d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H7FI48yuT46jWoF5BvFHaE5wtjx%2Ft4DXq70vrW6b9%2BeT7dA%2BiINXGs2eJK08Y3svvaU%2Fv8ECga50MlMve1nCpy72FloJNpfPGy3VGABXRj4tcaXYdL9CqrQY3zuEj6WLR6jnq5nAfcDYIKuQS0ITU5HzdJ7L"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
content-security-policy
default-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.vimeocdn.com *.ytimg.com assets.adobedtm.com googletagmanager.com player.vimeo.com;style-src 'self' 'unsafe-inline' *.googleapis.com *.propelwellness.com *.vimeocdn.com;img-src 'self' data: *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.propelwellness.com *.vimeocdn.com *.ytimg.com stats.g.doubleclick.net www.gstatic.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com;connect-src 'self' *.demdex.net *.google-analytics.com *.googleapis.com *.propelwellness.com *.tvcdemo.com *.vimeocdn.com vimeo.com;media-src 'self' *.propelwellness.com *.vimeocdn.com;frame-src 'self' *.demdex.net *.vimeo.com;object-src 'self'
cf-ray
7183167c7b46d61c-MXP
site.js
www.thebewellportal.com/scripts/ 		58 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thebewellportal.com/scripts/site.js
Requested by
Host: www.thebewellportal.com
URL: https://www.thebewellportal.com/en-gb/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c6d2a92b2b0a166173f7b1d9bd4aff04ce027cb8890d2fdd01a75d3860ef8c3
Security Headers
Name Value
Content-Security-Policy default-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.vimeocdn.com *.ytimg.com assets.adobedtm.com googletagmanager.com player.vimeo.com;style-src 'self' 'unsafe-inline' *.googleapis.com *.propelwellness.com *.vimeocdn.com;img-src 'self' data: *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.propelwellness.com *.vimeocdn.com *.ytimg.com stats.g.doubleclick.net www.gstatic.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com;connect-src 'self' *.demdex.net *.google-analytics.com *.googleapis.com *.propelwellness.com *.tvcdemo.com *.vimeocdn.com vimeo.com;media-src 'self' *.propelwellness.com *.vimeocdn.com;frame-src 'self' *.demdex.net *.vimeo.com;object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thebewellportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:43:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin,origin
last-modified
Fri, 15 Apr 2022 11:29:16 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"7ecb46abc50d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=38C7n6PAeYGvR8qFah90jCBtUafsWRnzvwL9kI5C8LDUlOlQt%2F%2BTSgzV%2B7qpvFuBLqLxcz4w4o%2B5a%2B1J0Ou4cy10ZZblgM8%2BnJMzJKVZWDfxnDhSz8A%2FPdvGkaSdIEbNXhituqH8FeuBmOYaDxVMl1HoZTTY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
content-security-policy
default-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.vimeocdn.com *.ytimg.com assets.adobedtm.com googletagmanager.com player.vimeo.com;style-src 'self' 'unsafe-inline' *.googleapis.com *.propelwellness.com *.vimeocdn.com;img-src 'self' data: *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.propelwellness.com *.vimeocdn.com *.ytimg.com stats.g.doubleclick.net www.gstatic.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com;connect-src 'self' *.demdex.net *.google-analytics.com *.googleapis.com *.propelwellness.com *.tvcdemo.com *.vimeocdn.com vimeo.com;media-src 'self' *.propelwellness.com *.vimeocdn.com;frame-src 'self' *.demdex.net *.vimeo.com;object-src 'self'
cf-ray
7183167c7b4ad61c-MXP
launch-cafe5f2d7584.min.js
assets.adobedtm.com/230591edb41d/0e36d31dddf8/ 		111 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/230591edb41d/0e36d31dddf8/launch-cafe5f2d7584.min.js
Requested by
Host: www.thebewellportal.com
URL: https://www.thebewellportal.com/en-gb/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:df:3a5::1e80 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
38c51c0cee4d3780d06c5941cbbff3ebfc561c12d518c8408bfad3a5f79d3eb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thebewellportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:43:41 GMT
content-encoding
