urlscan.io logo urlscan.io
SecurityTrails logo

www.rallyhealth.com Open in urlscan Pro
149.126.77.158  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.yourhealth-wellnessteam.com/?qs=bf355f65e7afe3f82fadc9559d50955896009a4137160c5a92c271f2c66717e1ff81930e52d6cdb9d3bf76122346...
Effective URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq...
Submission: On October 20 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 32 IPs in 6 countries across 30 domains to perform 71 HTTP transactions. The main IP is 149.126.77.158, located in Frankfurt am Main, Germany and belongs to INCAPSULA, US. The main domain is www.rallyhealth.com. The Cisco Umbrella rank of the primary domain is 402071.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 12th 2022. Valid for: a year.
This is the only time www.rallyhealth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.111.39.86 22606 (EXACT-7)
1 1 192.230.66.158 19551 (INCAPSULA)
16 149.126.77.158 19551 (INCAPSULA)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 18.155.153.193 16509 (AMAZON-02)
1 2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a04:4e42:3::720 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.32.23.160 16509 (AMAZON-02)
3 52.31.4.32 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 52.30.136.252 16509 (AMAZON-02)
1 1 34.251.26.3 16509 (AMAZON-02)
4 44.232.89.83 16509 (AMAZON-02)
3 2600:9000:20e... 16509 (AMAZON-02)
2 2a03:2880:f12... 32934 (FACEBOOK)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2 142.250.74.194 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 35.71.131.137 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 3 2620:1ec:22::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 108.138.17.46 16509 (AMAZON-02)
1 18.66.97.88 16509 (AMAZON-02)
1 13.224.189.43 16509 (AMAZON-02)
2 2 52.30.152.75 16509 (AMAZON-02)
1 2 143.204.215.97 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
1 15.188.95.229 16509 (AMAZON-02)
1 54.76.252.170 16509 (AMAZON-02)
1 151.101.2.137 54113 (FASTLY)
1 162.247.241.14 23467 (NEWRELIC-...)
71 32
1    13.111.39.86 (United States)

ASN22606 (EXACT-7, US)
PTR: click.yourhealth-wellnessteam.com
click.yourhealth-wellnessteam.com
1    192.230.66.158 (Canada)

ASN19551 (INCAPSULA, US)
PTR: 192.230.66.158.ip.incapdns.net
rallyhealth.com
16    149.126.77.158 (Frankfurt am Main, Germany)

ASN19551 (INCAPSULA, US)
PTR: 149.126.77.158.ip.incapdns.net
www.rallyhealth.com
3    2606:4700::6811:f449 (United States)

ASN13335 (CLOUDFLARENET, US)
hello.myfonts.net
2    2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
2    18.155.153.193 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-153-193.ham50.r.cloudfront.net
api.tiles.mapbox.com
2    2606:4700:20::681a:acb (United States)

ASN13335 (CLOUDFLARENET, US)
npmcdn.com
2    2a04:4e42:3::720 (United States)

ASN54113 (FASTLY, US)
rally-health-prod.imgix.net
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    13.32.23.160 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-160.fra56.r.cloudfront.net
cdn.amplitude.com
3    52.31.4.32 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-4-32.eu-west-1.compute.amazonaws.com
dpm.demdex.net
4    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    52.30.136.252 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-136-252.eu-west-1.compute.amazonaws.com
unitedhealthgroup.demdex.net
1    34.251.26.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-26-3.eu-west-1.compute.amazonaws.com
cm.everesttech.net
4    44.232.89.83 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-232-89-83.us-west-2.compute.amazonaws.com
api.amplitude.com
3    2600:9000:20eb:400:4:f286:6800:93a1 (United States)

ASN16509 (AMAZON-02, US)
d362armbx6l2g0.cloudfront.net
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    142.250.74.194 (Glen Cove, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
2    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
3    2620:1ec:22::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    108.138.17.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-46.fra56.r.cloudfront.net
tag.demandbase.com
1    18.66.97.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-88.fra56.r.cloudfront.net
pagestates-tracking.crazyegg.com
1    13.224.189.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-43.fra2.r.cloudfront.net
assets-tracking.crazyegg.com
2    52.30.152.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-152-75.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    143.204.215.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-97.fra53.r.cloudfront.net
segments.company-target.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
smetrics.optum.com
1    54.76.252.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-252-170.eu-west-1.compute.amazonaws.com
tracking.crazyegg.com
1    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
Apex Domain
Subdomains		 Transfer
17 rallyhealth.com
rallyhealth.com — Cisco Umbrella Rank: 342144
www.rallyhealth.com — Cisco Umbrella Rank: 402071
2 MB
7 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 1773
pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 3881
assets-tracking.crazyegg.com — Cisco Umbrella Rank: 3900
tracking.crazyegg.com — Cisco Umbrella Rank: 3878
35 KB
5 amplitude.com
cdn.amplitude.com — Cisco Umbrella Rank: 2741
api.amplitude.com — Cisco Umbrella Rank: 1386
26 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 375
www.linkedin.com — Cisco Umbrella Rank: 591
px4.ads.linkedin.com — Cisco Umbrella Rank: 6090
3 KB
4 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
1 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
61 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 214
unitedhealthgroup.demdex.net — Cisco Umbrella Rank: 22318
7 KB
3 cloudfront.net
d362armbx6l2g0.cloudfront.net
48 KB
3 myfonts.net
hello.myfonts.net — Cisco Umbrella Rank: 5462
2 company-target.com
segments.company-target.com — Cisco Umbrella Rank: 1301
1 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 508
1 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 96
53 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
203 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
112 KB
2 imgix.net
rally-health-prod.imgix.net — Cisco Umbrella Rank: 580549
140 KB
2 npmcdn.com
npmcdn.com — Cisco Umbrella Rank: 22344
151 KB
2 mapbox.com
api.tiles.mapbox.com — Cisco Umbrella Rank: 11974
226 KB
2 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 490
61 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 226
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 343
10 KB
1 optum.com
smetrics.optum.com — Cisco Umbrella Rank: 19332
372 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 584
98 B
1 demandbase.com
tag.demandbase.com — Cisco Umbrella Rank: 4793
16 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 742
3 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
265 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1073
517 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
73 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 306
30 KB
1 yourhealth-wellnessteam.com
click.yourhealth-wellnessteam.com — Cisco Umbrella Rank: 169409
312 B
0 ib-ibi.com Failed
global.ib-ibi.com Failed
71 30
Domain Requested by
16 www.rallyhealth.com www.rallyhealth.com
4 script.crazyegg.com www.googletagmanager.com
script.crazyegg.com
4 api.amplitude.com www.rallyhealth.com
4 www.google-analytics.com www.rallyhealth.com
www.google-analytics.com
3 d362armbx6l2g0.cloudfront.net www.rallyhealth.com
3 dpm.demdex.net www.rallyhealth.com
3 hello.myfonts.net client
www.rallyhealth.com
2 segments.company-target.com 1 redirects www.rallyhealth.com
2 match.prod.bidr.io 2 redirects
2 px.ads.linkedin.com 2 redirects
2 stats.g.doubleclick.net www.rallyhealth.com
2 cm.g.doubleclick.net 2 redirects
2 www.youtube.com www.googletagmanager.com
www.youtube.com
2 www.facebook.com www.rallyhealth.com
2 connect.facebook.net www.rallyhealth.com
connect.facebook.net
2 rally-health-prod.imgix.net www.rallyhealth.com
2 npmcdn.com 1 redirects www.rallyhealth.com
2 api.tiles.mapbox.com www.rallyhealth.com
2 assets.adobedtm.com www.rallyhealth.com
assets.adobedtm.com
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com www.rallyhealth.com
1 tracking.crazyegg.com script.crazyegg.com
1 smetrics.optum.com www.rallyhealth.com
1 id.rlcdn.com www.rallyhealth.com
1 assets-tracking.crazyegg.com script.crazyegg.com
1 pagestates-tracking.crazyegg.com script.crazyegg.com
1 tag.demandbase.com www.rallyhealth.com
1 px4.ads.linkedin.com www.rallyhealth.com
1 www.linkedin.com 1 redirects
1 snap.licdn.com www.rallyhealth.com
1 match.adsrvr.org www.rallyhealth.com
1 cm.everesttech.net 1 redirects
1 unitedhealthgroup.demdex.net assets.adobedtm.com
1 www.googletagmanager.com www.rallyhealth.com
1 cdn.amplitude.com www.rallyhealth.com
1 ajax.googleapis.com www.rallyhealth.com
1 rallyhealth.com 1 redirects
1 click.yourhealth-wellnessteam.com 1 redirects
0 global.ib-ibi.com Failed www.rallyhealth.com
71 39

This site contains links to these domains. Also see Links.

