urlscan.io logo urlscan.io
SecurityTrails logo

www.rallyhealth.com Open in urlscan Pro
149.126.77.158  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.yourhealth-wellnessteam.com/?qs=831fdcef060be788d82afa923b1665e8ee6a00a5f3395525de23e8fe9832155f21368ff36a5d4568ef4a1f0aa87c...
Effective URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq...
Submission: On October 20 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 32 IPs in 6 countries across 30 domains to perform 71 HTTP transactions. The main IP is 149.126.77.158, located in Frankfurt am Main, Germany and belongs to INCAPSULA, US. The main domain is www.rallyhealth.com. The Cisco Umbrella rank of the primary domain is 402071.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 12th 2022. Valid for: a year.
This is the only time www.rallyhealth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.111.39.86 22606 (EXACT-7)
1 1 192.230.66.158 19551 (INCAPSULA)
16 149.126.77.158 19551 (INCAPSULA)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 65.9.92.184 16509 (AMAZON-02)
1 2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a04:4e42:3::720 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.64.108.125 16509 (AMAZON-02)
4 52.30.136.252 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
3 2600:9000:212... 16509 (AMAZON-02)
1 1 34.251.26.3 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 52.26.182.5 16509 (AMAZON-02)
2 2a03:2880:f12... 32934 (FACEBOOK)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.43.14 8068 (MICROSOFT...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2 142.250.185.226 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 35.71.131.137 16509 (AMAZON-02)
1 216.46.185.182 13649 (ASN-VINS)
1 65.9.95.16 16509 (AMAZON-02)
1 65.9.95.88 16509 (AMAZON-02)
1 65.9.95.120 16509 (AMAZON-02)
1 15.236.176.210 16509 (AMAZON-02)
1 34.249.113.6 16509 (AMAZON-02)
2 2 54.217.231.82 16509 (AMAZON-02)
1 2 65.9.95.7 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
1 151.101.66.137 54113 (FASTLY)
1 162.247.241.14 23467 (NEWRELIC-...)
71 32
1    13.111.39.86 (United States)

ASN22606 (EXACT-7, US)
PTR: click.yourhealth-wellnessteam.com
click.yourhealth-wellnessteam.com
1    192.230.66.158 (Canada)

ASN19551 (INCAPSULA, US)
PTR: 192.230.66.158.ip.incapdns.net
rallyhealth.com
16    149.126.77.158 (Frankfurt am Main, Germany)

ASN19551 (INCAPSULA, US)
PTR: 149.126.77.158.ip.incapdns.net
www.rallyhealth.com
3    2606:4700::6811:f349 (United States)

ASN13335 (CLOUDFLARENET, US)
hello.myfonts.net
2    2a02:26f0:480:287::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
2    65.9.92.184 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-92-184.prg50.r.cloudfront.net
api.tiles.mapbox.com
2    2606:4700:20::681a:bcb (United States)

ASN13335 (CLOUDFLARENET, US)
npmcdn.com
2    2a04:4e42:3::720 (United States)

ASN54113 (FASTLY, US)
rally-health-prod.imgix.net
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    18.64.108.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-108-125.txl50.r.cloudfront.net
cdn.amplitude.com
4    52.30.136.252 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-136-252.eu-west-1.compute.amazonaws.com
dpm.demdex.net
unitedhealthgroup.demdex.net
4    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2600:9000:2127:9400:4:f286:6800:93a1 (United States)

ASN16509 (AMAZON-02, US)
d362armbx6l2g0.cloudfront.net
1    34.251.26.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-26-3.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
4    52.26.182.5 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-26-182-5.us-west-2.compute.amazonaws.com
api.amplitude.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.43.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
4    2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
2    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
2    2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    216.46.185.182 (Littleton, United States)

ASN13649 (ASN-VINS, US)
global.ib-ibi.com
1    65.9.95.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-16.prg50.r.cloudfront.net
tag.demandbase.com
1    65.9.95.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-88.prg50.r.cloudfront.net
pagestates-tracking.crazyegg.com
1    65.9.95.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-120.prg50.r.cloudfront.net
assets-tracking.crazyegg.com
1    15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
smetrics.optum.com
1    34.249.113.6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-113-6.eu-west-1.compute.amazonaws.com
tracking.crazyegg.com
2    54.217.231.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-231-82.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    65.9.95.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-7.prg50.r.cloudfront.net
segments.company-target.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
Apex Domain
Subdomains		 Transfer
17 rallyhealth.com
rallyhealth.com — Cisco Umbrella Rank: 342144
www.rallyhealth.com — Cisco Umbrella Rank: 402071
2 MB
7 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 1773
pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 3881
assets-tracking.crazyegg.com — Cisco Umbrella Rank: 3900
tracking.crazyegg.com — Cisco Umbrella Rank: 3878
35 KB
5 amplitude.com
cdn.amplitude.com — Cisco Umbrella Rank: 2741
api.amplitude.com — Cisco Umbrella Rank: 1386
26 KB
4 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
1 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 375
www.linkedin.com — Cisco Umbrella Rank: 591
px4.ads.linkedin.com — Cisco Umbrella Rank: 6090
3 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
63 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 214
unitedhealthgroup.demdex.net — Cisco Umbrella Rank: 22318
7 KB
3 cloudfront.net
d362armbx6l2g0.cloudfront.net
48 KB
3 myfonts.net
hello.myfonts.net — Cisco Umbrella Rank: 5462
2 company-target.com
segments.company-target.com — Cisco Umbrella Rank: 1301
1 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 508
1 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 96
53 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
203 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
112 KB
2 imgix.net
rally-health-prod.imgix.net — Cisco Umbrella Rank: 580549
140 KB
2 npmcdn.com
npmcdn.com — Cisco Umbrella Rank: 22344
151 KB
2 mapbox.com
api.tiles.mapbox.com — Cisco Umbrella Rank: 11974
226 KB
2 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 490
61 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 226
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 343
10 KB
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 584
98 B
1 optum.com
smetrics.optum.com — Cisco Umbrella Rank: 19332
372 B
1 demandbase.com
tag.demandbase.com — Cisco Umbrella Rank: 4793
16 KB
1 ib-ibi.com
global.ib-ibi.com — Cisco Umbrella Rank: 1886
72 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
265 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 742
3 KB
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1073
517 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
74 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 306
30 KB
1 yourhealth-wellnessteam.com
click.yourhealth-wellnessteam.com — Cisco Umbrella Rank: 169409
312 B
71 30
Domain Requested by
16 www.rallyhealth.com www.rallyhealth.com
4 script.crazyegg.com www.googletagmanager.com
script.crazyegg.com
4 api.amplitude.com www.rallyhealth.com
4 www.google-analytics.com www.rallyhealth.com
www.google-analytics.com
3 d362armbx6l2g0.cloudfront.net www.rallyhealth.com
3 dpm.demdex.net www.rallyhealth.com
3 hello.myfonts.net www.rallyhealth.com
2 segments.company-target.com 1 redirects www.rallyhealth.com
2 match.prod.bidr.io 2 redirects
2 stats.g.doubleclick.net www.rallyhealth.com
2 cm.g.doubleclick.net 2 redirects
2 www.youtube.com www.googletagmanager.com
www.youtube.com
2 px.ads.linkedin.com 2 redirects
2 www.facebook.com www.rallyhealth.com
2 connect.facebook.net www.rallyhealth.com
connect.facebook.net
2 rally-health-prod.imgix.net www.rallyhealth.com
2 npmcdn.com 1 redirects www.rallyhealth.com
2 api.tiles.mapbox.com www.rallyhealth.com
2 assets.adobedtm.com www.rallyhealth.com
assets.adobedtm.com
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com www.rallyhealth.com
1 id.rlcdn.com www.rallyhealth.com
1 tracking.crazyegg.com script.crazyegg.com
1 smetrics.optum.com www.rallyhealth.com
1 assets-tracking.crazyegg.com script.crazyegg.com
1 pagestates-tracking.crazyegg.com script.crazyegg.com
1 tag.demandbase.com www.rallyhealth.com
1 global.ib-ibi.com www.rallyhealth.com
1 match.adsrvr.org www.rallyhealth.com
1 px4.ads.linkedin.com www.rallyhealth.com
1 www.linkedin.com 1 redirects
1 snap.licdn.com www.rallyhealth.com
1 cm.everesttech.net 1 redirects
1 unitedhealthgroup.demdex.net assets.adobedtm.com
1 www.googletagmanager.com www.rallyhealth.com
1 cdn.amplitude.com www.rallyhealth.com
1 ajax.googleapis.com www.rallyhealth.com
1 rallyhealth.com 1 redirects
1 click.yourhealth-wellnessteam.com 1 redirects
71 39

This site contains links to these domains. Also see Links.

