www.rallyhealth.com Open in urlscan Pro
149.126.77.158 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://rallyhealth.com/quit-for-life?utm_source=Optum
Effective URL:
https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Submission: On October 19 via api (October 19th 2022, 5:41:43 pm UTC) from US — Scanned from DE

Summary HTTP 79 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 32 IPs in 6 countries across 29 domains to perform 79 HTTP transactions. The main IP is 149.126.77.158, located in Frankfurt am Main, Germany and belongs to INCAPSULA, US. The main domain is www.rallyhealth.com. The Cisco Umbrella rank of the primary domain is 402071.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 12th 2022. Valid for: a year.

This is the only time www.rallyhealth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	192.230.66.158 192.230.66.158	19551 (INCAPSULA) (INCAPSULA)
16	149.126.77.158 149.126.77.158	19551 (INCAPSULA) (INCAPSULA)
3	2606:4700::68... 2606:4700::6811:f449	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:350... 2a02:26f0:3500:591::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	18.66.138.182 18.66.138.182	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:20:... 2606:4700:20::681a:acb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:3::720 2a04:4e42:3::720	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	52.222.206.118 52.222.206.118	16509 (AMAZON-02) (AMAZON-02)
3	54.171.150.101 54.171.150.101	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2600:9000:225... 2600:9000:225e:2a00:4:f286:6800:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:480... 2a02:26f0:480:f::213:7edd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	52.11.95.35 52.11.95.35	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.43.14 13.107.43.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
1	108.138.17.87 108.138.17.87	16509 (AMAZON-02) (AMAZON-02)
1	18.66.97.88 18.66.97.88	16509 (AMAZON-02) (AMAZON-02)
1	18.66.122.45 18.66.122.45	16509 (AMAZON-02) (AMAZON-02)
2 2	54.77.129.99 54.77.129.99	16509 (AMAZON-02) (AMAZON-02)
1 2	52.222.214.106 52.222.214.106	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	54.76.252.170 54.76.252.170	16509 (AMAZON-02) (AMAZON-02)
1	34.248.152.242 34.248.152.242	16509 (AMAZON-02) (AMAZON-02)
1 1	34.251.26.3 34.251.26.3	16509 (AMAZON-02) (AMAZON-02)
1	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
2 2	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
79	32

1 192.230.66.158 (Canada) 1 redirects

ASN19551 (INCAPSULA, US)
PTR: 192.230.66.158.ip.incapdns.net

rallyhealth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 149.126.77.158 (Frankfurt am Main, Germany)

ASN19551 (INCAPSULA, US)
PTR: 149.126.77.158.ip.incapdns.net

www.rallyhealth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:f449 (United States)

ASN13335 (CLOUDFLARENET, US)

hello.myfonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.138.182 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-138-182.fra60.r.cloudfront.net

api.tiles.mapbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:acb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

npmcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:3::720 (United States)

ASN54113 (FASTLY, US)

rally-health-prod.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.206.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-118.fra56.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.171.150.101 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-150-101.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:225e:2a00:4:f286:6800:93a1 (United States)

ASN16509 (AMAZON-02, US)

d362armbx6l2g0.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:f::213:7edd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.11.95.35 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-11-95-35.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.43.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-87.fra56.r.cloudfront.net

tag.demandbase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-88.fra56.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-45.fra60.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.77.129.99 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-129-99.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.214.106 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-106.fra56.r.cloudfront.net

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.252.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-252-170.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.152.242 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-152-242.eu-west-1.compute.amazonaws.com

unitedhealthgroup.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.26.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-26-3.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

smetrics.optum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	rallyhealth.com 1 redirects rallyhealth.com — Cisco Umbrella Rank: 342144 www.rallyhealth.com — Cisco Umbrella Rank: 402071	2 MB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	73 KB
7	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 1773 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 3881 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 3900 tracking.crazyegg.com — Cisco Umbrella Rank: 3878	35 KB
5	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 2741 api.amplitude.com — Cisco Umbrella Rank: 1386	26 KB
4	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 84 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	1 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 375 www.linkedin.com — Cisco Umbrella Rank: 591 px4.ads.linkedin.com — Cisco Umbrella Rank: 6090	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	62 KB
4	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 214 unitedhealthgroup.demdex.net — Cisco Umbrella Rank: 22318	7 KB
3	cloudfront.net d362armbx6l2g0.cloudfront.net	48 KB
3	myfonts.net hello.myfonts.net — Cisco Umbrella Rank: 5462
2	company-target.com 1 redirects segments.company-target.com — Cisco Umbrella Rank: 1301	1 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 508	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	203 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 96	53 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 742	4 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	112 KB
2	imgix.net rally-health-prod.imgix.net — Cisco Umbrella Rank: 580549	140 KB
2	npmcdn.com 1 redirects npmcdn.com — Cisco Umbrella Rank: 22344	151 KB
2	mapbox.com api.tiles.mapbox.com — Cisco Umbrella Rank: 11974	226 KB
2	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 490	61 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 226
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 343	10 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 356	265 B
1	optum.com smetrics.optum.com — Cisco Umbrella Rank: 19332	373 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1073	517 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 584	98 B
1	demandbase.com tag.demandbase.com — Cisco Umbrella Rank: 4793	16 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 306	30 KB
0	ib-ibi.com Failed global.ib-ibi.com Failed
79	29