Domain
accounts.werally.com
rallyhealth.com
Subject Issuer Validity Valid
www.rallyhealth.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-12 -
2023-04-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-09 -
2023-06-09		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
api.mapbox.com
Amazon		 2022-01-06 -
2023-02-04		 a year crt.sh
*.imgix.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-06-01 -
2023-07-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
cdn.amplitude.com
Amazon		 2021-12-17 -
2023-01-14		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-30 -
2022-10-28		 3 months crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA		 2022-01-28 -
2023-02-28		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
tag.demandbase.com
Go Daddy Secure Certificate Authority - G2		 2022-08-17 -
2023-09-18		 a year crt.sh
crazyegg.com
Amazon		 2022-06-27 -
2023-07-26		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
smetrics.optum.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-20 -
2023-04-20		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-07-10 -
2023-08-11		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh

This page contains 4 frames:

Primary Page: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Frame ID: A2C50F0A86599994A7AFF4A1C544EA8B
Requests: 60 HTTP requests in this frame

Frame: https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0
Frame ID: 6ED1B154FF27EB40D11AB0543E4131F2
Requests: 4 HTTP requests in this frame

Frame: https://script.crazyegg.com/pages/data-scripts/0068/2727/site/www.rallyhealth.com.json?t=1
Frame ID: E3B7C83C61BAFC62A70D8A02E87C723D
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 6E505A18AAEF038FAF03E12C4458D2D0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Quit-For-Life | Rally Health

Page URL History Show full URLs

  1. https://click.yourhealth-wellnessteam.com/?qs=bf355f65e7afe3f82fadc9559d50955896009a4137160c5a92c271f2c66717e1ff81930e... HTTP 302
    https://rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q... HTTP 301
    https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • mapbox-gl.js
Overall confidence: 100%
Detected patterns
  • cdn\.amplitude\.com
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • (turf@[\d.]+)?/?turf\.min\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

71
Requests

89 %
HTTPS

41 %
IPv6

30
Domains

39
Subdomains

32
IPs

6
Countries

2647 kB
Transfer

10730 kB
Size

34
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.yourhealth-wellnessteam.com/?qs=bf355f65e7afe3f82fadc9559d50955896009a4137160c5a92c271f2c66717e1ff81930e52d6cdb9d3bf761223468a0a93ae59330c2794dc HTTP 302
    https://rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH HTTP 301
    https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://npmcdn.com/@turf/turf/turf.min.js HTTP 302
  • https://npmcdn.com/@turf/turf@6.5.0/turf.min.js
Request Chain 24
  • https://cm.everesttech.net/cm/dd?d_uuid=75399302406531517072083753744111196971 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1F_1QAAAJWJwANx
Request Chain 41
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzUzOTkzMDI0MDY1MzE1MTcwNzIwODM3NTM3NDQxMTExOTY5NzE= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NzUzOTkzMDI0MDY1MzE1MTcwNzIwODM3NTM3NDQxMTExOTY5NzE=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEHTndOwHW3g_RchYT_CLtMQ&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 57
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=31163&time=1666285271998&url=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum%26utm_medium%3Demail%26utm_campaign%3DQFL-Awareness_Q4_OO%26utm_content%3DAcq_Q4_EM1_OptOut_UH HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D31163%26time%3D1666285271998%26url%3Dhttps%253A%252F%252Fwww.rallyhealth.com%252Fquit-for-life%253Futm_source%253DOptum%2526utm_medium%253Demail%2526utm_campaign%253DQFL-Awareness_Q4_OO%2526utm_content%253DAcq_Q4_EM1_OptOut_UH%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=31163&time=1666285271998&url=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum%26utm_medium%3Demail%26utm_campaign%3DQFL-Awareness_Q4_OO%26utm_content%3DAcq_Q4_EM1_OptOut_UH&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=31163&time=1666285271998&url=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum%26utm_medium%3Demail%26utm_campaign%3DQFL-Awareness_Q4_OO%26utm_content%3DAcq_Q4_EM1_OptOut_UH&liSync=true&e_ipv6=AQKy9NEEXliXwAAAAYP2V341FL9M-FfX0Mt6ZHWQrNFQGtVOwl7KUyOz7vZaPZIwyua09EXqCKc7
Request Chain 64
  • https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
  • https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
  • https://segments.company-target.com/log?vendor=choca&user_id=AADp3k7Gov4AAB9ro265Tg HTTP 303
  • https://segments.company-target.com/validateCookie?vendor=choca&user_id=AADp3k7Gov4AAB9ro265Tg&verifyHash=9f348e041974b2e6d6a2b00907910a978bb58a2

71 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request quit-for-life
www.rallyhealth.com/
Redirect Chain
  • https://click.yourhealth-wellnessteam.com/?qs=bf355f65e7afe3f82fadc9559d50955896009a4137160c5a92c271f2c66717e1ff81930e52d6cdb9d3bf761223468a0a93ae59330c2794dc
  • https://rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
  • https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
108 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.158.ip.incapdns.net
Software
/ Craft CMS
Resource Hash
ac5911bd6198ab600ad7c9b3e17d4055d8e777e091ba130be5816fae576c9cb2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 20 Oct 2022 17:01:08 GMT
vary
Accept-Encoding
x-cdn
Imperva
x-iinfo
13-18009576-18009581 NNNN CT(95 193 0) RT(1666285268532 11) q(0 0 3 0) r(4 5) U5
x-powered-by
Craft CMS

Redirect headers

content-length
0
location
https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
350914
hello.myfonts.net/count/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hello.myfonts.net/count/350914
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:f449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
launch-9e740193cc86.min.js
assets.adobedtm.com/512027f42d3c/5ef16568c699/ 		150 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/512027f42d3c/5ef16568c699/launch-9e740193cc86.min.js
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e24b2cc040bd00c415b990e9603679b7ce0ad4aa1e8f4fcfb708a15841ed817a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 17:01:09 GMT
content-encoding
gzip
last-modified
Tue, 24 May 2022 12:38:49 GMT
server
AkamaiNetStorage
etag
"d43ec710388efd5587f692efc772ed5d:1653395929.815414"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.rallyhealth.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
49981
expires
Thu, 20 Oct 2022 18:01:09 GMT
mapbox-gl.js
api.tiles.mapbox.com/mapbox-gl-js/v2.3.0/ 		828 KB
221 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.tiles.mapbox.com/mapbox-gl-js/v2.3.0/mapbox-gl.js
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.155.153.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-153-193.ham50.r.cloudfront.net
Software
/ Express
Resource Hash
98b379ff20a6b4b9084d4455e206aa66e5b522cb419efc36200ffc73b32abe81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 08 Jun 2022 05:17:20 GMT
Content-Encoding
gzip
Via
1.1 c4c673bb688f3b033f2c0ef943ea98e2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
HAM50-P2
Age
11619829
X-Powered-By
Express
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed May 26 2021 00:27:18 GMT+0000 (Coordinated Universal Time)
ETag
"a7672b6a5c894e783270197e99036a8c"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
X-Amz-Cf-Id
pVjAB7viLIPe3beo1JhA2A1YvUOPrXMGt-aPp_dyJ3xnGbj9JIxn_g==
mapbox-gl.css
api.tiles.mapbox.com/mapbox-gl-js/v2.3.0/ 		34 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api.tiles.mapbox.com/mapbox-gl-js/v2.3.0/mapbox-gl.css
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.155.153.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-153-193.ham50.r.cloudfront.net
Software
/ Express
Resource Hash
5adc121bddb887b4d757aa9aa59f31e4636557f9f9457129d0acc1382e27333c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 04:51:54 GMT
Content-Encoding
gzip
Via
1.1 660c94f4f2991ce757c8a794a9814a00.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
HAM50-P2
Age
9202155
X-Powered-By
Express
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed May 26 2021 00:27:39 GMT+0000 (Coordinated Universal Time)
ETag
"e1c40426e607d9e6076e76417e51eef5"
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
X-Amz-Cf-Id
VWmBK9LbLg_Mp_movhFYZrWaXZBbM6yAhSSYt8FoDf1jkcH91xy7wQ==
turf.min.js
npmcdn.com/@turf/turf@6.5.0/
Redirect Chain
  • https://npmcdn.com/@turf/turf/turf.min.js
  • https://npmcdn.com/@turf/turf@6.5.0/turf.min.js
590 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://npmcdn.com/@turf/turf@6.5.0/turf.min.js
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Server
2606:4700:20::681a:acb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d00f3e8ff8a8f9c103dad61c2fd4bb58143e1404aadfdf09e29b6db1a2de0a3f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 17:01:09 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
23189537
content-encoding
br
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01FT826BVH2FK3FCBWTWNFQTJW
server
cloudflare
etag
W/"939c2-B/O2XVTbZ/U8c28UNSVGFwzH8yM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=te24IFIne%2Fr4qmDlnSJk%2FSa3gvofiIqt0%2B8dmHA1sLUtQt15KKQ7d9z2ZAjok9uAS%2FjiBc%2BIsPM52blpTXt88yLya%2FFZSTW%2BIY5bZ%2Bu3JOT1cDy6sTLwYOZqjNhK44wqfsp0OjKWGZQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
75d350545fb49054-FRA