Domain
accounts.werally.com
rallyhealth.com
Subject Issuer Validity Valid
www.rallyhealth.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-12 -
2023-04-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-09 -
2023-06-09		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
api.mapbox.com
Amazon		 2022-01-06 -
2023-02-04		 a year crt.sh
*.imgix.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-06-01 -
2023-07-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
cdn.amplitude.com
Amazon		 2021-12-17 -
2023-01-14		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-30 -
2022-10-28		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA		 2022-01-28 -
2023-02-28		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.ib-ibi.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-01 -
2023-04-01		 a year crt.sh
tag.demandbase.com
Go Daddy Secure Certificate Authority - G2		 2022-08-17 -
2023-09-18		 a year crt.sh
crazyegg.com
Amazon		 2022-06-27 -
2023-07-26		 a year crt.sh
smetrics.optum.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-20 -
2023-04-20		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh

This page contains 4 frames:

Primary Page: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Frame ID: B577C8A222527B092FFCCB4F8EA2B882
Requests: 60 HTTP requests in this frame

Frame: https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0
Frame ID: CCD6A325BE1A7ECDA8D1AF4E0D2388F8
Requests: 4 HTTP requests in this frame

Frame: https://script.crazyegg.com/pages/data-scripts/0068/2727/site/www.rallyhealth.com.json?t=1
Frame ID: EC5752A0E43D38125271057352444902
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 604F76BDF07AA161311493485F1EA928
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Quit-For-Life | Rally Health

Page URL History Show full URLs

  1. https://click.yourhealth-wellnessteam.com/?qs=831fdcef060be788d82afa923b1665e8ee6a00a5f3395525de23e8fe9832155f21368ff3... HTTP 302
    https://rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q... HTTP 301
    https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • mapbox-gl.js
Overall confidence: 100%
Detected patterns
  • cdn\.amplitude\.com
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • (turf@[\d.]+)?/?turf\.min\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

71
Requests

90 %
HTTPS

41 %
IPv6

30
Domains

39
Subdomains

32
IPs

6
Countries

2649 kB
Transfer

10738 kB
Size

34
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.yourhealth-wellnessteam.com/?qs=831fdcef060be788d82afa923b1665e8ee6a00a5f3395525de23e8fe9832155f21368ff36a5d4568ef4a1f0aa87caa2c167614aca6aa0856 HTTP 302
    https://rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH HTTP 301
    https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://npmcdn.com/@turf/turf/turf.min.js HTTP 302
  • https://npmcdn.com/@turf/turf@6.5.0/turf.min.js
Request Chain 31
  • https://cm.everesttech.net/cm/dd?d_uuid=14867756489219285053281679556747438914 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1GQZwAAAItTIQN6
Request Chain 39
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=31163&time=1666289767395&url=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum%26utm_medium%3Demail%26utm_campaign%3DQFL-Awareness_Q4_OO%26utm_content%3DAcq_Q4_EM1_OptOut_UH HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D31163%26time%3D1666289767395%26url%3Dhttps%253A%252F%252Fwww.rallyhealth.com%252Fquit-for-life%253Futm_source%253DOptum%2526utm_medium%253Demail%2526utm_campaign%253DQFL-Awareness_Q4_OO%2526utm_content%253DAcq_Q4_EM1_OptOut_UH%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=31163&time=1666289767395&url=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum%26utm_medium%3Demail%26utm_campaign%3DQFL-Awareness_Q4_OO%26utm_content%3DAcq_Q4_EM1_OptOut_UH&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=31163&time=1666289767395&url=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum%26utm_medium%3Demail%26utm_campaign%3DQFL-Awareness_Q4_OO%26utm_content%3DAcq_Q4_EM1_OptOut_UH&liSync=true&e_ipv6=AQKm1o-DNEDhXQAAAYP2nB3NEg7hr4hyAIc7L-f7s5l0vsvGV65BF9pgRyRxM9OoEVDxVnRMcoIZ
Request Chain 45
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTQ4Njc3NTY0ODkyMTkyODUwNTMyODE2Nzk1NTY3NDc0Mzg5MTQ= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MTQ4Njc3NTY0ODkyMTkyODUwNTMyODE2Nzk1NTY3NDc0Mzg5MTQ=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGUdhjx6efnBtdwL8MVUqxg&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 66
  • https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
  • https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
  • https://segments.company-target.com/log?vendor=choca&user_id=AAAfpk7GoyEAAB8PtRhPHA HTTP 303
  • https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAAfpk7GoyEAAB8PtRhPHA&verifyHash=364ea9f47588d51e50ed760824443d26b58d7032

71 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request quit-for-life
www.rallyhealth.com/
Redirect Chain
  • https://click.yourhealth-wellnessteam.com/?qs=831fdcef060be788d82afa923b1665e8ee6a00a5f3395525de23e8fe9832155f21368ff36a5d4568ef4a1f0aa87caa2c167614aca6aa0856
  • https://rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
  • https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
108 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.158.ip.incapdns.net
Software
/ Craft CMS
Resource Hash
0d9d0921a29946f00c08ad01a5ae84efdabd8e3d2d4a4369d76a6718487fdd05

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 20 Oct 2022 18:16:06 GMT
vary
Accept-Encoding
x-cdn
Imperva
x-iinfo
11-15061441-15061446 NNNN CT(96 196 0) RT(1666289766230 18) q(0 0 3 0) r(4 5) U5
x-powered-by
Craft CMS

Redirect headers

content-length
0
location
https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
350914
hello.myfonts.net/count/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hello.myfonts.net/count/350914
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:f349 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
launch-9e740193cc86.min.js
assets.adobedtm.com/512027f42d3c/5ef16568c699/ 		150 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/512027f42d3c/5ef16568c699/launch-9e740193cc86.min.js
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:287::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e24b2cc040bd00c415b990e9603679b7ce0ad4aa1e8f4fcfb708a15841ed817a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 18:16:06 GMT
content-encoding
gzip
last-modified
Tue, 24 May 2022 12:38:49 GMT
server
AkamaiNetStorage
etag
"d43ec710388efd5587f692efc772ed5d:1653395929.815414"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.rallyhealth.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
49981
expires
Thu, 20 Oct 2022 19:16:06 GMT
mapbox-gl.js
api.tiles.mapbox.com/mapbox-gl-js/v2.3.0/ 		828 KB
221 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.tiles.mapbox.com/mapbox-gl-js/v2.3.0/mapbox-gl.js
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.92.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-92-184.prg50.r.cloudfront.net
Software
/ Express
Resource Hash
98b379ff20a6b4b9084d4455e206aa66e5b522cb419efc36200ffc73b32abe81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Fri, 26 Aug 2022 01:09:53 GMT
Content-Encoding
gzip
Via
1.1 32f35b6a71829a460d6fdae31f270164.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PRG50-C1
Age
4813573
X-Powered-By
Express
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed May 26 2021 00:27:18 GMT+0000 (Coordinated Universal Time)
ETag
"a7672b6a5c894e783270197e99036a8c"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
X-Amz-Cf-Id
c4rZVTVKIsICDroYr_6hldXnqnS17ZKtu5diS_NHnpv7uHIPHlVnBg==
mapbox-gl.css
api.tiles.mapbox.com/mapbox-gl-js/v2.3.0/ 		34 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api.tiles.mapbox.com/mapbox-gl-js/v2.3.0/mapbox-gl.css
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.92.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-92-184.prg50.r.cloudfront.net
Software
/ Express
Resource Hash
5adc121bddb887b4d757aa9aa59f31e4636557f9f9457129d0acc1382e27333c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 04:51:54 GMT
Content-Encoding
gzip
Via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PRG50-C1
Age
9206652
X-Powered-By
Express
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed May 26 2021 00:27:39 GMT+0000 (Coordinated Universal Time)
ETag
"e1c40426e607d9e6076e76417e51eef5"
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
X-Amz-Cf-Id
duBS9UjdPLfDzUwkOPZYEb1jJ_k3LdUAg4l4VeWrqA5zJd6FwOaVWQ==
turf.min.js
npmcdn.com/@turf/turf@6.5.0/
Redirect Chain
  • https://npmcdn.com/@turf/turf/turf.min.js
  • https://npmcdn.com/@turf/turf@6.5.0/turf.min.js
590 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://npmcdn.com/@turf/turf@6.5.0/turf.min.js
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Server
2606:4700:20::681a:bcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d00f3e8ff8a8f9c103dad61c2fd4bb58143e1404aadfdf09e29b6db1a2de0a3f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 18:16:06 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
23194034
content-encoding
br
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01FT826BVH2FK3FCBWTWNFQTJW
server
cloudflare
etag
W/"939c2-B/O2XVTbZ/U8c28UNSVGFwzH8yM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uE306%2FGDMGspzneewxMlzQ06Nt5z3gn4LdBsMqHNGCFw2Y9cdkMGNIizoVyfeiWBHwjUag%2Bh9IQcfykFvF6Pf5MMkpTyN%2FY3ouFh06lYMN%2BrRzxRhQDOVJYkXR%2F6xB5yrF5n%2BbyTsIM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
75d3be230f3b9054-FRA