gzip
last-modified
Wed, 05 Feb 2020 09:14:08 GMT
server
AkamaiNetStorage
etag
"dddeda11582224106a20a069015f8185:1580894048.290601"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.thebewellportal.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
36044
expires
Wed, 08 Jun 2022 17:43:41 GMT
headerlogo.png
www.thebewellportal.com/content/themes/barc/assets/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thebewellportal.com/content/themes/barc/assets/headerlogo.png
Requested by
Host: www.thebewellportal.com
URL: https://www.thebewellportal.com/en-gb/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d8fa57d20b77a75c02b10d60157a2b30b486d564a5c7f07bc8fefb4439e7688
Security Headers
Name Value
Content-Security-Policy default-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.vimeocdn.com *.ytimg.com assets.adobedtm.com googletagmanager.com player.vimeo.com;style-src 'self' 'unsafe-inline' *.googleapis.com *.propelwellness.com *.vimeocdn.com;img-src 'self' data: *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.propelwellness.com *.vimeocdn.com *.ytimg.com stats.g.doubleclick.net www.gstatic.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com;connect-src 'self' *.demdex.net *.google-analytics.com *.googleapis.com *.propelwellness.com *.tvcdemo.com *.vimeocdn.com vimeo.com;media-src 'self' *.propelwellness.com *.vimeocdn.com;frame-src 'self' *.demdex.net *.vimeo.com;object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thebewellportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:43:41 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
9285
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin,origin
last-modified
Fri, 15 Apr 2022 11:29:16 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"8b3520abc50d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mXmM9XeZ5p7eLwHUKdlMtU8NQUHqbTh1CP3OkNmLr5rqY4WvCkN2erwz7P32vLZDT17WUs3FWs7Axkh3spzlrnf%2FHvNT53CPFggCAXzUV6Jd%2F4454Le6K4YZtlRtH9JvPS44O%2BxhxMlhXgjozcRFbyBRZHx2"}],"group":"cf-nel","max_age":604800}
content-type
image/png
content-security-policy
default-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.vimeocdn.com *.ytimg.com assets.adobedtm.com googletagmanager.com player.vimeo.com;style-src 'self' 'unsafe-inline' *.googleapis.com *.propelwellness.com *.vimeocdn.com;img-src 'self' data: *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.propelwellness.com *.vimeocdn.com *.ytimg.com stats.g.doubleclick.net www.gstatic.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com;connect-src 'self' *.demdex.net *.google-analytics.com *.googleapis.com *.propelwellness.com *.tvcdemo.com *.vimeocdn.com vimeo.com;media-src 'self' *.propelwellness.com *.vimeocdn.com;frame-src 'self' *.demdex.net *.vimeo.com;object-src 'self'
accept-ranges
bytes
cf-ray
7183167dbce6d61c-MXP
bg-pagegraphic.jpg
www.thebewellportal.com/content/themes/barc/assets/ 		61 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thebewellportal.com/content/themes/barc/assets/bg-pagegraphic.jpg
Requested by
Host: www.thebewellportal.com
URL: https://www.thebewellportal.com/content/themes/barc/portal.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1711d7e8508cde7d5740e0fc066c24f000371a824597ba42cf481a429b4116b
Security Headers
Name Value
Content-Security-Policy default-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.vimeocdn.com *.ytimg.com assets.adobedtm.com googletagmanager.com player.vimeo.com;style-src 'self' 'unsafe-inline' *.googleapis.com *.propelwellness.com *.vimeocdn.com;img-src 'self' data: *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.propelwellness.com *.vimeocdn.com *.ytimg.com stats.g.doubleclick.net www.gstatic.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com;connect-src 'self' *.demdex.net *.google-analytics.com *.googleapis.com *.propelwellness.com *.tvcdemo.com *.vimeocdn.com vimeo.com;media-src 'self' *.propelwellness.com *.vimeocdn.com;frame-src 'self' *.demdex.net *.vimeo.com;object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thebewellportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:43:41 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