Redirect headers

date
Thu, 20 Oct 2022 17:01:09 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
12
fly-request-id
01GFV5EGMVKTYB6B95K7Q48AT3-fra
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yzGXU0r8MwXB8vwoK08a09Jh3wtT0QHyUV%2Bg4yb%2FGPEL6MIT5%2FHuxog4ssdKcndg68qRqEjbftc2g%2Bre%2B6nRstsAUm6X0ZEflQbhW%2BJkWaS6i44BZFSmic%2FKKkQTZiVUsRR0PZ7TF6k%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/@turf/turf@6.5.0/turf.min.js
cache-control
public, max-age=14400, s-maxage=600
cf-ray
75d350541f079054-FRA
main.min.css
www.rallyhealth.com/css/ 		165 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rallyhealth.com/css/main.min.css?v=1665766149
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.158.ip.incapdns.net
Software
/
Resource Hash
8638de9b84a29135f93ddf68a554e5bc4f0306b74afdd505b43947251ec2fe7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 17:01:09 GMT
content-encoding
gzip
last-modified
Fri, 14 Oct 2022 16:49:09 GMT
x-cdn
Imperva
etag
W/"63499305-295e9"
vary
Accept-Encoding
content-type
text/css
x-iinfo
13-18009576-18009729 NNNN CT(101 214 0) RT(1666285268532 548) q(0 0 3 -1) r(5 5) U5
cache-control
max-age=31536000
expires
Fri, 20 Oct 2023 17:01:09 GMT
rally-logo.svg
www.rallyhealth.com/assets/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rallyhealth.com/assets/rally-logo.svg
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.158.ip.incapdns.net
Software
/
Resource Hash
3b756aba12395a564274520d1f411b0402a5f745ca1ba3cbe17f89075a227bcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 17:01:09 GMT
content-encoding
gzip
last-modified
Fri, 14 Oct 2022 16:46:10 GMT
x-cdn
Imperva
etag
W/"63499252-19a2"
vary
Accept-Encoding
content-type
image/svg+xml
x-iinfo
13-18009576-18009803 NNNY CT(97 197 0) RT(1666285268532 742) q(0 0 0 -1) r(1 1) U5
cache-control
max-age=31536000
expires
Fri, 20 Oct 2023 17:01:09 GMT
QFL-logo_2x.png
rally-health-prod.imgix.net/Logos/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rally-health-prod.imgix.net/Logos/QFL-logo_2x.png?crop=focalpoint&fit=crop&fp-x=0.5&fp-y=0.5&h=283&q=100&w=800&s=dba603738428dc3af7de443b74dae743
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
82a3a1b3d297e97ecdeda5e8fa261da4ea9d64e08f9a645a472ec26b309d8a90
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-imgix-render-farm
01.560
date
Thu, 20 Oct 2022 17:01:09 GMT
x-content-type-options
nosniff
last-modified
Wed, 12 Oct 2022 12:21:30 GMT
server
imgix
age
707978
x-cache
HIT, HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
bec29abbfec3d640ab8e003804c2e3b3d0ffd581
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35099
x-served-by
cache-sjc10045-SJC, cache-fra19168-FRA
QFL-LP_header-image_2x.png
rally-health-prod.imgix.net/Module-Images/ 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rally-health-prod.imgix.net/Module-Images/QFL-LP_header-image_2x.png?crop=focalpoint&fit=crop&fp-x=0.5&fp-y=0.5&h=400&q=100&w=800&s=ecbe847f4c0ab09817b619bae85a9900
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
a4fa433b1862422fa3d7bb2ba6198421deb8f520b42a009982b625667a5cb200
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-imgix-render-farm
01.560
date
Thu, 20 Oct 2022 17:01:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 09 Oct 2022 21:09:33 GMT
server
imgix
age
935496
x-cache
HIT, HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
ebaca86b67d863b934bd0b174160ee45025d3838
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
108043
x-served-by
cache-sjc10040-SJC, cache-fra19168-FRA
Rally_Arrows_w_tmk.png
www.rallyhealth.com/assets/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rallyhealth.com/assets/Rally_Arrows_w_tmk.png
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.158.ip.incapdns.net
Software
/
Resource Hash
b896279fff3d8bb808e348cc28283721ec6e70165229623948c5239818b4bf4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 17:01:09 GMT
last-modified
Fri, 14 Oct 2022 16:46:10 GMT
x-cdn
Imperva
etag
"63499252-c91"
content-type
image/png
x-iinfo
13-18009576-18009806 NNNY CT(95 195 0) RT(1666285268532 748) q(0 0 0 -1) r(1 1) U5
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3217
expires
Fri, 20 Oct 2023 17:01:09 GMT
rally-logo-reverse.svg
www.rallyhealth.com/assets/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rallyhealth.com/assets/rally-logo-reverse.svg
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.158.ip.incapdns.net
Software
/
Resource Hash
7a03b37a0f12c558430891010aa7374c1fa21371c91c7eddbe327e600c3e597f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 17:01:09 GMT
content-encoding
gzip
last-modified
Fri, 14 Oct 2022 16:46:10 GMT
x-cdn
Imperva
etag
W/"63499252-1b03"
vary
Accept-Encoding
content-type
image/svg+xml
x-iinfo
13-18009576-18009809 NNNN CT(98 198 0) RT(1666285268532 763) q(0 0 3 -1) r(4 4) U5
cache-control
max-age=31536000
expires
Fri, 20 Oct 2023 17:01:09 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 04:07:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46439
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Oct 2023 04:07:10 GMT
plugin.min.js
www.rallyhealth.com/js/dist/ 		95 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rallyhealth.com/js/dist/plugin.min.js?v=1665766148
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.158.ip.incapdns.net
Software
/
Resource Hash
33654d576736b5d8da1c4a7c0598a364f206aa0df34ba0efc59f42d0e2e6728c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 17:01:09 GMT
content-encoding
gzip
last-modified
Fri, 14 Oct 2022 16:49:08 GMT
x-cdn
Imperva
etag
W/"63499304-17cca"
vary
Accept-Encoding
content-type
application/javascript
x-iinfo
13-18009576-18009581 PNNN RT(1666285268532 730) q(0 0 0 -1) r(1 1) U5
cache-control
max-age=31536000
expires
Fri, 20 Oct 2023 17:01:09 GMT
main.min.js
www.rallyhealth.com/js/dist/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rallyhealth.com/js/dist/main.min.js?v=1665766148
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.158.ip.incapdns.net
Software
/
Resource Hash
1844f10c93b29aaa35de3dab61a922a6065eff572a7ad2f74cfde412a9f86662

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 17:01:09 GMT
content-encoding
gzip
last-modified
Fri, 14 Oct 2022 16:49:08 GMT
x-cdn
Imperva
etag
W/"63499304-8999"
vary
Accept-Encoding
content-type
application/javascript
x-iinfo
13-18009576-18009798 NNNN CT(97 195 0) RT(1666285268532 736) q(0 0 3 -1) r(4 4) U5
cache-control
max-age=31536000
expires
Fri, 20 Oct 2023 17:01:09 GMT
_Incapsula_Resource
www.rallyhealth.com/ 		143 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.rallyhealth.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=2105046440
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.158.ip.incapdns.net
Software
/
Resource Hash
455dde6a8a38f6f8be3f251fe63972966117c3074040a269cde85c2d82a005ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
x-robots-tag
noindex
content-length
20630
content-type
application/javascript
amplitude-8.21.1-min.gz.js
cdn.amplitude.com/libs/ 		78 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.amplitude.com/libs/amplitude-8.21.1-min.gz.js
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.160 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-160.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93e8cd53ed78b8a27087304b6f33103ec3ce745003f62d9a2ad77cc40a1ace30