Redirect headers

date
Thu, 20 Oct 2022 18:16:06 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
195
fly-request-id
01GFV9J5FTJQADZC9AYBWMK61C-fra
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z79OX6Oa6VBERojlYRm3BMaKb3QRDC0tZhmok8UVEb9vnEZ3CicBRyvGja9k1eup58s40561ww%2Bjy2m1FcgKvJ4d%2F1rraBkby3WHEY9UotW%2FLVlHCsIPR42F5y8AUT%2F90Mwl6dWD9IE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/@turf/turf@6.5.0/turf.min.js
cache-control
public, max-age=14400, s-maxage=600
cf-ray
75d3be22eee89054-FRA
main.min.css
www.rallyhealth.com/css/ 		165 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rallyhealth.com/css/main.min.css?v=1665766149
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.158.ip.incapdns.net
Software
/
Resource Hash
8638de9b84a29135f93ddf68a554e5bc4f0306b74afdd505b43947251ec2fe7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 18:16:06 GMT
content-encoding
gzip
last-modified
Fri, 14 Oct 2022 16:49:09 GMT
x-cdn
Imperva
etag
W/"63499305-295e9"
vary
Accept-Encoding
content-type
text/css
x-iinfo
11-15061441-15061446 PNNN RT(1666289766230 573) q(0 0 0 -1) r(1 1) U5
cache-control
max-age=31536000
expires
Fri, 20 Oct 2023 18:16:06 GMT
rally-logo.svg
www.rallyhealth.com/assets/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rallyhealth.com/assets/rally-logo.svg
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.158.ip.incapdns.net
Software
/
Resource Hash
3b756aba12395a564274520d1f411b0402a5f745ca1ba3cbe17f89075a227bcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 18:16:07 GMT
content-encoding
gzip
last-modified
Fri, 14 Oct 2022 16:46:10 GMT
x-cdn
Imperva
etag
W/"63499252-19a2"
vary
Accept-Encoding
content-type
image/svg+xml
x-iinfo
11-15061441-15061595 NNNY CT(96 196 0) RT(1666289766230 899) q(0 0 0 -1) r(1 1) U5
cache-control
max-age=31536000
expires
Fri, 20 Oct 2023 18:16:07 GMT
QFL-logo_2x.png
rally-health-prod.imgix.net/Logos/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rally-health-prod.imgix.net/Logos/QFL-logo_2x.png?crop=focalpoint&fit=crop&fp-x=0.5&fp-y=0.5&h=283&q=100&w=800&s=dba603738428dc3af7de443b74dae743
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
82a3a1b3d297e97ecdeda5e8fa261da4ea9d64e08f9a645a472ec26b309d8a90
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-imgix-render-farm
01.560
date
Thu, 20 Oct 2022 18:16:07 GMT
x-content-type-options
nosniff
last-modified
Wed, 12 Oct 2022 12:21:30 GMT
server
imgix
age
712476
x-cache
HIT, HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
bec29abbfec3d640ab8e003804c2e3b3d0ffd581
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35099
x-served-by
cache-sjc10045-SJC, cache-fra19164-FRA
QFL-LP_header-image_2x.png
rally-health-prod.imgix.net/Module-Images/ 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rally-health-prod.imgix.net/Module-Images/QFL-LP_header-image_2x.png?crop=focalpoint&fit=crop&fp-x=0.5&fp-y=0.5&h=400&q=100&w=800&s=ecbe847f4c0ab09817b619bae85a9900
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
a4fa433b1862422fa3d7bb2ba6198421deb8f520b42a009982b625667a5cb200
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-imgix-render-farm
01.560
date
Thu, 20 Oct 2022 18:16:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 09 Oct 2022 21:09:33 GMT
server
imgix
age
939994
x-cache
HIT, HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
ebaca86b67d863b934bd0b174160ee45025d3838
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
108043
x-served-by
cache-sjc10040-SJC, cache-fra19164-FRA
Rally_Arrows_w_tmk.png
www.rallyhealth.com/assets/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rallyhealth.com/assets/Rally_Arrows_w_tmk.png
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.158.ip.incapdns.net
Software
/
Resource Hash
b896279fff3d8bb808e348cc28283721ec6e70165229623948c5239818b4bf4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 18:16:07 GMT
last-modified
Fri, 14 Oct 2022 16:46:10 GMT
x-cdn
Imperva
etag
"63499252-c91"
content-type
image/png
x-iinfo
11-15061441-15061597 NNNN CT(105 229 0) RT(1666289766230 901) q(0 0 3 -1) r(4 4) U5
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3217
expires
Fri, 20 Oct 2023 18:16:07 GMT
rally-logo-reverse.svg
www.rallyhealth.com/assets/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rallyhealth.com/assets/rally-logo-reverse.svg
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.158.ip.incapdns.net
Software
/
Resource Hash
7a03b37a0f12c558430891010aa7374c1fa21371c91c7eddbe327e600c3e597f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 18:16:07 GMT
content-encoding
gzip
last-modified
Fri, 14 Oct 2022 16:46:10 GMT
x-cdn
Imperva
etag
W/"63499252-1b03"
vary
Accept-Encoding
content-type
image/svg+xml
x-iinfo
11-15061441-15061599 NNNY CT(95 196 0) RT(1666289766230 904) q(0 0 0 -1) r(1 1) U5
cache-control
max-age=31536000
expires
Fri, 20 Oct 2023 18:16:07 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 08:07:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
209321
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Oct 2023 08:07:26 GMT
plugin.min.js
www.rallyhealth.com/js/dist/ 		95 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rallyhealth.com/js/dist/plugin.min.js?v=1665766148
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.158.ip.incapdns.net
Software
/
Resource Hash
33654d576736b5d8da1c4a7c0598a364f206aa0df34ba0efc59f42d0e2e6728c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 18:16:07 GMT
content-encoding
gzip
last-modified
Fri, 14 Oct 2022 16:49:08 GMT
x-cdn
Imperva
etag
W/"63499304-17cca"
vary
Accept-Encoding
content-type
application/javascript
x-iinfo
11-15061441-15061446 PNNN RT(1666289766230 825) q(0 0 0 -1) r(1 1) U5
cache-control
max-age=31536000
expires
Fri, 20 Oct 2023 18:16:07 GMT
main.min.js
www.rallyhealth.com/js/dist/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rallyhealth.com/js/dist/main.min.js?v=1665766148
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.158.ip.incapdns.net
Software
/
Resource Hash
1844f10c93b29aaa35de3dab61a922a6065eff572a7ad2f74cfde412a9f86662

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 18:16:07 GMT
content-encoding
gzip
last-modified
Fri, 14 Oct 2022 16:49:08 GMT
x-cdn
Imperva
etag
W/"63499304-8999"
vary
Accept-Encoding
content-type
application/javascript
x-iinfo
11-15061441-15061592 NNNN CT(98 209 0) RT(1666289766230 896) q(0 0 3 -1) r(4 4) U5
cache-control
max-age=31536000
expires
Fri, 20 Oct 2023 18:16:07 GMT
_Incapsula_Resource
www.rallyhealth.com/ 		146 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rallyhealth.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=674364596
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.158.ip.incapdns.net
Software
/
Resource Hash
a65a0a5fed2543e5a37cb2bbd8a940d5477aa0c8e9a0ed71097be30c57ffc230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
x-robots-tag
noindex
content-length
21019
content-type
application/javascript
amplitude-8.21.1-min.gz.js
cdn.amplitude.com/libs/ 		78 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.amplitude.com/libs/amplitude-8.21.1-min.gz.js
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.108.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-108-125.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93e8cd53ed78b8a27087304b6f33103ec3ce745003f62d9a2ad77cc40a1ace30