62852
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin,origin
last-modified
Fri, 15 Apr 2022 11:29:16 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"38620abc50d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFPMbei%2BeDZmurFoa78DWnEZ%2BOqH8lObQV%2FjyxfuMNi8aycAghyBenOrGP%2BhO4i9NN5qx%2BaoK6yf5YlFBBivzB4HO2dK4v9UrF5UeqYganXN5FYbCiyIcPpqIw%2B2DNQgXCS0DunSxzpNTo3WK%2B79NfKpgUVK"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
content-security-policy
default-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.vimeocdn.com *.ytimg.com assets.adobedtm.com googletagmanager.com player.vimeo.com;style-src 'self' 'unsafe-inline' *.googleapis.com *.propelwellness.com *.vimeocdn.com;img-src 'self' data: *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.propelwellness.com *.vimeocdn.com *.ytimg.com stats.g.doubleclick.net www.gstatic.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com;connect-src 'self' *.demdex.net *.google-analytics.com *.googleapis.com *.propelwellness.com *.tvcdemo.com *.vimeocdn.com vimeo.com;media-src 'self' *.propelwellness.com *.vimeocdn.com;frame-src 'self' *.demdex.net *.vimeo.com;object-src 'self'
accept-ranges
bytes
cf-ray
7183167ddd10d61c-MXP
propelfont.ttf
www.thebewellportal.com/fonts/propelfont/ 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thebewellportal.com/fonts/propelfont/propelfont.ttf?v1.1
Requested by
Host: www.thebewellportal.com
URL: https://www.thebewellportal.com/fonts/propelfont.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85d45ca6dec4394d9a93b39c1436b214495214e3b186e97aa77bd2d725c28541
Security Headers
Name Value
Content-Security-Policy default-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.vimeocdn.com *.ytimg.com assets.adobedtm.com googletagmanager.com player.vimeo.com;style-src 'self' 'unsafe-inline' *.googleapis.com *.propelwellness.com *.vimeocdn.com;img-src 'self' data: *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.propelwellness.com *.vimeocdn.com *.ytimg.com stats.g.doubleclick.net www.gstatic.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com;connect-src 'self' *.demdex.net *.google-analytics.com *.googleapis.com *.propelwellness.com *.tvcdemo.com *.vimeocdn.com vimeo.com;media-src 'self' *.propelwellness.com *.vimeocdn.com;frame-src 'self' *.demdex.net *.vimeo.com;object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thebewellportal.com/
Origin
https://www.thebewellportal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:43:41 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
69360
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin,origin
last-modified
Fri, 15 Apr 2022 11:29:13 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"bb75c38bc50d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2FvvwCS2OgUs5CWgOhceuCXVq9Phpbdop%2FFEsode6UYcdLFyhCL1Pb9g5OIJZhS3QNqCXzc6B7lR5iVRVHyBxgnTpa6DiY7hFHzlcEXu2RMOa91RzZXbz%2FAmRvPMNGmDNGsjtFq0ExAvhEfutdIFxSEti%2B%2F7"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
content-security-policy
default-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.vimeocdn.com *.ytimg.com assets.adobedtm.com googletagmanager.com player.vimeo.com;style-src 'self' 'unsafe-inline' *.googleapis.com *.propelwellness.com *.vimeocdn.com;img-src 'self' data: *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.propelwellness.com *.vimeocdn.com *.ytimg.com stats.g.doubleclick.net www.gstatic.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com;connect-src 'self' *.demdex.net *.google-analytics.com *.googleapis.com *.propelwellness.com *.tvcdemo.com *.vimeocdn.com vimeo.com;media-src 'self' *.propelwellness.com *.vimeocdn.com;frame-src 'self' *.demdex.net *.vimeo.com;object-src 'self'
accept-ranges
bytes
cf-ray
7183167dfd30d61c-MXP
id
dpm.demdex.net/ 		602 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=14CF22CE52782FEA0A490D4D%40AdobeOrg&d_nsid=0&ts=1654706621192