Request headers

Referer
https://www.rallyhealth.com/
Origin
https://www.rallyhealth.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 19:44:12 GMT
content-encoding
gzip
via
1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
x-amz-version-id
UAXIG_gXYToRdTowQhWNLrT1YuPxKcSX
x-amz-cf-pop
FRA56-C2
age
163018
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25142
last-modified
Thu, 22 Sep 2022 18:57:21 GMT
server
AmazonS3
etag
"f371ea8154adecf96550964dd193fd4c"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
-HU7JKrOplwH7DjHDNHQO9QxiAhqU44aYDAPayh5fKOPfrJJOdzEUQ==
id
dpm.demdex.net/ 		974 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1666285269217
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.4.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-4-32.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b8964e6fa081da729e371b578d151d642bbc202d02ed5c3c12d41bc3dd146722
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.rallyhealth.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v044-01c2009f5.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
ok8OKZhERYc=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.rallyhealth.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
561
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/5ef16568c699/launch-9e740193cc86.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

unused62
8096267
date
Thu, 20 Oct 2022 17:01:09 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 16:35:31 GMT
server
AkamaiNetStorage
etag
"d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.rallyhealth.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12163
expires
Thu, 20 Oct 2022 18:01:09 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Oct 2022 15:01:59 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
7150
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 20 Oct 2022 17:01:59 GMT
gtm.js
www.googletagmanager.com/ 		297 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5X8NLTL
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c587cb16f1d9f8dce02190ae35f10d5391afea577693d85e18925a5d2bde648f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 17:01:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74391
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 16:05:35 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 20 Oct 2022 17:01:09 GMT
fbevents.js
connect.facebook.net/en_US/ 		102 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 20 Oct 2022 17:01:09 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27027
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
5RgwvENREzkDyL6gbsfunNMjUmtYOcXCFtrBiU6U8W30yntrNWhlSQ3NZxFGJCZY4uJEQ2obEHnkghRZtjx74Q==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/webp
1598193977106649
connect.facebook.net/signals/config/ 		293 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1598193977106649?v=2.9.87&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
20ea1e508e535ef9c38fbd4a1ca9ee3b1a270f9f27e29a726784c4443f080e5a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 20 Oct 2022 17:01:09 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86466
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
o9a+U3/ARU+lVl4BYyZyHtVzeBcJWVhkMNd8dgoh5Hzy7oVGYztBZquKr6Z6nY66CnpVuifZXtnr35NX5VVhmg==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
dest5.html
unitedhealthgroup.demdex.net/ Frame 6ED1 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/5ef16568c699/launch-9e740193cc86.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.136.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-136-252.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.rallyhealth.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-2-v044-0c2c7cff5.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
k7Vq8f6LStQ=
content-encoding
gzip
date
Thu, 20 Oct 2022 17:01:09 GMT
last-modified
Thu, 29 Sep 2022 16:52:13 GMT
transfer-encoding
chunked
vary
accept-encoding
ibs:dpid=411&dpuuid=Y1F_1QAAAJWJwANx
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=75399302406531517072083753744111196971
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1F_1QAAAJWJwANx
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1F_1QAAAJWJwANx
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
HTTP/1.1
Server
52.31.4.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-4-32.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v044-03b75489a.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
3DXJfutEQ4A=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1F_1QAAAJWJwANx
Date
Thu, 20 Oct 2022 17:01:09 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
/
api.amplitude.com/ 		7 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.232.89.83 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-232-89-83.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.rallyhealth.com/
Cross-Origin-Resource-Policy
cross-origin
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 20 Oct 2022 17:01:10 GMT
strict-transport-security
max-age=15768000
trace-id
Root=1-63517ed6-7133f2f742383447337d8130
content-length
7
access-control-allow-methods
GET, POST
content-type
text/html;charset=utf-8
/
api.amplitude.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.232.89.83 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-232-89-83.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
cross-origin-resource-policy
Access-Control-Request-Method
POST
Origin
https://www.rallyhealth.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
cross-origin-resource-policy
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-length
0
date
Thu, 20 Oct 2022 17:01:09 GMT
strict-transport-security
max-age=15768000
QFL-LP_coach-support_2x.png
d362armbx6l2g0.cloudfront.net/Tout-Images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d362armbx6l2g0.cloudfront.net/Tout-Images/QFL-LP_coach-support_2x.png
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:400:4:f286:6800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ad9a44f2d2996ab6d06acdaf17b947b3a44693a7998cd773c57918d7d38636b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 13:02:27 GMT
x-amz-version-id
TohGNSttvYh_CLsLGx.mMK1aV1CnjYyh
via
1.1 f046bfa1468bb4385e357c8c9128cf50.cloudfront.net (CloudFront)
last-modified
Thu, 25 Mar 2021 17:01:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
14323
etag
"0780bdf16e9bcb42c089922b01a7140b"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
18171
x-amz-cf-id
FC3LixwCpQShcGjkrHqbm-gJsFH3QZhiu0jWJZg1mwNNI0WmphDKww==
QFL-LP_any-time-access_2x.png
d362armbx6l2g0.cloudfront.net/Tout-Images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d362armbx6l2g0.cloudfront.net/Tout-Images/QFL-LP_any-time-access_2x.png
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:400:4:f286:6800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3f0e15e16e7a347037e7f7665bc59e9a96a4ac6a18222f3ea570fa5d76ca8bff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 13:02:27 GMT
x-amz-version-id
TqNNctFfNsqsjnJ_rXkx1vNX2Rq3Icts
via
1.1 f046bfa1468bb4385e357c8c9128cf50.cloudfront.net (CloudFront)
last-modified
Thu, 25 Mar 2021 17:00:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
14323
etag
"f396f09747d9540cd6c28c2ccd59e930"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
14338
x-amz-cf-id
TwQ_cLq5lm-lz7tPSR1-kN91ADpwehySiphvQzkuLSgJOppCuOWitA==
QFL-LP_help-beyond-quit_2x.png
d362armbx6l2g0.cloudfront.net/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d362armbx6l2g0.cloudfront.net/QFL-LP_help-beyond-quit_2x.png
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:400:4:f286:6800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bfc978d39c228b6e373412d2275ba1b1953989ca07b35e23ea1f3fb2eb767d81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 13:02:27 GMT
x-amz-version-id
ApZCEWZqE8qKWKA95kCb3T9AUN7ZcaoN
via
1.1 f046bfa1468bb4385e357c8c9128cf50.cloudfront.net (CloudFront)
last-modified
Thu, 25 Mar 2021 17:02:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
14323
etag
"8ff4119272459ce47d147b3e42de6b66"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
15633
x-amz-cf-id
3ycnKIDam1FjCT68-lpR6Bom21GJBluWM1jEl913veWfgIte8Gv9yQ==
350914_4_0.woff2
www.rallyhealth.com/assets/fonts/ 		65 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.rallyhealth.com/assets/fonts/350914_4_0.woff2
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.158.ip.incapdns.net
Software
/
Resource Hash
bb24ca0cbb54af3d9f26295634e9d00d7db9aaaf50d2b2ca4506b94bea4343df

Request headers

Referer
https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Origin
https://www.rallyhealth.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 17:01:09 GMT
last-modified
Fri, 14 Oct 2022 16:46:10 GMT
x-cdn
Imperva
etag
"63499252-1042a"
content-type
application/octet-stream
x-iinfo
13-18009576-18009581 PNNN RT(1666285268532 840) q(0 0 0 -1) r(1 1) U5
cache-control
max-age=31536000
accept-ranges
bytes
content-length
66602
expires
Fri, 20 Oct 2023 17:01:09 GMT
350914_0_0.woff2
www.rallyhealth.com/assets/fonts/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.rallyhealth.com/assets/fonts/350914_0_0.woff2
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.158.ip.incapdns.net
Software
/
Resource Hash
6cb6b6e5a292040c2bb8074878e03d7e031da6253d5eec31edf1c100802b61db

Request headers

Referer
https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Origin
https://www.rallyhealth.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 17:01:09 GMT
last-modified
Fri, 14 Oct 2022 16:46:10 GMT
x-cdn
Imperva
etag
"63499252-5357"
content-type
application/octet-stream
x-iinfo
13-18009576-18009806 PNNy RT(1666285268532 843) q(0 0 0 -1) r(1 2) U5
cache-control
max-age=31536000
accept-ranges
bytes
content-length
21335
expires
Fri, 20 Oct 2023 17:01:09 GMT
350914_3_0.woff2
www.rallyhealth.com/assets/fonts/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.rallyhealth.com/assets/fonts/350914_3_0.woff2
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.158.ip.incapdns.net
Software
/
Resource Hash
fe1f651485263fd8479553b0c3bb23099f1696cbcfcec653bb29c542daf750e7