	Domain	Requested by
16	www.rallyhealth.com	www.rallyhealth.com
8	www.googletagmanager.com	www.rallyhealth.com
4	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
4	api.amplitude.com	www.rallyhealth.com
4	www.google-analytics.com	www.rallyhealth.com www.google-analytics.com
3	d362armbx6l2g0.cloudfront.net	www.rallyhealth.com
3	dpm.demdex.net	www.rallyhealth.com
3	hello.myfonts.net	www.rallyhealth.com
2	cm.g.doubleclick.net	2 redirects
2	segments.company-target.com	1 redirects www.rallyhealth.com
2	match.prod.bidr.io	2 redirects
2	stats.g.doubleclick.net	www.rallyhealth.com
2	www.facebook.com	www.rallyhealth.com
2	px.ads.linkedin.com	2 redirects
2	www.youtube.com	www.googletagmanager.com www.youtube.com
2	snap.licdn.com	www.rallyhealth.com snap.licdn.com
2	connect.facebook.net	www.rallyhealth.com connect.facebook.net
2	rally-health-prod.imgix.net	www.rallyhealth.com
2	npmcdn.com	1 redirects www.rallyhealth.com
2	api.tiles.mapbox.com	www.rallyhealth.com
2	assets.adobedtm.com	www.rallyhealth.com assets.adobedtm.com
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.rallyhealth.com
1	match.adsrvr.org	www.rallyhealth.com
1	smetrics.optum.com	www.rallyhealth.com
1	cm.everesttech.net	1 redirects
1	unitedhealthgroup.demdex.net	assets.adobedtm.com
1	tracking.crazyegg.com	script.crazyegg.com
1	id.rlcdn.com	www.rallyhealth.com
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	tag.demandbase.com	www.rallyhealth.com
1	px4.ads.linkedin.com	www.rallyhealth.com
1	www.linkedin.com	1 redirects
1	cdn.amplitude.com	www.rallyhealth.com
1	ajax.googleapis.com	www.rallyhealth.com
1	rallyhealth.com	1 redirects
0	global.ib-ibi.com Failed	www.rallyhealth.com
79	38

This site contains links to these domains. Also see Links.

Domain
accounts.werally.com
member.werally.com
rallyhealth.com

Subject Issuer	Validity	Valid
www.rallyhealth.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-12` - `2023-04-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-09` - `2023-06-09`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
api.mapbox.com Amazon	`2022-01-06` - `2023-02-04`	a year	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-06-01` - `2023-07-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
cdn.amplitude.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-29` - `2022-10-27`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2022-01-28` - `2023-02-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tag.demandbase.com Go Daddy Secure Certificate Authority - G2	`2022-08-17` - `2023-09-18`	a year	crt.sh
crazyegg.com Amazon	`2022-06-27` - `2023-07-26`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
smetrics.optum.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-20` - `2023-04-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Frame ID: E2D57B0924D0469F7229F7E6ACE488F3
Requests: 68 HTTP requests in this frame

Frame: https://script.crazyegg.com/pages/data-scripts/0068/2727/site/www.rallyhealth.com.json?t=1
Frame ID: D73616EE9610D0F5CF198EF9E7464C42
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 3A8BFAF978307D06E1A3871BE2964F93
Requests: 1 HTTP requests in this frame

Frame: https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0
Frame ID: 092F80BEB1A6CE4AD7F9624904C5F332
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Quit-For-Life | Rally Health

Page URL History Show full URLs

https://rallyhealth.com/quit-for-life?utm_source=Optum HTTP 301
https://www.rallyhealth.com/quit-for-life?utm_source=Optum Page URL