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/230591edb41d/0e36d31dddf8/launch-cafe5f2d7584.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.67.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-67-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2ff3ec324524c46bc7a6a4dd015ac2de3b6d453847e32c99fad63d93c5ba44fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.thebewellportal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v034-07885c986.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
TaCblSXXRS0=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.thebewellportal.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
444
Expires
Thu, 01 Jan 1970 00:00:00 UTC
EX22b47351f9df49029b82db161a090216-libraryCode_source.min.js
assets.adobedtm.com/230591edb41d/0e36d31dddf8/e264979783e0/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/230591edb41d/0e36d31dddf8/e264979783e0/EX22b47351f9df49029b82db161a090216-libraryCode_source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/230591edb41d/0e36d31dddf8/launch-cafe5f2d7584.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:df:3a5::1e80 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2a1d06a1f024f3e35eaf30e1decc29b13249227732892d18ae46df234c1cd93c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thebewellportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:43:41 GMT
content-encoding
gzip
last-modified
Wed, 05 Feb 2020 09:14:09 GMT
server
AkamaiNetStorage
etag
"96421b64b3d7f356502a885abe34a87f:1580894049.352876"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.thebewellportal.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
13010
expires
Wed, 08 Jun 2022 17:43:41 GMT
dest5.html
barclaysbankplc.demdex.net/ Frame CA39 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://barclaysbankplc.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/230591edb41d/0e36d31dddf8/launch-cafe5f2d7584.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.126.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-126-16.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.thebewellportal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-2-v034-01a44928c.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
gjG09GYdQ7k=
content-encoding
gzip
date
Wed, 8 Jun 2022 16:43:41 GMT
last-modified
Wed, 8 Jun 2022 13:40:06 GMT
vary
accept-encoding
id
barclaysexecutionservices.sc.omtrdc.net/ 		0
0
dd
cm.everesttech.net/cm/ 		0
0
s39768802990619
barclaysexecutionservices.sc.omtrdc.net/b/ss/besbewellportalprod/1/JS-2.14.0-L9UP/ 		43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://barclaysexecutionservices.sc.omtrdc.net/b/ss/besbewellportalprod/1/JS-2.14.0-L9UP/s39768802990619?AQB=1&ndh=1&pf=1&t=8%2F5%2F2022%2016%3A43%3A41%203%200&mid=30026914897697810911094302002087333012&aamlh=6&ce=UTF-8&cdp=2&fpCookieDomainPeriods=2&g=https%3A%2F%2Fwww.thebewellportal.com%2Fen-gb%2Flogin&c.&page_load_time=772&.c&cc=GBP&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c7=772&c8=gb&c9=en&c10=production&c15=30026914897697810911094302002087333012&c16=https%3A%2F%2Fwww.thebewellportal.com%2Fen-gb%2Flogin&v16=web&c39=web&v39=D%3Dc15&v41=D%3Dc1&v42=D%3Dc2&v43=D%3Dc3&v44=D%3Dc4&v45=gb&v48=gbp&c49=gbp&v49=year%3D2022%20%7C%20month%3DJune%20%7C%20date%3D8%20%7C%20day%3DWednesday%20%7C%20time%3D4%3A43%20PM&c58=2022-06-08T16%3A43%3A41.419Z&c70=www.thebewellportal.com&v73=D%3Dc16&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=14CF22CE52782FEA0A490D4D%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.thebewellportal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 16:43:41 GMT
x-content-type-options
nosniff
x-c
main-1645.Id526ce.M0-571
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Thu, 09 Jun 2022 16:43:41 GMT
server
jag
xserver
anedge-df488f754-8gs7h
etag
3553455411040976896-4619838948989171012
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Tue, 07 Jun 2022 16:43:41 GMT
ibs:dpid=771&dpuuid=CAESEK_WDWD4sMs4FQu6HjfeOGU&google_cver=1