Request headers

Referer
https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Origin
https://www.rallyhealth.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 17:01:09 GMT
last-modified
Fri, 14 Oct 2022 16:46:10 GMT
x-cdn
Imperva
etag
"63499252-53a5"
content-type
application/octet-stream
x-iinfo
13-18009576-18009803 PNNy RT(1666285268532 846) q(0 0 0 -1) r(1 2) U5
cache-control
max-age=31536000
accept-ranges
bytes
content-length
21413
expires
Fri, 20 Oct 2023 17:01:09 GMT
350914_2_0.woff2
www.rallyhealth.com/assets/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.rallyhealth.com/assets/fonts/350914_2_0.woff2
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.158.ip.incapdns.net
Software
/
Resource Hash
e98d5c943d6e8e8cf5aacb45eb401803e41608126e69badc40ee5e028943fd84

Request headers

Referer
https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Origin
https://www.rallyhealth.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 17:01:09 GMT
last-modified
Fri, 14 Oct 2022 16:46:10 GMT
x-cdn
Imperva
etag
"63499252-50ea"
content-type
application/octet-stream
x-iinfo
13-18009576-18009581 PNNN RT(1666285268532 848) q(0 2 2 -1) r(3 3) U5
cache-control
max-age=31536000
accept-ranges
bytes
content-length
20714
expires
Fri, 20 Oct 2023 17:01:09 GMT
js
www.google-analytics.com/gtm/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-5X28TLH&cid=1940798646.1666285269
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cb47b003bbd1d0c06e1c6055a7d7669819d08468201da3fdd3e81985b8ba5cb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 17:01:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42318
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 16:13:57 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 20 Oct 2022 17:01:09 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1598193977106649&ev=PageView&dl=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum%26utm_medium%3Demail%26utm_campaign%3DQFL-Awareness_Q4_OO%26utm_content%3DAcq_Q4_EM1_OptOut_UH&rl=&if=false&ts=1666285269435&sw=1600&sh=1200&v=2.9.87&r=stable&ec=0&o=30&fbp=fb.1.1666285269431.952358688&it=1666285269334&coo=false&rqm=GET
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 20 Oct 2022 17:01:09 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
2727.js
script.crazyegg.com/pages/scripts/0068/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0068/2727.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5X8NLTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5242902da084a84deef4f44a78fc11468c51ebfbd7d376faba35e499969575e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 17:01:09 GMT
content-encoding
gzip
cf-cache-status
HIT
age
106542
cf-polished
origSize=5668
ce-version
11.4.26
cf-bgj
minify
last-modified
Wed, 19 Oct 2022 11:25:27 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
75d3505639aa995a-FRA
iframe_api
www.youtube.com/ 		992 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5X8NLTL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fa21fb66f1bdc2a62ec6246fe35275694edc6d51287e5214bea2f7a8bb37d699
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 17:01:09 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Thu, 20 Oct 2022 17:01:09 GMT
www.rallyhealth.com.json
script.crazyegg.com/pages/data-scripts/0068/2727/site/ Frame E3B7 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0068/2727/site/www.rallyhealth.com.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0068/2727.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
354c1a280827a35589288b2e55fc8950e9b33980a0fb1fc65818c64fa289c483

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 17:01:09 GMT
content-encoding
gzip
cf-cache-status
HIT
age
113223
ce-version
11.4.26
content-length
1571
last-modified
Wed, 19 Oct 2022 09:34:06 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75d35056b9d19b92-FRA
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=356507597&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum%26utm_medium%3Demail%26utm_campaign%3DQFL-Awareness_Q4_OO%26utm_content%3DAcq_Q4_EM1_OptOut_UH&ul=en-us&de=UTF-8&dt=Quit-For-Life%20%7C%20Rally%20Health&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAEADQAAAACAAI~&jid=1721855486&gjid=621691009&cid=1940798646.1666285269&tid=UA-37681395-2&_gid=941284.1666285269&_r=1&_slc=1&z=115920974
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rallyhealth.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 17:01:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rallyhealth.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=356507597&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum%26utm_medium%3Demail%26utm_campaign%3DQFL-Awareness_Q4_OO%26utm_content%3DAcq_Q4_EM1_OptOut_UH&ul=en-us&de=UTF-8&dt=Quit-For-Life%20%7C%20Rally%20Health&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAACAAI~&jid=1715190411&gjid=277036069&cid=1940798646.1666285269&tid=UA-37681395-2&_gid=941284.1666285269&_r=1&gtm=2wgah05X8NLTL&z=1303968198
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rallyhealth.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 17:01:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rallyhealth.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=771&dpuuid=CAESEHTndOwHW3g_RchYT_CLtMQ&google_cver=1
dpm.demdex.net/ Frame 6ED1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzUzOTkzMDI0MDY1MzE1MTcwNzIwODM3NTM3NDQxMTExOTY5NzE=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NzUzOTkzMDI0MDY1MzE1MTcwNzIwODM3NTM3NDQxMTExOTY5NzE=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEHTndOwHW3g_RchYT_CLtMQ&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEHTndOwHW3g_RchYT_CLtMQ&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
HTTP/1.1
Server
52.31.4.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-4-32.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://unitedhealthgroup.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v044-0722c3202.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
aTBTgJBcTeE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 20 Oct 2022 17:01:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEHTndOwHW3g_RchYT_CLtMQ&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-widgetapi.js
www.youtube.com/s/player/24c6f8bd/www-widgetapi.vflset/ 		157 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/24c6f8bd/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9675106ffe936d9a2b9d234fab0ad0a194332664c6328576dcac6f99a6f1ef87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 16:39:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
1312
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52758
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 00:20:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 20 Oct 2023 16:39:17 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-37681395-2&cid=1940798646.1666285269&jid=1721855486&gjid=621691009&_gid=941284.1666285269&_u=KGBAAEACQAAAACAAI~&z=1201609736
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rallyhealth.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 20 Oct 2022 17:01:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rallyhealth.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-37681395-2&cid=1940798646.1666285269&jid=1715190411&gjid=277036069&_gid=941284.1666285269&_u=aGDAAEADQAAAACAAI~&z=2029762332
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rallyhealth.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 20 Oct 2022 17:01:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rallyhealth.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
7d6ef81f9422694340d6007e6857f38a.js
script.crazyegg.com/pages/versioned/common-scripts/ 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/7d6ef81f9422694340d6007e6857f38a.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0068/2727.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe2e94d62eb9d7e50da60842392c0ce372372aec72abcaa970afecff76a0228d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 17:01:09 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 07 Oct 2022 14:16:57 GMT
server
cloudflare
age
113682
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75d35056eb06995a-FRA
content-length
29957
350914
hello.myfonts.net/count/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hello.myfonts.net/count/350914
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/css/main.min.css?v=1665766149
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:f449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
generic
match.adsrvr.org/track/cmf/ Frame 6ED1 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.rallyhealth.com&ttd_tpi=1
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://unitedhealthgroup.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 20 Oct 2022 17:01:09 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
non-critical.min.css
www.rallyhealth.com/css/ 		103 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.rallyhealth.com/css/non-critical.min.css?v=1665766149
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.158.ip.incapdns.net
Software
/
Resource Hash
f1244de44d19da5e8166dbc266d98a21e2f480c5faa9e109c9d2bde3385fc164

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 17:01:09 GMT
content-encoding
gzip
last-modified
Fri, 14 Oct 2022 16:49:09 GMT
x-cdn
Imperva
etag
W/"63499305-19b04"
vary
Accept-Encoding
content-type
text/css
x-iinfo
13-18009576-18009803 PNNy RT(1666285268532 1127) q(0 0 0 -1) r(1 1) U5
cache-control
max-age=31536000
expires
Fri, 20 Oct 2023 17:01:09 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 17:01:09 GMT
content-encoding
gzip
last-modified
Wed, 19 Oct 2022 18:56:33 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=84816
accept-ranges
bytes
content-length
3063
get-feed
www.rallyhealth.com/actions/rally-utilities-module/gyms/ 		7 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.rallyhealth.com/actions/rally-utilities-module/gyms/get-feed
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.158.ip.incapdns.net
Software
/ Craft CMS
Resource Hash
1b59a7459389cabe43ac517167e75604bd9907d737c9164472fe7662a289d68e