Request headers

Referer
https://www.rallyhealth.com/
Origin
https://www.rallyhealth.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 19:44:12 GMT
content-encoding
gzip
via
1.1 b9d6da6afb687529eac0ec6c19319d48.cloudfront.net (CloudFront)
x-amz-version-id
UAXIG_gXYToRdTowQhWNLrT1YuPxKcSX
x-amz-cf-pop
TXL50-P4
age
167516
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25142
last-modified
Thu, 22 Sep 2022 18:57:21 GMT
server
AmazonS3
etag
"f371ea8154adecf96550964dd193fd4c"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
7Py8I-mg8PwryfEy31iRJ3UJd4ALlpMKChZTBSFB8WdtcwIH9qYW_g==
id
dpm.demdex.net/ 		974 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1666289766938
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.136.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-136-252.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e86061407d450de4ed50e164372d70cc2396168eb93e897bb2e6630f4ec81daf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.rallyhealth.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v044-0f520ef78.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
3Qjj9PtITeE=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.rallyhealth.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
558
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/5ef16568c699/launch-9e740193cc86.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:287::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 18:16:07 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 16:35:31 GMT
server
AkamaiNetStorage
etag
"d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.rallyhealth.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12163
expires
Thu, 20 Oct 2022 19:16:07 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 17:01:59 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
4448
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 20 Oct 2022 19:01:59 GMT
gtm.js
www.googletagmanager.com/ 		298 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5X8NLTL
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4b26e9fd36e07d5ef8dad3cb8c583ef1d7cb440d1c238b0642834f9894098234
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 18:16:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74888
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 20 Oct 2022 18:16:07 GMT
fbevents.js
connect.facebook.net/en_US/ 		102 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 20 Oct 2022 18:16:07 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27027
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
l9Cb/W2FU/J9cNwHkUVM+agAN77aqKUXvg+XCdWx4Ifnu8udiSpUSCRL52psTG6zponsyDVBRY8uEW6vHZuayg==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/webp
350914
hello.myfonts.net/count/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hello.myfonts.net/count/350914
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/css/main.min.css?v=1665766149
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:f349 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
QFL-LP_coach-support_2x.png
d362armbx6l2g0.cloudfront.net/Tout-Images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d362armbx6l2g0.cloudfront.net/Tout-Images/QFL-LP_coach-support_2x.png
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9400:4:f286:6800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ad9a44f2d2996ab6d06acdaf17b947b3a44693a7998cd773c57918d7d38636b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 13:02:27 GMT
x-amz-version-id
TohGNSttvYh_CLsLGx.mMK1aV1CnjYyh
via
1.1 79ba346413d83ce62db11c8d0b05c22c.cloudfront.net (CloudFront)
last-modified
Thu, 25 Mar 2021 17:01:57 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
18821
etag
"0780bdf16e9bcb42c089922b01a7140b"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
18171
x-amz-cf-id
8oltR7oCOztuzaaVXuA3mAuimVoOx7APjnH3sYTw8gMtQ1MV5O6JcA==
QFL-LP_any-time-access_2x.png
d362armbx6l2g0.cloudfront.net/Tout-Images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d362armbx6l2g0.cloudfront.net/Tout-Images/QFL-LP_any-time-access_2x.png
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9400:4:f286:6800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3f0e15e16e7a347037e7f7665bc59e9a96a4ac6a18222f3ea570fa5d76ca8bff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 13:02:27 GMT
x-amz-version-id
TqNNctFfNsqsjnJ_rXkx1vNX2Rq3Icts
via
1.1 79ba346413d83ce62db11c8d0b05c22c.cloudfront.net (CloudFront)
last-modified
Thu, 25 Mar 2021 17:00:37 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
18821
etag
"f396f09747d9540cd6c28c2ccd59e930"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
14338
x-amz-cf-id
ihTiAfeoSUwtUOZv2XgtYLX17CfkvtITvAql0WtGXbIyrgATV-oSOQ==
QFL-LP_help-beyond-quit_2x.png
d362armbx6l2g0.cloudfront.net/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d362armbx6l2g0.cloudfront.net/QFL-LP_help-beyond-quit_2x.png
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:9400:4:f286:6800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bfc978d39c228b6e373412d2275ba1b1953989ca07b35e23ea1f3fb2eb767d81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 13:02:27 GMT
x-amz-version-id
ApZCEWZqE8qKWKA95kCb3T9AUN7ZcaoN
via
1.1 79ba346413d83ce62db11c8d0b05c22c.cloudfront.net (CloudFront)
last-modified
Thu, 25 Mar 2021 17:02:23 GMT
server
AmazonS3
x-amz-cf-pop
PRG50-C1
age
18821
etag
"8ff4119272459ce47d147b3e42de6b66"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
15633
x-amz-cf-id
2MUU7thNiKqxfxFqdXLAA1ColpXHQrQsBtCPP7F_vDmRsGa2KH8kwQ==
350914_4_0.woff2
www.rallyhealth.com/assets/fonts/ 		65 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.rallyhealth.com/assets/fonts/350914_4_0.woff2
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.158.ip.incapdns.net
Software
/
Resource Hash
bb24ca0cbb54af3d9f26295634e9d00d7db9aaaf50d2b2ca4506b94bea4343df

Request headers

Referer
https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Origin
https://www.rallyhealth.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 18:16:07 GMT
last-modified
Fri, 14 Oct 2022 16:46:10 GMT
x-cdn
Imperva
etag
"63499252-1042a"
content-type
application/octet-stream
x-iinfo
11-15061441-15061446 PNNN RT(1666289766230 935) q(0 0 0 -1) r(1 1) U5
cache-control
max-age=31536000
accept-ranges
bytes
content-length
66602
expires
Fri, 20 Oct 2023 18:16:07 GMT
350914_0_0.woff2
www.rallyhealth.com/assets/fonts/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.rallyhealth.com/assets/fonts/350914_0_0.woff2
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.158.ip.incapdns.net
Software
/
Resource Hash
6cb6b6e5a292040c2bb8074878e03d7e031da6253d5eec31edf1c100802b61db

Request headers

Referer
https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Origin
https://www.rallyhealth.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 18:16:07 GMT
last-modified
Fri, 14 Oct 2022 16:46:10 GMT
x-cdn
Imperva
etag
"63499252-5357"
content-type
application/octet-stream
x-iinfo
11-15061441-15061605 NNNN CT(96 208 0) RT(1666289766230 937) q(0 0 3 -1) r(4 5) U5
cache-control
max-age=31536000
accept-ranges
bytes
content-length
21335
expires
Fri, 20 Oct 2023 18:16:07 GMT
350914_3_0.woff2
www.rallyhealth.com/assets/fonts/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.rallyhealth.com/assets/fonts/350914_3_0.woff2
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.158.ip.incapdns.net
Software
/
Resource Hash
fe1f651485263fd8479553b0c3bb23099f1696cbcfcec653bb29c542daf750e7

Request headers

Referer
https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Origin
https://www.rallyhealth.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 18:16:07 GMT
last-modified
Fri, 14 Oct 2022 16:46:10 GMT
x-cdn
Imperva
etag
"63499252-53a5"
content-type
application/octet-stream
x-iinfo
11-15061441-15061599 PNNy RT(1666289766230 938) q(0 1 1 -1) r(2 3) U5
cache-control
max-age=31536000
accept-ranges
bytes
content-length
21413
expires
Fri, 20 Oct 2023 18:16:07 GMT
350914_2_0.woff2
www.rallyhealth.com/assets/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.rallyhealth.com/assets/fonts/350914_2_0.woff2
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.158.ip.incapdns.net
Software
/
Resource Hash
e98d5c943d6e8e8cf5aacb45eb401803e41608126e69badc40ee5e028943fd84

Request headers

Referer
https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Origin
https://www.rallyhealth.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 18:16:07 GMT
last-modified
Fri, 14 Oct 2022 16:46:10 GMT
x-cdn
Imperva
etag
"63499252-50ea"
content-type
application/octet-stream
x-iinfo
11-15061441-15061595 PNNy RT(1666289766230 940) q(0 1 1 -1) r(2 3) U5
cache-control
max-age=31536000
accept-ranges
bytes
content-length
20714
expires
Fri, 20 Oct 2023 18:16:07 GMT
dest5.html
unitedhealthgroup.demdex.net/ Frame CCD6 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/5ef16568c699/launch-9e740193cc86.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.136.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-136-252.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.rallyhealth.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-2-v044-041e262a1.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
vF+ezADxStw=
content-encoding
gzip
date
Thu, 20 Oct 2022 18:16:07 GMT
last-modified
Thu, 29 Sep 2022 16:47:43 GMT
vary
accept-encoding
ibs:dpid=411&dpuuid=Y1GQZwAAAItTIQN6
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=14867756489219285053281679556747438914
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1GQZwAAAItTIQN6
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1GQZwAAAItTIQN6
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
HTTP/1.1
Server
52.30.136.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-136-252.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v044-0749497f6.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
3D/59QIdRz0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1GQZwAAAItTIQN6
Date
Thu, 20 Oct 2022 18:16:07 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
non-critical.min.css
www.rallyhealth.com/css/ 		103 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rallyhealth.com/css/non-critical.min.css?v=1665766149
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.158.ip.incapdns.net
Software
/
Resource Hash
f1244de44d19da5e8166dbc266d98a21e2f480c5faa9e109c9d2bde3385fc164