dpm.demdex.net/ Frame CA39
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjY3NTI3NTMyODk0NDM2MDQyNDAyNjI0NjM3NTA0NjA4NDYxMTE=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MjY3NTI3NTMyODk0NDM2MDQyNDAyNjI0NjM3NTA0NjA4NDYxMTE=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEK_WDWD4sMs4FQu6HjfeOGU&google_cver=1?gdpr=0&gdpr_consent=
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEK_WDWD4sMs4FQu6HjfeOGU&google_cver=1?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.30.67.107 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-67-107.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://barclaysbankplc.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v034-0ba055f33.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
gKl06aNySoI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 08 Jun 2022 16:43:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEK_WDWD4sMs4FQu6HjfeOGU&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
barclaysexecutionservices.sc.omtrdc.net
URL
https://barclaysexecutionservices.sc.omtrdc.net/id?d_visid_ver=4.5.2&d_fieldgroup=A&mcorgid=14CF22CE52782FEA0A490D4D%40AdobeOrg&mid=30026914897697810911094302002087333012&ts=1654706621409
Domain
cm.everesttech.net
URL
https://cm.everesttech.net/cm/dd?d_uuid=26752753289443604240262463750460846111

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| $ function| jQuery object| DIY object| _$util object| conf object| datacontext object| $vimeoIframes boolean| hasVimeoVideo boolean| vimeoApiLoaded function| initAccordion function| initAccordionIncentive function| tvcParentToggleDropdown function| tvcToggleDropdown function| tvcToggleMainMenu function| updateDetailPanel function| toggleAccordionContent function| toggleIncentiveAccordionContent function| invalidRange function| isNonInt function| stringReplace function| GetURLParameter object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq string| s_account string| siteUrl object| s number| s_objectID number| s_giq number| s_loadT object| s_Obj function| s_PPVevent number| s_PPVt object| s_i_besbewellportalprod

12 Cookies

Domain/Path Name / Value
www.thebewellportal.com/ Name: ASP.NET_SessionId
Value: bit3mmqdwumjbn2hvstikeg3
www.thebewellportal.com/ Name: __RequestVerificationToken
Value: 62U6djl1yGQTaQZwFs0e7lxJK9GNoVRVMhhgVSK6zlsRZ7ifNtBEV5Wh-y3H07QXCRvWBOFUrhpqnUhJXoUDPLEiWym9Quhhz-KmbW6XVSg1
.demdex.net/ Name: demdex
Value: 26752753289443604240262463750460846111
.thebewellportal.com/ Name: AMCVS_14CF22CE52782FEA0A490D4D%40AdobeOrg
Value: 1
.thebewellportal.com/ Name: AMCV_14CF22CE52782FEA0A490D4D%40AdobeOrg
Value: -432600572%7CMCIDTS%7C19152%7CMCMID%7C30026914897697810911094302002087333012%7CMCAAMLH-1655311421%7C6%7CMCAAMB-1655311421%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1654713821s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C4.5.2
.thebewellportal.com/ Name: aa_pp
Value: no%20value
.thebewellportal.com/ Name: s_ppvl
Value: %5B%5BB%5D%5D
.thebewellportal.com/ Name: s_cc
Value: true
.demdex.net/ Name: dextp
Value: 771-1-1654706621569
.doubleclick.net/ Name: IDE
Value: AHWqTUl8jFIfS5TbG5wc5Y8kWlfWhVkADS3PCXxgxyUH1rZT4HxC44k4JQ5v6Q0D8AE
.dpm.demdex.net/ Name: dpm
Value: 26752753289443604240262463750460846111
.thebewellportal.com/ Name: s_ppv
Value: https%253A%2F%2Fwww.thebewellportal.com%2Fen-gb%2Flogin%2C100%2C100%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CL

2 Console Messages

Source Level URL
Text
security error URL: https://assets.adobedtm.com/230591edb41d/0e36d31dddf8/launch-cafe5f2d7584.min.js(Line 2)
Message:
Refused to connect to 'https://barclaysexecutionservices.sc.omtrdc.net/id?d_visid_ver=4.5.2&d_fieldgroup=A&mcorgid=14CF22CE52782FEA0A490D4D%40AdobeOrg&mid=30026914897697810911094302002087333012&ts=1654706621409' because it violates the following Content Security Policy directive: "connect-src 'self' *.demdex.net *.google-analytics.com *.googleapis.com *.propelwellness.com *.tvcdemo.com *.vimeocdn.com vimeo.com".