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-iinfo
13-18009576-18009581 PNNN RT(1666285268532 1156) q(0 0 0 -1) r(10 10) U5
date
Thu, 20 Oct 2022 17:01:10 GMT
content-encoding
gzip
x-cdn
Imperva
x-powered-by
Craft CMS
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
350914
hello.myfonts.net/count/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hello.myfonts.net/count/350914
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/css/non-critical.min.css?v=1665766149
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:f449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
/
api.amplitude.com/ 		7 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.232.89.83 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-232-89-83.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.rallyhealth.com/
Cross-Origin-Resource-Policy
cross-origin
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 20 Oct 2022 17:01:12 GMT
strict-transport-security
max-age=15768000
trace-id
Root=1-63517ed8-6d348d6f3364ccf83c710cdd
content-length
7
access-control-allow-methods
GET, POST
content-type
text/html;charset=utf-8
image.sbix
global.ib-ibi.com/ Frame 6ED1 		0
0
_Incapsula_Resource
www.rallyhealth.com/ 		1 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rallyhealth.com/_Incapsula_Resource?SWKMTFSR=1&e=0.2485538255289672
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.158.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
www.rallyhealth.com.json
script.crazyegg.com/pages/data-scripts/0068/2727/sampling/ Frame E3B7 		165 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0068/2727/sampling/www.rallyhealth.com.json?t=462857
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/7d6ef81f9422694340d6007e6857f38a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
457a05ac2d95a0b1116469ea3a3217b344db98b9475ffdf6f3930f39d884ae45

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 17:01:12 GMT
content-encoding
gzip
cf-cache-status
HIT
age
18665
ce-version
11.4.26
content-length
146
last-modified
Thu, 20 Oct 2022 11:50:06 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75d35065fa6b9b92-FRA
/
www.facebook.com/tr/ Frame 6E50 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.rallyhealth.com
Referer
https://www.rallyhealth.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.rallyhealth.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Thu, 20 Oct 2022 17:01:12 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=31163&time=1666285271998&url=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum%26utm_medium%3Demail%26utm_campaign%3DQFL-Awar...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D31163%26time%3D1666285271998%26url%3Dhttps%253A%252F%252Fwww.rallyhealth.com%252F...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=31163&time=1666285271998&url=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum%26utm_medium%3Demail%26utm_campaign%3DQFL-Awar...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=31163&time=1666285271998&url=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum%26utm_medium%3Demail%26utm_campaign%3DQFL-Awa...
0
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=31163&time=1666285271998&url=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum%26utm_medium%3Demail%26utm_campaign%3DQFL-Awareness_Q4_OO%26utm_content%3DAcq_Q4_EM1_OptOut_UH&liSync=true&e_ipv6=AQKy9NEEXliXwAAAAYP2V341FL9M-FfX0Mt6ZHWQrNFQGtVOwl7KUyOz7vZaPZIwyua09EXqCKc7
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 17:01:12 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: DE098164A7274964B059EFEA198B0AD2 Ref B: FRAEDGE1214 Ref C: 2022-10-20T17:01:12Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXrekXHzdmOvAch88Dwkw==

Redirect headers

date
Thu, 20 Oct 2022 17:01:12 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 4B8382676F644A83B6ABC9A1943DE321 Ref B: VIEEDGE3118 Ref C: 2022-10-20T17:01:12Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=31163&time=1666285271998&url=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum%26utm_medium%3Demail%26utm_campaign%3DQFL-Awareness_Q4_OO%26utm_content%3DAcq_Q4_EM1_OptOut_UH&liSync=true&e_ipv6=AQKy9NEEXliXwAAAAYP2V341FL9M-FfX0Mt6ZHWQrNFQGtVOwl7KUyOz7vZaPZIwyua09EXqCKc7
x-li-proto
http/2
content-length
0
x-li-uuid
AAXrekXE2mLv0A95B5C37A==
/
api.amplitude.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.232.89.83 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-232-89-83.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
cross-origin-resource-policy
Access-Control-Request-Method
POST
Origin
https://www.rallyhealth.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
cross-origin-resource-policy
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-length
0
date
Thu, 20 Oct 2022 17:01:12 GMT
strict-transport-security
max-age=15768000
a469c055.min.js
tag.demandbase.com/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.demandbase.com/a469c055.min.js
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-46.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c676ce3cda9b377716311a94a3d8c00c6024e9cfcd4884d34f55864c9ad9e07b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
KvmGQ6qthzWype34APgJJB882hhPHdJg
content-encoding
gzip
via
1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
date
Thu, 20 Oct 2022 16:26:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P7
age
2111
x-cache
Hit from cloudfront
last-modified
Thu, 22 Apr 2021 18:50:00 GMT
server
AmazonS3
etag
W/"4c794f876d8ab65b635e3c7f1434a31c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id
XlryMdt0nwx7RwNSRTX3OD0va2iJvJfCj1VufMcV5lucTpknK2Ywkg==
csrf-data
www.rallyhealth.com/actions/rally-utilities-module/freeform/ 		146 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.rallyhealth.com/actions/rally-utilities-module/freeform/csrf-data
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.158.ip.incapdns.net
Software
/ Craft CMS
Resource Hash
94c4b26a4654ead7d7fa01002745925dc64d9ca7b0bfb9db9c2d12383083db47

Request headers

Accept
*/*
Referer
https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-iinfo
13-18009576-18009581 PNNN RT(1666285268532 3450) q(0 0 0 -1) r(2 2) U5
date
Thu, 20 Oct 2022 17:01:12 GMT
content-encoding
gzip
x-cdn
Imperva
x-powered-by
Craft CMS
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
healthcheck
pagestates-tracking.crazyegg.com/ Frame E3B7 		19 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagestates-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/7d6ef81f9422694340d6007e6857f38a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-88.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 15:00:41 GMT
via
1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
8733632
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
xGX6EGOvQVswxBMDzZ4fnkcsJl8GM7Mxfuq7OoLrtzBRSZfGXEUy5w==
healthcheck
assets-tracking.crazyegg.com/ Frame E3B7 		19 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/7d6ef81f9422694340d6007e6857f38a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-43.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 11:33:15 GMT
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
5117277
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
EVgpF0Wtk66wkb3bqjFgY4geI2Nlsab5mfc65I9vsK3TgbxefI_EBQ==
f627c739-0045-4592-b53e-87d8aaf2dffe
https://www.rallyhealth.com/ 		45 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.rallyhealth.com/f627c739-0045-4592-b53e-87d8aaf2dffe
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e8f74416e7bc7051dbd2c0b2dec8cdb9a5ba4b36f88ba1b65c3e7dd7447b4090

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length
45
Content-Type
text/javascript
validateCookie
segments.company-target.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/demandbase
  • https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
  • https://segments.company-target.com/log?vendor=choca&user_id=AADp3k7Gov4AAB9ro265Tg
  • https://segments.company-target.com/validateCookie?vendor=choca&user_id=AADp3k7Gov4AAB9ro265Tg&verifyHash=9f348e041974b2e6d6a2b00907910a978bb58a2
26 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AADp3k7Gov4AAB9ro265Tg&verifyHash=9f348e041974b2e6d6a2b00907910a978bb58a2
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
HTTP/1.1
Server
143.204.215.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-97.fra53.r.cloudfront.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 20 Oct 2022 17:01:12 GMT
Via
1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA53-C1
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Content-Type
image/gif
Vary
Origin
Connection
keep-alive
trace-id
152d3e68a328d478
X-Amz-Cf-Id
rQ0n2gkZEUYZKcjc7aa6haQl8DWA3BZKcnKkV9O6LAnyUFuT510rjw==