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 18:16:07 GMT
content-encoding
gzip
last-modified
Fri, 14 Oct 2022 16:49:09 GMT
x-cdn
Imperva
etag
W/"63499305-19b04"
vary
Accept-Encoding
content-type
text/css
x-iinfo
11-15061441-15061446 PNNN RT(1666289766230 983) q(0 0 0 -1) r(1 1) U5
cache-control
max-age=31536000
expires
Fri, 20 Oct 2023 18:16:07 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 18:16:07 GMT
content-encoding
gzip
last-modified
Wed, 19 Oct 2022 18:56:33 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=80318
accept-ranges
bytes
content-length
3063
1598193977106649
connect.facebook.net/signals/config/ 		293 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1598193977106649?v=2.9.87&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
20ea1e508e535ef9c38fbd4a1ca9ee3b1a270f9f27e29a726784c4443f080e5a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 20 Oct 2022 18:16:07 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86466
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
28B4xR38IC7sRtuo2PWCpeC3jj6irefOmkXEqayrgzLNG/0JyzL/xBbPay9rpHTygdrEnv8711BTe74QWoya4g==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.google-analytics.com/gtm/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-5X28TLH&cid=1819290497.1666289767
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
572663e7932aa45aa6087bcf5619d1e510cfaaa38b4dfc617c970ee8349a3ef1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 18:16:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43953
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 20 Oct 2022 18:16:07 GMT
/
api.amplitude.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.182.5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-182-5.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
cross-origin-resource-policy
Access-Control-Request-Method
POST
Origin
https://www.rallyhealth.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
cross-origin-resource-policy
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-length
0
date
Thu, 20 Oct 2022 18:16:07 GMT
strict-transport-security
max-age=15768000
/
api.amplitude.com/ 		7 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.182.5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-182-5.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.rallyhealth.com/
Cross-Origin-Resource-Policy
cross-origin
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 20 Oct 2022 18:16:07 GMT
strict-transport-security
max-age=15768000
trace-id
Root=1-63519067-4761157a1f1a94661af8f75e
content-length
7
access-control-allow-methods
GET, POST
content-type
text/html;charset=utf-8
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1598193977106649&ev=PageView&dl=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum%26utm_medium%3Demail%26utm_campaign%3DQFL-Awareness_Q4_OO%26utm_content%3DAcq_Q4_EM1_OptOut_UH&rl=&if=false&ts=1666289767376&sw=1600&sh=1200&v=2.9.87&r=stable&ec=0&o=30&fbp=fb.1.1666289767371.1242674796&it=1666289767259&coo=false&rqm=GET
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 20 Oct 2022 18:16:07 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=31163&time=1666289767395&url=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum%26utm_medium%3Demail%26utm_campaign%3DQFL-Awar...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D31163%26time%3D1666289767395%26url%3Dhttps%253A%252F%252Fwww.rallyhealth.com%252F...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=31163&time=1666289767395&url=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum%26utm_medium%3Demail%26utm_campaign%3DQFL-Awar...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=31163&time=1666289767395&url=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum%26utm_medium%3Demail%26utm_campaign%3DQFL-Awa...
0
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=31163&time=1666289767395&url=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum%26utm_medium%3Demail%26utm_campaign%3DQFL-Awareness_Q4_OO%26utm_content%3DAcq_Q4_EM1_OptOut_UH&liSync=true&e_ipv6=AQKm1o-DNEDhXQAAAYP2nB3NEg7hr4hyAIc7L-f7s5l0vsvGV65BF9pgRyRxM9OoEVDxVnRMcoIZ
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Server
13.107.43.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 18:16:09 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 09BBC392333141DC8DF4EF6FBC00FD59 Ref B: VIEEDGE3319 Ref C: 2022-10-20T18:16:10Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXre1HYfDnoh1pIr/ZJ1Q==

Redirect headers

date
Thu, 20 Oct 2022 18:16:09 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 90751469B8AB4AB19239DDD0209BAF4B Ref B: FRAEDGE1114 Ref C: 2022-10-20T18:16:09Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=31163&time=1666289767395&url=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum%26utm_medium%3Demail%26utm_campaign%3DQFL-Awareness_Q4_OO%26utm_content%3DAcq_Q4_EM1_OptOut_UH&liSync=true&e_ipv6=AQKm1o-DNEDhXQAAAYP2nB3NEg7hr4hyAIc7L-f7s5l0vsvGV65BF9pgRyRxM9OoEVDxVnRMcoIZ
x-li-proto
http/2
content-length
0
x-li-uuid
AAXre1HUO6DK2szOuSVBtA==
2727.js
script.crazyegg.com/pages/scripts/0068/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0068/2727.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5X8NLTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5242902da084a84deef4f44a78fc11468c51ebfbd7d376faba35e499969575e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 18:16:07 GMT
content-encoding
gzip
cf-cache-status
HIT
age
107553
cf-polished
origSize=5668
ce-version
11.4.26
cf-bgj
minify
last-modified
Wed, 19 Oct 2022 12:23:34 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
75d3be26cc2a9bdc-FRA
iframe_api
www.youtube.com/ 		992 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5X8NLTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fa21fb66f1bdc2a62ec6246fe35275694edc6d51287e5214bea2f7a8bb37d699
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 18:16:07 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Thu, 20 Oct 2022 18:16:07 GMT
350914
hello.myfonts.net/count/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hello.myfonts.net/count/350914
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/css/non-critical.min.css?v=1665766149
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:f349 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2133440031&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum%26utm_medium%3Demail%26utm_campaign%3DQFL-Awareness_Q4_OO%26utm_content%3DAcq_Q4_EM1_OptOut_UH&ul=en-us&de=UTF-8&dt=Quit-For-Life%20%7C%20Rally%20Health&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAEADQAAAACAAI~&jid=1049278515&gjid=1980978987&cid=1819290497.1666289767&tid=UA-37681395-2&_gid=55324622.1666289767&_r=1&_slc=1&z=190897568
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rallyhealth.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 18:16:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rallyhealth.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2133440031&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum%26utm_medium%3Demail%26utm_campaign%3DQFL-Awareness_Q4_OO%26utm_content%3DAcq_Q4_EM1_OptOut_UH&ul=en-us&de=UTF-8&dt=Quit-For-Life%20%7C%20Rally%20Health&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAACAAI~&jid=1011482319&gjid=1996207705&cid=1819290497.1666289767&tid=UA-37681395-2&_gid=55324622.1666289767&_r=1&gtm=2wgaj05X8NLTL&z=1436317396
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rallyhealth.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 18:16:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rallyhealth.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=771&dpuuid=CAESEGUdhjx6efnBtdwL8MVUqxg&google_cver=1
dpm.demdex.net/ Frame CCD6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTQ4Njc3NTY0ODkyMTkyODUwNTMyODE2Nzk1NTY3NDc0Mzg5MTQ=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MTQ4Njc3NTY0ODkyMTkyODUwNTMyODE2Nzk1NTY3NDc0Mzg5MTQ=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGUdhjx6efnBtdwL8MVUqxg&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGUdhjx6efnBtdwL8MVUqxg&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
HTTP/1.1
Server
52.30.136.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-136-252.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://unitedhealthgroup.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v044-03b75489a.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
5BxRrGhgQLU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 20 Oct 2022 18:16:07 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGUdhjx6efnBtdwL8MVUqxg&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-37681395-2&cid=1819290497.1666289767&jid=1049278515&gjid=1980978987&_gid=55324622.1666289767&_u=KGBAAEACQAAAACAAI~&z=1038484203
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rallyhealth.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 20 Oct 2022 18:16:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rallyhealth.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-37681395-2&cid=1819290497.1666289767&jid=1011482319&gjid=1996207705&_gid=55324622.1666289767&_u=aGDAAEADQAAAACAAI~&z=690166727
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rallyhealth.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 20 Oct 2022 18:16:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rallyhealth.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-widgetapi.js
www.youtube.com/s/player/24c6f8bd/www-widgetapi.vflset/ 		157 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/24c6f8bd/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9675106ffe936d9a2b9d234fab0ad0a194332664c6328576dcac6f99a6f1ef87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 17:16:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
3583
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52758
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 00:20:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 20 Oct 2023 17:16:24 GMT
www.rallyhealth.com.json
script.crazyegg.com/pages/data-scripts/0068/2727/site/ Frame EC57 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0068/2727/site/www.rallyhealth.com.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0068/2727.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
354c1a280827a35589288b2e55fc8950e9b33980a0fb1fc65818c64fa289c483