security error URL: https://www.thebewellportal.com/en-gb/login
Message:
Refused to load the image 'https://cm.everesttech.net/cm/dd?d_uuid=26752753289443604240262463750460846111' because it violates the following Content Security Policy directive: "img-src 'self' data: *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.propelwellness.com *.vimeocdn.com *.ytimg.com stats.g.doubleclick.net www.gstatic.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.vimeocdn.com *.ytimg.com assets.adobedtm.com googletagmanager.com player.vimeo.com;style-src 'self' 'unsafe-inline' *.googleapis.com *.propelwellness.com *.vimeocdn.com;img-src 'self' data: *.207.net *.demdex.net *.google.com *.google-analytics.com *.googleapis.com *.omtrdc.net *.propelwellness.com *.vimeocdn.com *.ytimg.com stats.g.doubleclick.net www.gstatic.com;font-src 'self' fonts.googleapis.com fonts.gstatic.com;connect-src 'self' *.demdex.net *.google-analytics.com *.googleapis.com *.propelwellness.com *.tvcdemo.com *.vimeocdn.com vimeo.com;media-src 'self' *.propelwellness.com *.vimeocdn.com;frame-src 'self' *.demdex.net *.vimeo.com;object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
barclaysbankplc.demdex.net
barclaysexecutionservices.sc.omtrdc.net
cm.everesttech.net
cm.g.doubleclick.net
dpm.demdex.net
www.thebewellportal.com
barclaysexecutionservices.sc.omtrdc.net
cm.everesttech.net
142.250.186.34
15.188.95.229
2606:4700:20::681a:1be
2a02:26f0:df:3a5::1e80
34.241.126.16
52.30.67.107
067f2bdfd0ae61edc0ce989aab383bf1efaa1512edbe704341e2d7f6cfe06662
0d8fa57d20b77a75c02b10d60157a2b30b486d564a5c7f07bc8fefb4439e7688
0e6f7de8598f2a074a5407c5c097b2db7f9a3f49ba355915295aef62d0e23781
11f24140f22f336529a89c2ef3a8c39263c2d48979dd5f4c7c700b022d14a650
165c0e0d2f738baf2d7dc381f5a37a968cf0f323c00acabeb12372ec45ed97cf
2a1d06a1f024f3e35eaf30e1decc29b13249227732892d18ae46df234c1cd93c
2ff3ec324524c46bc7a6a4dd015ac2de3b6d453847e32c99fad63d93c5ba44fc
38c51c0cee4d3780d06c5941cbbff3ebfc561c12d518c8408bfad3a5f79d3eb7
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
74c3851ffe69f4c341c57ce94398b4d6efdf2cefdfc090e69ee64ff5b5f57cdd
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c6d2a92b2b0a166173f7b1d9bd4aff04ce027cb8890d2fdd01a75d3860ef8c3
7e2b51a5f823d42d93b689b7193291dc25dc143c951aed77bcbae6219613fa99
85d45ca6dec4394d9a93b39c1436b214495214e3b186e97aa77bd2d725c28541
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
c4ec8763c6f7c6b9efc4a180baadbc2a4eaf9317f2781c9a4705c8c56774993d
d65b97fbf5c4011f77d2642040dc05173d508a66f97ca21387f5288fd1d3e69c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1711d7e8508cde7d5740e0fc066c24f000371a824597ba42cf481a429b4116b