Redirect headers

Date
Thu, 20 Oct 2022 17:01:12 GMT
Via
1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA53-C1
Vary
Origin
X-Cache
Miss from cloudfront
Location
/validateCookie?vendor=choca&user_id=AADp3k7Gov4AAB9ro265Tg&verifyHash=9f348e041974b2e6d6a2b00907910a978bb58a2
Connection
keep-alive
trace-id
ede66ca698e8e80b
Content-Length
0
X-Amz-Cf-Id
-92sUQJDLY-Q3Y86HHNzyxaBX4Re3-dlbBEwO4DQQlusER-TBamKrw==
464526.gif
id.rlcdn.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/464526.gif
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 17:01:12 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
s51270227328319
smetrics.optum.com/b/ss/uhgrallyhealthprod/1/JS-2.22.4-LCS4/ 		43 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smetrics.optum.com/b/ss/uhgrallyhealthprod/1/JS-2.22.4-LCS4/s51270227328319?AQB=1&ndh=1&pf=1&t=20%2F9%2F2022%2017%3A1%3A12%204%200&mid=74429812574575539701369943533235848386&aamlh=6&ce=UTF-8&pageName=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum%26utm_medium%3Demail%26utm_campaign%3DQFL-Awareness_Q4_OO%26utm_content%3DAcq_Q4_EM1_OptOut_UH&g=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum%26utm_medium%3Demail%26utm_campaign%3DQFL-Awareness_Q4_OO%26utm_content%3DAcq_Q4_EM1_OptOut_UH&cc=USD&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c25=D%3DpageName&v25=D%3DpageName&c44=%3Futm_source%3DOptum%26utm_medium%3Demail%26utm_campaign%3DQFL-Awareness_Q4_OO%26utm_content%3DAcq_Q4_EM1_OptOut_UH&v44=%3Futm_source%3DOptum%26utm_medium%3Demail%26utm_campaign%3DQFL-Awareness_Q4_OO%26utm_content%3DAcq_Q4_EM1_OptOut_UH&v72=D%3Dmid&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=8E391C8B533058250A490D4D%40AdobeOrg&AQE=1
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Oct 2022 17:01:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Fri, 21 Oct 2022 17:01:12 GMT
server
jag
etag
3578320375231807488-4619840218960751428
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 19 Oct 2022 17:01:12 GMT
clock
tracking.crazyegg.com/ Frame E3B7 		26 B
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/clock?t=1666285272215
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/7d6ef81f9422694340d6007e6857f38a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.252.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-252-170.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
f74c7d169ec954af15d1884a19b9489f0791c81962f896f6f939dec2a5c5c3b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 20 Oct 2022 17:01:12 GMT
cache-control
no-store
server
awselb/2.0
content-length
26
content-type
text/plain
13f6c604-fbee-4f13-8e8d-41e5bf9f1758
https://www.rallyhealth.com/ 		260 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.rallyhealth.com/13f6c604-fbee-4f13-8e8d-41e5bf9f1758
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60d8508062baa7f4beda6ed4029f2e1ba9f881f93857c32e8ecb5b29f0bc82f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length
260
Content-Type
text/javascript
nr-1169.min.js
js-agent.newrelic.com/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1169.min.js
Requested by
Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum&utm_medium=email&utm_campaign=QFL-Awareness_Q4_OO&utm_content=Acq_Q4_EM1_OptOut_UH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cddee6bb37cab7b576ddf080fd6ba00fa8420d0afc0531f413633175e9e5f9c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 varnish
date
Thu, 20 Oct 2022 17:01:12 GMT
x-amz-request-id
QEGFH88RPY2E17Q6
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
10276
x-amz-id-2
wIswYgm4lLOQvih/xv4bfjEn6fY4XqrTQUWfveSQdD6qVpUj0sMS6byU9FFAy0QG5Jhifr5IZZk=
x-served-by
cache-fra19183-FRA
last-modified
Wed, 20 May 2020 21:16:15 GMT
server
AmazonS3
x-timer
S1666285273.913224,VS0,VE0
etag
"7e312620a90879b595db1bff9c42ed57"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
185
8f22def631
bam.nr-data.net/1/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/8f22def631?a=278441150&sa=1&v=1169.7b094c0&t=Unnamed%20Transaction&rst=5129&ck=1&ref=https://www.rallyhealth.com/quit-for-life&be=1300&fe=5078&dc=4186&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1666285267804,%22n%22:0,%22f%22:742,%22dn%22:742,%22dne%22:757,%22c%22:757,%22s%22:763,%22ce%22:772,%22rq%22:772,%22rp%22:1280,%22rpe%22:1298,%22dl%22:1283,%22di%22:4183,%22ds%22:4183,%22de%22:4186,%22dc%22:5077,%22l%22:5077,%22le%22:5078%7D,%22navigation%22:%7B%7D%7D&fp=1908&fcp=1908&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1169.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.rallyhealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Thu, 20 Oct 2022 17:01:13 GMT
Server
cloudflare
Connection
keep-alive
CF-RAY
75d3506c0808695b-FRA
Content-Length
2
Vary
Accept-Encoding
Content-Type
text/plain;charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
global.ib-ibi.com
URL
https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=75399302406531517072083753744111196971

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation number| pageFormCount object| NREUM object| newrelic function| __nr_require string| amp_device_id object| amplitude object| adobeDataLayer object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| dataLayer string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| mapboxgl object| turf function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s object| analyticsConnectorInstances object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL object| google_optimize object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ function| isValidHostname function| isSessionSupported object| CE2BH function| CE_URL_FINGERPRINT object| webpackChunkCE2 function| $ function| jQuery number| timeModified function| loadCSS string| _linkedin_partner_id object| _linkedin_data_partner_ids function| init function| listenForChange function| addQuery function| removeQuery function| triggerCallbacks function| addEvent function| getPreviousContext function| getContext function| _inArray function| _indexOf object| MQ function| initMap function| buildLocationListSegment function| clearSelectedMarkers function| clearHoveredMarkers function| removeAllPopups function| createPopUp function| getBbox function| updateMap function| getUniqueGymsSorted function| adjustListingsHeaderMargin function| isDefined function| isLoading function| clearForm object| accordion undefined| Grnhse object| careers object| carousels object| forms function| introTransitions object| modEvents object| nav object| overlay object| that undefined| map object| selectedMarkerId object| hoveredMarkerId boolean| isMouseOverEvent number| gymListingFirstIndex number| gymListingLastIndex string| feedUrl undefined| productNames object| gyms function| searchByZip number| resultsPage undefined| totalCount number| rppg number| resourceCount object| csrfToken object| resources object| responsiveImages function| lintrk boolean| _already_called_lintrk object| callbacks string| context string| new_context function| __extends object| Demandbase object| __db function| DBSegment object| s_i_uhgrallyhealthprod

34 Cookies

Domain/Path Name / Value
.rallyhealth.com/ Name: visid_incap_661021
Value: cL0t4aS1QnaRiedOI0RQn9R+UWMAAAAAQUIPAAAAAACZJZeLp9puaRSkaS4ZGasX
.rallyhealth.com/ Name: incap_ses_1288_661021
Value: JPHLaYsYdTA8ctYLwuXfEdV+UWMAAAAAw7I1KXHB9qfEeuYwuEo0gA==
.demdex.net/ Name: demdex
Value: 75399302406531517072083753744111196971
.rallyhealth.com/ Name: AMCVS_8E391C8B533058250A490D4D%40AdobeOrg
Value: 1
.rallyhealth.com/ Name: amp_c00ff2
Value: suO3WHP5xuHXavP2jSRKmq...1gfr5escd.1gfr5escj.1.1.2
.rallyhealth.com/ Name: _ga
Value: GA1.2.1940798646.1666285269
.rallyhealth.com/ Name: _gid
Value: GA1.2.941284.1666285269
.rallyhealth.com/ Name: _fbp
Value: fb.1.1666285269431.952358688
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y1F_1QAAAJWJwANx
.rallyhealth.com/ Name: _gat
Value: 1
.rallyhealth.com/ Name: _gat_UA-37681395-2
Value: 1
.dpm.demdex.net/ Name: dpm
Value: 75399302406531517072083753744111196971
.youtube.com/ Name: YSC
Value: NLbAXf6I9m4
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 1eWs5sC_2j8
.rallyhealth.com/ Name: AMCV_8E391C8B533058250A490D4D%40AdobeOrg
Value: -2121179033%7CMCIDTS%7C19286%7CMCMID%7C74429812574575539701369943533235848386%7CMCAAMLH-1666890069%7C6%7CMCAAMB-1666890069%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1666292469s%7CNONE%7CMCSYNCSOP%7C411-19293%7CvVersion%7C5.3.0
.doubleclick.net/ Name: IDE
Value: AHWqTUmjDvJFtOBSg5gl6l8vV7LKFOhf6DpttOw8M8sVUoOTBTeRc8f48vKG2vTWoSA
.demdex.net/ Name: dextp
Value: 771-1-1666285269553|903-1-1666285269654|285689-1-1666285271937
.rallyhealth.com/ Name: cebs
Value: 1
.rallyhealth.com/ Name: s_cc
Value: true
www.rallyhealth.com/ Name: CRAFT_CSRF_TOKEN
Value: 62a8a0c43f5898bd8782f5f8508d0796bb59c44b54e1ed5d58eda63cd47929bba%3A2%3A%7Bi%3A0%3Bs%3A16%3A%22CRAFT_CSRF_TOKEN%22%3Bi%3A1%3Bs%3A40%3A%22_zqp7J0qYpNqAW0vm_6THdB4yhxuhglFxOMX0krP%22%3B%7D
.bidr.io/ Name: bito
Value: AADp3k7Gov4AAB9ro265Tg
.bidr.io/ Name: bitoIsSecure
Value: ok
.linkedin.com/ Name: UserMatchHistory
Value: AQIukYCqiV6X3gAAAYP2V30NSg35nVyUrngRsd3pCLKVJQMLnOlILcfhPz0wyTvs_BNfwsInof2uDw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQKOAjw8mhCNRwAAAYP2V30NxhqCknMi0xWjJ3tnzDpeXhl6fcLCwOW5H6napa_KxPRfzKNvf4mMgkj6-bZAPw
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&ab362792-d8d8-4ef2-8ca5-25f75cd444f9"
.linkedin.com/ Name: lidc
Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2502:u=1:x=1:i=1666285272:t=1666371672:v=2:sig=AQH_7i2qBdJu4bf-MzODzx51U2AJ8ZBP"
.rallyhealth.com/ Name: cebsp
Value: 1
.rallyhealth.com/ Name: _ce.s
Value: v~a916d95cb20887f65afb18d1434f8c485316e3a6~vpv~0~v11.rlc~1666285272408
.company-target.com/ Name: tuuid
Value: ddd7819b-e905-4856-a291-c8d1c6f01c37
.company-target.com/ Name: tuuid_lu
Value: 1666285272
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&2022102017011251987eba-5f5f-418d-8026-4801d0b7b748AQF0erC68mgJ7EVVhBTWBMr46ZJKxWYO"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NjYyODUyNzI7MjswMjGADQFS9rkCQgx13g/+y26Of5zkrIi/4Eq4CaAKykGMKg==