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 18:16:07 GMT
content-encoding
gzip
cf-cache-status
HIT
age
117721
ce-version
11.4.26
content-length
1571
last-modified
Wed, 19 Oct 2022 09:34:06 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75d3be272e549be6-FRA
generic
match.adsrvr.org/track/cmf/ Frame CCD6 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.rallyhealth.com&ttd_tpi=1
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://unitedhealthgroup.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 20 Oct 2022 18:16:07 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
7d6ef81f9422694340d6007e6857f38a.js
script.crazyegg.com/pages/versioned/common-scripts/ 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/7d6ef81f9422694340d6007e6857f38a.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0068/2727.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe2e94d62eb9d7e50da60842392c0ce372372aec72abcaa970afecff76a0228d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 18:16:07 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 07 Oct 2022 14:16:57 GMT
server
cloudflare
age
118180
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75d3be275d9f9bdc-FRA
content-length
29957
get-feed
www.rallyhealth.com/actions/rally-utilities-module/gyms/ 		7 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.rallyhealth.com/actions/rally-utilities-module/gyms/get-feed
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.158.ip.incapdns.net
Software
/ Craft CMS
Resource Hash
1b59a7459389cabe43ac517167e75604bd9907d737c9164472fe7662a289d68e

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-iinfo
11-15061441-15061599 PNNy RT(1666289766230 1363) q(0 0 0 -1) r(10 10) U5
date
Thu, 20 Oct 2022 18:16:08 GMT
content-encoding
gzip
x-cdn
Imperva
x-powered-by
Craft CMS
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
/
api.amplitude.com/ 		7 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.182.5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-182-5.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.rallyhealth.com/
Cross-Origin-Resource-Policy
cross-origin
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 20 Oct 2022 18:16:10 GMT
strict-transport-security
max-age=15768000
trace-id
Root=1-6351906a-702dd183404a118413bd58a6
content-length
7
access-control-allow-methods
GET, POST
content-type
text/html;charset=utf-8
/
api.amplitude.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.182.5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-182-5.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
cross-origin-resource-policy
Access-Control-Request-Method
POST
Origin
https://www.rallyhealth.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
cross-origin-resource-policy
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-length
0
date
Thu, 20 Oct 2022 18:16:09 GMT
strict-transport-security
max-age=15768000
image.sbix
global.ib-ibi.com/ Frame CCD6 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=14867756489219285053281679556747438914
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
HTTP/1.0
Security
TLS 1.2, RSA, AES_128_CBC
Server
216.46.185.182 Littleton, United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
BigIP /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://unitedhealthgroup.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Connection
close
Content-Length
0
Server
BigIP
_Incapsula_Resource
www.rallyhealth.com/ 		1 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rallyhealth.com/_Incapsula_Resource?SWKMTFSR=1&e=0.36950758485697643
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.158.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
www.rallyhealth.com.json
script.crazyegg.com/pages/data-scripts/0068/2727/sampling/ Frame EC57 		165 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0068/2727/sampling/www.rallyhealth.com.json?t=462858
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/7d6ef81f9422694340d6007e6857f38a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
457a05ac2d95a0b1116469ea3a3217b344db98b9475ffdf6f3930f39d884ae45

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 18:16:09 GMT
content-encoding
gzip
cf-cache-status
HIT
age
23163
ce-version
11.4.26
content-length
146
last-modified
Thu, 20 Oct 2022 11:50:06 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75d3be35ef679be6-FRA
/
www.facebook.com/tr/ Frame 604F 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.rallyhealth.com
Referer
https://www.rallyhealth.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.rallyhealth.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Thu, 20 Oct 2022 18:16:09 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
a469c055.min.js
tag.demandbase.com/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.demandbase.com/a469c055.min.js
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-16.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c676ce3cda9b377716311a94a3d8c00c6024e9cfcd4884d34f55864c9ad9e07b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
KvmGQ6qthzWype34APgJJB882hhPHdJg
content-encoding
gzip
via
1.1 3da92f19744e3229b09a019ec66be172.cloudfront.net (CloudFront)
date
Thu, 20 Oct 2022 18:16:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
PRG50-C1
age
2950
x-cache
Hit from cloudfront
last-modified
Thu, 22 Apr 2021 18:50:00 GMT
server
AmazonS3
etag
W/"4c794f876d8ab65b635e3c7f1434a31c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id
cpfQPQBDtnfpYEcMNemuksqhCerwUhzJgqWrIKJf5O8ltBGHMej63Q==
csrf-data
www.rallyhealth.com/actions/rally-utilities-module/freeform/ 		146 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.rallyhealth.com/actions/rally-utilities-module/freeform/csrf-data
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.158.ip.incapdns.net
Software
/ Craft CMS
Resource Hash
1a306613ccbb5cf4cc345497cb3a147839f798aaece6e84fd401eff3effb7a47

Request headers

Accept
*/*
Referer
https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-iinfo
11-15061441-15061605 PNNN RT(1666289766230 3658) q(0 0 0 -1) r(4 4) U5
date
Thu, 20 Oct 2022 18:16:10 GMT
content-encoding
gzip
x-cdn
Imperva
x-powered-by
Craft CMS
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
healthcheck
pagestates-tracking.crazyegg.com/ Frame EC57 		19 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagestates-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/7d6ef81f9422694340d6007e6857f38a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-88.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 14 Jul 2022 06:23:23 GMT
via
1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
8509968
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
n4x3iUS7qFjSpKfgGLkfCYYKBfse-EsHxs2-sRTId-T587bjMS7a9A==
healthcheck
assets-tracking.crazyegg.com/ Frame EC57 		19 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/7d6ef81f9422694340d6007e6857f38a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-120.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 11:33:15 GMT
via
1.1 9ed2eeec8748ea461af0d1cbf998da0e.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
5121775
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
eU43duDoccrsmE3-vzy8-tFGAKne6LcaA7JUyd2TIkzD-xu1Md9vEg==
57034a6c-ad0f-454b-b36b-1c23a96e76de
https://www.rallyhealth.com/ 		45 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.rallyhealth.com/57034a6c-ad0f-454b-b36b-1c23a96e76de
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e8f74416e7bc7051dbd2c0b2dec8cdb9a5ba4b36f88ba1b65c3e7dd7447b4090

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length
45
Content-Type
text/javascript
s66507322197052
smetrics.optum.com/b/ss/uhgrallyhealthprod/1/JS-2.22.4-LCS4/ 		43 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smetrics.optum.com/b/ss/uhgrallyhealthprod/1/JS-2.22.4-LCS4/s66507322197052?AQB=1&ndh=1&pf=1&t=20%2F9%2F2022%2018%3A16%3A10%204%200&mid=19669208033216340002477860180124578987&aamlh=6&ce=UTF-8&pageName=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum%26utm_medium%3Demail%26utm_campaign%3DQFL-Awareness_Q4_OO%26utm_content%3DAcq_Q4_EM1_OptOut_UH&g=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum%26utm_medium%3Demail%26utm_campaign%3DQFL-Awareness_Q4_OO%26utm_content%3DAcq_Q4_EM1_OptOut_UH&cc=USD&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c25=D%3DpageName&v25=D%3DpageName&c44=%3Futm_source%3DOptum%26utm_medium%3Demail%26utm_campaign%3DQFL-Awareness_Q4_OO%26utm_content%3DAcq_Q4_EM1_OptOut_UH&v44=%3Futm_source%3DOptum%26utm_medium%3Demail%26utm_campaign%3DQFL-Awareness_Q4_OO%26utm_content%3DAcq_Q4_EM1_OptOut_UH&v72=D%3Dmid&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=8E391C8B533058250A490D4D%40AdobeOrg&AQE=1
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 18:16:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 21 Oct 2022 18:16:10 GMT
server
jag
etag
3578330033992531968-4619882454021565276
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 19 Oct 2022 18:16:10 GMT
clock
tracking.crazyegg.com/ Frame EC57 		26 B
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/clock?t=1666289770055
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/7d6ef81f9422694340d6007e6857f38a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.113.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-113-6.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
663b14a1721f462e6d89a0edef53b9779f34aaa379662dee1c2226009e533bd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 20 Oct 2022 18:16:10 GMT
cache-control
no-store
server
awselb/2.0
content-length
26
content-type
text/plain
validateCookie
segments.company-target.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/demandbase
  • https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
  • https://segments.company-target.com/log?vendor=choca&user_id=AAAfpk7GoyEAAB8PtRhPHA
  • https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAAfpk7GoyEAAB8PtRhPHA&verifyHash=364ea9f47588d51e50ed760824443d26b58d7032
26 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAAfpk7GoyEAAB8PtRhPHA&verifyHash=364ea9f47588d51e50ed760824443d26b58d7032
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
HTTP/1.1
Server
65.9.95.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-7.prg50.r.cloudfront.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 20 Oct 2022 18:16:10 GMT
Via
1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PRG50-C1
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Content-Type
image/gif
Vary
Origin
Connection
keep-alive
trace-id
5f74ce334ff995fd
X-Amz-Cf-Id
UXGi7AJX0sJAObMrA0fNwSg2OW6fdowQuhN0SHB9D_TPw8Lh6RZSKg==

Redirect headers

Date
Thu, 20 Oct 2022 18:16:10 GMT
Via
1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PRG50-C1
Vary
Origin
X-Cache
Miss from cloudfront
Location
/validateCookie?vendor=choca&user_id=AAAfpk7GoyEAAB8PtRhPHA&verifyHash=364ea9f47588d51e50ed760824443d26b58d7032
Connection
keep-alive
trace-id
a46acbd2221260d3
Content-Length
0
X-Amz-Cf-Id
rYXBZa81vDCMhKhkDwnRbTh_sBFjgO8GPLcXsb5_sC_v6r60XqoYNw==
464526.gif
id.rlcdn.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/464526.gif
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 18:16:10 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
4891da04-a592-401d-973f-86511ffe3460
https://www.rallyhealth.com/ 		260 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.rallyhealth.com/4891da04-a592-401d-973f-86511ffe3460
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60d8508062baa7f4beda6ed4029f2e1ba9f881f93857c32e8ecb5b29f0bc82f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length
260
Content-Type
text/javascript
nr-1169.min.js
js-agent.newrelic.com/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1169.min.js
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cddee6bb37cab7b576ddf080fd6ba00fa8420d0afc0531f413633175e9e5f9c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 varnish
date
Thu, 20 Oct 2022 18:16:10 GMT
x-amz-request-id
QEGFH88RPY2E17Q6
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
10276
x-amz-id-2
wIswYgm4lLOQvih/xv4bfjEn6fY4XqrTQUWfveSQdD6qVpUj0sMS6byU9FFAy0QG5Jhifr5IZZk=
x-served-by
cache-fra19139-FRA
last-modified
Wed, 20 May 2020 21:16:15 GMT
server
AmazonS3
x-timer
S1666289771.736239,VS0,VE0
etag
"7e312620a90879b595db1bff9c42ed57"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
50
8f22def631
bam.nr-data.net/1/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/8f22def631?a=278441150&sa=1&v=1169.7b094c0&t=Unnamed%20Transaction&rst=5299&ck=1&ref=https://www.rallyhealth.com/quit-for-life&be=1364&fe=5257&dc=4449&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1666289765453,%22n%22:0,%22f%22:769,%22dn%22:770,%22dne%22:805,%22c%22:805,%22s%22:811,%22ce%22:822,%22rq%22:827,%22rp%22:1340,%22rpe%22:1351,%22dl%22:1343,%22di%22:4444,%22ds%22:4444,%22de%22:4450,%22dc%22:5257,%22l%22:5257,%22le%22:5258%7D,%22navigation%22:%7B%7D%7D&fp=1767&fcp=2027&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1169.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 20 Oct 2022 18:16:10 GMT
Server
cloudflare
Connection
keep-alive
CF-RAY
75d3be3b5f1291d7-FRA
Content-Length
2
Vary
Accept-Encoding
Content-Type
text/plain;charset=UTF-8

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation number| pageFormCount object| NREUM object| newrelic function| __nr_require string| amp_device_id object| amplitude object| adobeDataLayer object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| dataLayer string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| mapboxgl object| turf function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s function| $ function| jQuery number| timeModified function| loadCSS string| _linkedin_partner_id object| _linkedin_data_partner_ids function| init function| listenForChange function| addQuery function| removeQuery function| triggerCallbacks function| addEvent function| getPreviousContext function| getContext function| _inArray function| _indexOf object| MQ object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| analyticsConnectorInstances function| lintrk boolean| _already_called_lintrk object| google_tag_manager object| google_optimize object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ function| initMap function| buildLocationListSegment function| clearSelectedMarkers function| clearHoveredMarkers function| removeAllPopups function| createPopUp function| getBbox function| updateMap function| getUniqueGymsSorted function| adjustListingsHeaderMargin function| isDefined function| isLoading function| clearForm object| accordion undefined| Grnhse object| careers object| carousels object| forms function| introTransitions object| modEvents object| nav object| overlay object| that undefined| map object| selectedMarkerId object| hoveredMarkerId boolean| isMouseOverEvent number| gymListingFirstIndex number| gymListingLastIndex string| feedUrl undefined| productNames object| gyms function| searchByZip number| resultsPage undefined| totalCount number| rppg number| resourceCount object| csrfToken object| resources object| responsiveImages function| isValidHostname function| isSessionSupported object| CE2BH function| CE_URL_FINGERPRINT object| webpackChunkCE2 object| callbacks string| context string| new_context object| s_i_uhgrallyhealthprod function| __extends object| Demandbase object| __db function| DBSegment

34 Cookies

Domain/Path Name / Value
.rallyhealth.com/ Name: visid_incap_661021
Value: +fpGl1uEQa+WQApPslZJ+GaQUWMAAAAAQUIPAAAAAADiTiuWdtu42N2LLJLqQ62U
.rallyhealth.com/ Name: incap_ses_1288_661021
Value: Wj18ejc7c1OLBAQMwuXfEWaQUWMAAAAAmZQB2uCqkKzqDYnwQ/Grfg==
.demdex.net/ Name: demdex
Value: 14867756489219285053281679556747438914
.rallyhealth.com/ Name: AMCVS_8E391C8B533058250A490D4D%40AdobeOrg
Value: 1
.rallyhealth.com/ Name: _ga
Value: GA1.2.1819290497.1666289767
.rallyhealth.com/ Name: _gid
Value: GA1.2.55324622.1666289767
.rallyhealth.com/ Name: amp_c00ff2
Value: ySbSaZMisYlB-6XKoHHZ4n...1gfr9o4sj.1gfr9o4t7.1.1.2
.rallyhealth.com/ Name: _fbp
Value: fb.1.1666289767371.1242674796
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y1GQZwAAAItTIQN6
.dpm.demdex.net/ Name: dpm
Value: 14867756489219285053281679556747438914
.rallyhealth.com/ Name: _gat
Value: 1
.rallyhealth.com/ Name: _gat_UA-37681395-2
Value: 1
.rallyhealth.com/ Name: AMCV_8E391C8B533058250A490D4D%40AdobeOrg
Value: -2121179033%7CMCIDTS%7C19286%7CMCMID%7C19669208033216340002477860180124578987%7CMCAAMLH-1666894567%7C6%7CMCAAMB-1666894567%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1666296967s%7CNONE%7CMCSYNCSOP%7C411-19293%7CvVersion%7C5.3.0
.youtube.com/ Name: YSC
Value: W7T9Ckzkne8
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: GUS8HmDBKm4
.doubleclick.net/ Name: IDE
Value: AHWqTUkTM1O94bqgzzKfKiBq_mTEWanLRG6MxZbQaqtSbGjxZi8au-11OyC7Sz0kk48
.linkedin.com/ Name: UserMatchHistory
Value: AQJ3GK3z_i-mjgAAAYP2nBRXkHvhxtDwo84lMaRY_cbbaffne5HtQVfDcd8QsLImNXd89fHRLlN9Cg
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLQruAEZ0susgAAAYP2nBRXJLWzV_luu9CIS9YzyhnEa55vQmataj-L0OnJgGt0Yo1IfcDa1ARxNJA78aoJUg
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&3f7b1a95-4b7f-4639-8d2b-b8ad2c10fd51"
.linkedin.com/ Name: lidc
Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2504:u=1:x=1:i=1666289767:t=1666376167:v=2:sig=AQHptEtskkSDAmNWENdcHnwM9tgEp0HR"
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&2022102018160793428454-fbb5-46e9-83ce-fde86d103075AQFba9__xHGRx3tjM2Hke1nMFHq3yRlD"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjYyODk3Njc7MjswMjGI8Uy46qoZqxQ2xQjxH5qjGfTM6F92OlMHzbFAefahnw==
.demdex.net/ Name: dextp
Value: 771-1-1666289767463|903-1-1666289767564|285689-1-1666289769841
.rallyhealth.com/ Name: cebs
Value: 1
.rallyhealth.com/ Name: s_cc
Value: true
.rallyhealth.com/ Name: cebsp
Value: 1
.rallyhealth.com/ Name: _ce.s
Value: v~877781b7eb1546c7a743f75a3ece01fa887d9ce3~vpv~0~v11.rlc~1666289770205
.bidr.io/ Name: bito
Value: AAAfpk7GoyEAAB8PtRhPHA
.bidr.io/ Name: bitoIsSecure
Value: ok
www.rallyhealth.com/ Name: CRAFT_CSRF_TOKEN
Value: b591b11256c1b2f28adf71caaa93c8bb0c6b6337edd83fbb71db4ad96f7c5676a%3A2%3A%7Bi%3A0%3Bs%3A16%3A%22CRAFT_CSRF_TOKEN%22%3Bi%3A1%3Bs%3A40%3A%220R8zXGKo9o2xWO5jpNVMeaND47hMVMCq_ME5__qE%22%3B%7D
.company-target.com/ Name: tuuid
Value: 9a8e5a6a-c6d7-4262-ab08-26759f05f87a
.company-target.com/ Name: tuuid_lu
Value: 1666289770