6 Console Messages

Source Level URL
Text
network error URL: https://hello.myfonts.net/count/350914
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://hello.myfonts.net/count/350914
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://hello.myfonts.net/count/350914
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://id.rlcdn.com/464526.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=75399302406531517072083753744111196971
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://bam.nr-data.net/1/8f22def631?a=278441150&sa=1&v=1169.7b094c0&t=Unnamed%20Transaction&rst=5129&ck=1&ref=https://www.rallyhealth.com/quit-for-life&be=1300&fe=5078&dc=4186&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1666285267804,%22n%22:0,%22f%22:742,%22dn%22:742,%22dne%22:757,%22c%22:757,%22s%22:763,%22ce%22:772,%22rq%22:772,%22rp%22:1280,%22rpe%22:1298,%22dl%22:1283,%22di%22:4183,%22ds%22:4183,%22de%22:4186,%22dc%22:5077,%22l%22:5077,%22le%22:5078%7D,%22navigation%22:%7B%7D%7D&fp=1908&fcp=1908&jsonp=NREUM.setToken
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.amplitude.com
api.tiles.mapbox.com
assets-tracking.crazyegg.com
assets.adobedtm.com
bam.nr-data.net
cdn.amplitude.com
click.yourhealth-wellnessteam.com
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
d362armbx6l2g0.cloudfront.net
dpm.demdex.net
global.ib-ibi.com
hello.myfonts.net
id.rlcdn.com
js-agent.newrelic.com
match.adsrvr.org
match.prod.bidr.io
npmcdn.com
pagestates-tracking.crazyegg.com
px.ads.linkedin.com
px4.ads.linkedin.com
rally-health-prod.imgix.net
rallyhealth.com
script.crazyegg.com
segments.company-target.com
smetrics.optum.com
snap.licdn.com
stats.g.doubleclick.net
tag.demandbase.com
tracking.crazyegg.com
unitedhealthgroup.demdex.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.linkedin.com
www.rallyhealth.com
www.youtube.com
global.ib-ibi.com
108.138.17.46
13.107.42.14
13.111.39.86
13.224.189.43
13.32.23.160
142.250.74.194
143.204.215.97
149.126.77.158
15.188.95.229
151.101.2.137
162.247.241.14
18.155.153.193
18.66.97.88
192.230.66.158
2600:9000:20eb:400:4:f286:6800:93a1
2606:4700:20::681a:acb
2606:4700::6811:f449
2606:4700::6813:9308
2620:1ec:22::14
2a00:1450:4001:800::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:82f::200a
2a00:1450:400c:c00::9c
2a02:26f0:3500:16::215:149b
2a02:26f0:3500:591::1e80
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:3::720
34.251.26.3
35.244.174.68
35.71.131.137
44.232.89.83
52.30.136.252
52.30.152.75
52.31.4.32
54.76.252.170
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
1844f10c93b29aaa35de3dab61a922a6065eff572a7ad2f74cfde412a9f86662
1b59a7459389cabe43ac517167e75604bd9907d737c9164472fe7662a289d68e
20ea1e508e535ef9c38fbd4a1ca9ee3b1a270f9f27e29a726784c4443f080e5a
33654d576736b5d8da1c4a7c0598a364f206aa0df34ba0efc59f42d0e2e6728c
354c1a280827a35589288b2e55fc8950e9b33980a0fb1fc65818c64fa289c483
3b756aba12395a564274520d1f411b0402a5f745ca1ba3cbe17f89075a227bcc
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3f0e15e16e7a347037e7f7665bc59e9a96a4ac6a18222f3ea570fa5d76ca8bff
455dde6a8a38f6f8be3f251fe63972966117c3074040a269cde85c2d82a005ae
457a05ac2d95a0b1116469ea3a3217b344db98b9475ffdf6f3930f39d884ae45
5242902da084a84deef4f44a78fc11468c51ebfbd7d376faba35e499969575e3
5adc121bddb887b4d757aa9aa59f31e4636557f9f9457129d0acc1382e27333c
60d8508062baa7f4beda6ed4029f2e1ba9f881f93857c32e8ecb5b29f0bc82f0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cb6b6e5a292040c2bb8074878e03d7e031da6253d5eec31edf1c100802b61db
7a03b37a0f12c558430891010aa7374c1fa21371c91c7eddbe327e600c3e597f
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
82a3a1b3d297e97ecdeda5e8fa261da4ea9d64e08f9a645a472ec26b309d8a90
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8638de9b84a29135f93ddf68a554e5bc4f0306b74afdd505b43947251ec2fe7d
8ad9a44f2d2996ab6d06acdaf17b947b3a44693a7998cd773c57918d7d38636b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
93e8cd53ed78b8a27087304b6f33103ec3ce745003f62d9a2ad77cc40a1ace30
94c4b26a4654ead7d7fa01002745925dc64d9ca7b0bfb9db9c2d12383083db47
9675106ffe936d9a2b9d234fab0ad0a194332664c6328576dcac6f99a6f1ef87
98b379ff20a6b4b9084d4455e206aa66e5b522cb419efc36200ffc73b32abe81
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a4fa433b1862422fa3d7bb2ba6198421deb8f520b42a009982b625667a5cb200
ac5911bd6198ab600ad7c9b3e17d4055d8e777e091ba130be5816fae576c9cb2
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b896279fff3d8bb808e348cc28283721ec6e70165229623948c5239818b4bf4d
b8964e6fa081da729e371b578d151d642bbc202d02ed5c3c12d41bc3dd146722
bb24ca0cbb54af3d9f26295634e9d00d7db9aaaf50d2b2ca4506b94bea4343df
bfc978d39c228b6e373412d2275ba1b1953989ca07b35e23ea1f3fb2eb767d81
c587cb16f1d9f8dce02190ae35f10d5391afea577693d85e18925a5d2bde648f
c676ce3cda9b377716311a94a3d8c00c6024e9cfcd4884d34f55864c9ad9e07b
cb47b003bbd1d0c06e1c6055a7d7669819d08468201da3fdd3e81985b8ba5cb2
cddee6bb37cab7b576ddf080fd6ba00fa8420d0afc0531f413633175e9e5f9c8
d00f3e8ff8a8f9c103dad61c2fd4bb58143e1404aadfdf09e29b6db1a2de0a3f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e24b2cc040bd00c415b990e9603679b7ce0ad4aa1e8f4fcfb708a15841ed817a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8f74416e7bc7051dbd2c0b2dec8cdb9a5ba4b36f88ba1b65c3e7dd7447b4090
e98d5c943d6e8e8cf5aacb45eb401803e41608126e69badc40ee5e028943fd84
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1244de44d19da5e8166dbc266d98a21e2f480c5faa9e109c9d2bde3385fc164
f74c7d169ec954af15d1884a19b9489f0791c81962f896f6f939dec2a5c5c3b2
f8486cf55c57486f26236be045e02ada380d1ee0378008375cf54295c23954c8
fa21fb66f1bdc2a62ec6246fe35275694edc6d51287e5214bea2f7a8bb37d699
fe1f651485263fd8479553b0c3bb23099f1696cbcfcec653bb29c542daf750e7
fe2e94d62eb9d7e50da60842392c0ce372372aec72abcaa970afecff76a0228d