5 Console Messages

Source Level URL
Text
network error URL: https://hello.myfonts.net/count/350914
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://hello.myfonts.net/count/350914
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://hello.myfonts.net/count/350914
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://id.rlcdn.com/464526.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://bam.nr-data.net/1/8f22def631?a=278441150&sa=1&v=1169.7b094c0&t=Unnamed%20Transaction&rst=5299&ck=1&ref=https://www.rallyhealth.com/quit-for-life&be=1364&fe=5257&dc=4449&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1666289765453,%22n%22:0,%22f%22:769,%22dn%22:770,%22dne%22:805,%22c%22:805,%22s%22:811,%22ce%22:822,%22rq%22:827,%22rp%22:1340,%22rpe%22:1351,%22dl%22:1343,%22di%22:4444,%22ds%22:4444,%22de%22:4450,%22dc%22:5257,%22l%22:5257,%22le%22:5258%7D,%22navigation%22:%7B%7D%7D&fp=1767&fcp=2027&jsonp=NREUM.setToken
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.amplitude.com
api.tiles.mapbox.com
assets-tracking.crazyegg.com
assets.adobedtm.com
bam.nr-data.net
cdn.amplitude.com
click.yourhealth-wellnessteam.com
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
d362armbx6l2g0.cloudfront.net
dpm.demdex.net
global.ib-ibi.com
hello.myfonts.net
id.rlcdn.com
js-agent.newrelic.com
match.adsrvr.org
match.prod.bidr.io
npmcdn.com
pagestates-tracking.crazyegg.com
px.ads.linkedin.com
px4.ads.linkedin.com
rally-health-prod.imgix.net
rallyhealth.com
script.crazyegg.com
segments.company-target.com
smetrics.optum.com
snap.licdn.com
stats.g.doubleclick.net
tag.demandbase.com
tracking.crazyegg.com
unitedhealthgroup.demdex.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.linkedin.com
www.rallyhealth.com
www.youtube.com
13.107.43.14
13.111.39.86
142.250.185.226
149.126.77.158
15.236.176.210
151.101.66.137
162.247.241.14
18.64.108.125
192.230.66.158
216.46.185.182
2600:9000:2127:9400:4:f286:6800:93a1
2606:4700:20::681a:bcb
2606:4700::6811:f349
2606:4700::6813:9408
2620:1ec:21::14
2a00:1450:4001:801::2008
2a00:1450:4001:801::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:82f::200e
2a00:1450:400c:c06::9a
2a02:26f0:3500:16::215:149b
2a02:26f0:480:287::1e80
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:3::720
34.249.113.6
34.251.26.3
35.244.174.68
35.71.131.137
52.26.182.5
52.30.136.252
54.217.231.82
65.9.92.184
65.9.95.120
65.9.95.16
65.9.95.7
65.9.95.88
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
0d9d0921a29946f00c08ad01a5ae84efdabd8e3d2d4a4369d76a6718487fdd05
1844f10c93b29aaa35de3dab61a922a6065eff572a7ad2f74cfde412a9f86662
1a306613ccbb5cf4cc345497cb3a147839f798aaece6e84fd401eff3effb7a47
1b59a7459389cabe43ac517167e75604bd9907d737c9164472fe7662a289d68e
20ea1e508e535ef9c38fbd4a1ca9ee3b1a270f9f27e29a726784c4443f080e5a
33654d576736b5d8da1c4a7c0598a364f206aa0df34ba0efc59f42d0e2e6728c
354c1a280827a35589288b2e55fc8950e9b33980a0fb1fc65818c64fa289c483
3b756aba12395a564274520d1f411b0402a5f745ca1ba3cbe17f89075a227bcc
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3f0e15e16e7a347037e7f7665bc59e9a96a4ac6a18222f3ea570fa5d76ca8bff
457a05ac2d95a0b1116469ea3a3217b344db98b9475ffdf6f3930f39d884ae45
4b26e9fd36e07d5ef8dad3cb8c583ef1d7cb440d1c238b0642834f9894098234
5242902da084a84deef4f44a78fc11468c51ebfbd7d376faba35e499969575e3
572663e7932aa45aa6087bcf5619d1e510cfaaa38b4dfc617c970ee8349a3ef1
5adc121bddb887b4d757aa9aa59f31e4636557f9f9457129d0acc1382e27333c
60d8508062baa7f4beda6ed4029f2e1ba9f881f93857c32e8ecb5b29f0bc82f0
663b14a1721f462e6d89a0edef53b9779f34aaa379662dee1c2226009e533bd2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cb6b6e5a292040c2bb8074878e03d7e031da6253d5eec31edf1c100802b61db
7a03b37a0f12c558430891010aa7374c1fa21371c91c7eddbe327e600c3e597f
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
82a3a1b3d297e97ecdeda5e8fa261da4ea9d64e08f9a645a472ec26b309d8a90
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8638de9b84a29135f93ddf68a554e5bc4f0306b74afdd505b43947251ec2fe7d
8ad9a44f2d2996ab6d06acdaf17b947b3a44693a7998cd773c57918d7d38636b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
93e8cd53ed78b8a27087304b6f33103ec3ce745003f62d9a2ad77cc40a1ace30
9675106ffe936d9a2b9d234fab0ad0a194332664c6328576dcac6f99a6f1ef87
98b379ff20a6b4b9084d4455e206aa66e5b522cb419efc36200ffc73b32abe81
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a4fa433b1862422fa3d7bb2ba6198421deb8f520b42a009982b625667a5cb200
a65a0a5fed2543e5a37cb2bbd8a940d5477aa0c8e9a0ed71097be30c57ffc230
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b896279fff3d8bb808e348cc28283721ec6e70165229623948c5239818b4bf4d
bb24ca0cbb54af3d9f26295634e9d00d7db9aaaf50d2b2ca4506b94bea4343df
bfc978d39c228b6e373412d2275ba1b1953989ca07b35e23ea1f3fb2eb767d81
c676ce3cda9b377716311a94a3d8c00c6024e9cfcd4884d34f55864c9ad9e07b
cddee6bb37cab7b576ddf080fd6ba00fa8420d0afc0531f413633175e9e5f9c8
d00f3e8ff8a8f9c103dad61c2fd4bb58143e1404aadfdf09e29b6db1a2de0a3f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e24b2cc040bd00c415b990e9603679b7ce0ad4aa1e8f4fcfb708a15841ed817a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e86061407d450de4ed50e164372d70cc2396168eb93e897bb2e6630f4ec81daf
e8f74416e7bc7051dbd2c0b2dec8cdb9a5ba4b36f88ba1b65c3e7dd7447b4090
e98d5c943d6e8e8cf5aacb45eb401803e41608126e69badc40ee5e028943fd84
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1244de44d19da5e8166dbc266d98a21e2f480c5faa9e109c9d2bde3385fc164
f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8
fa21fb66f1bdc2a62ec6246fe35275694edc6d51287e5214bea2f7a8bb37d699
fe1f651485263fd8479553b0c3bb23099f1696cbcfcec653bb29c542daf750e7
fe2e94d62eb9d7e50da60842392c0ce372372aec72abcaa970afecff76a0228d