Detected technologies

Mapbox GL JS (Maps) Expand

Overall confidence: 100%
Detected patterns

mapbox-gl.js

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

TurfJS (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

(turf@[\d.]+)?/?turf\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

79
Requests

90 %
HTTPS

42 %
IPv6

29
Domains

38
Subdomains

32
IPs

6
Countries

2648 kB
Transfer

10730 kB
Size

34
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://accounts.werally.com/partner/optum/optum_default/register?amp_device_id=qZs46zoqGampnSJlfZwVn-&redirect=https://coach.werally.com/programs/q4l&utm_source=Optum
Title: Get Started

Search URL Search Domain Scan URL

URL: https://member.werally.com/?amp_device_id=qZs46zoqGampnSJlfZwVn-&&utm_source=Optum
Title: Log in Now

Search URL Search Domain Scan URL

URL: https://rallyhealth.com/corporate/quitforlife/noticeofprivacypractices
Title: Notice of Privacy Practices

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://rallyhealth.com/quit-for-life?utm_source=Optum HTTP 301
https://www.rallyhealth.com/quit-for-life?utm_source=Optum Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://npmcdn.com/@turf/turf/turf.min.js HTTP 302
https://npmcdn.com/@turf/turf@6.5.0/turf.min.js

Request Chain 42

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=31163&time=1666201295796&url=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D31163%26time%3D1666201295796%26url%3Dhttps%253A%252F%252Fwww.rallyhealth.com%252Fquit-for-life%253Futm_source%253DOptum%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=31163&time=1666201295796&url=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=31163&time=1666201295796&url=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum&liSync=true&e_ipv6=AQJFuTnvAov6MQAAAYPxViSwVWT-S7JQ328_Xr_GJrGbDFqKYyg6b8cW3_FcYsoTTdEH23S3kfbEGGK3ATMhXR-xiO3jXQ

Request Chain 65

https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
https://segments.company-target.com/log?vendor=choca&user_id=AAFAgE7GoG4AACBeAR3MWw HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAFAgE7GoG4AACBeAR3MWw&verifyHash=7111d212e8237aaf9d0943f0b6baa3f170612acf

Request Chain 69

https://cm.everesttech.net/cm/dd?d_uuid=27914227566322846541209279120506921333 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1A20gAAAJpnbgOJ

Request Chain 73

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=Mjc5MTQyMjc1NjYzMjI4NDY1NDEyMDkyNzkxMjA1MDY5MjEzMzM= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=Mjc5MTQyMjc1NjYzMjI4NDY1NDEyMDkyNzkxMjA1MDY5MjEzMzM=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIqCG-cUwIsXdCLGQzfXTWA&google_cver=1?gdpr=0&gdpr_consent=

79 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request quit-for-life Show response
www.rallyhealth.com/
Redirect Chain

https://rallyhealth.com/quit-for-life?utm_source=Optum
https://www.rallyhealth.com/quit-for-life?utm_source=Optum

107 KB
27 KB

771ms
709ms

Document
text/html

149.126.77.158
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.158.ip.incapdns.net
Software: / Craft CMS
Resource Hash: 2ded55d37943e4b26c210071772a79585b8a33f01283e40d7a8bbf4541d1cfac

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 19 Oct 2022 17:41:35 GMT
vary: Accept-Encoding
x-cdn: Imperva
x-iinfo: 10-44387292-44387297 NNNN CT(85 173 0) RT(1666201294242 19) q(0 0 3 0) r(6 7) U5
x-powered-by: Craft CMS

Redirect headers

content-length: 0
location: https://www.rallyhealth.com/quit-for-life?utm_source=Optum

GET
H2 503 350914
hello.myfonts.net/count/ 0
0 86ms
36ms Stylesheet
text/html 2606:4700::6811:f449
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.myfonts.net/count/350914
Requested by: Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:f449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 launch-9e740193cc86.min.js Show response
assets.adobedtm.com/512027f42d3c/5ef16568c699/ 150 KB
49 KB 242ms
46ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/512027f42d3c/5ef16568c699/launch-9e740193cc86.min.js
Requested by: Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e24b2cc040bd00c415b990e9603679b7ce0ad4aa1e8f4fcfb708a15841ed817a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 17:41:35 GMT
content-encoding: gzip
last-modified: Tue, 24 May 2022 12:38:49 GMT
server: AkamaiNetStorage
etag: "d43ec710388efd5587f692efc772ed5d:1653395929.815414"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.rallyhealth.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 49981
expires: Wed, 19 Oct 2022 18:41:35 GMT

GET
H/1.1 200
OK mapbox-gl.js Show response
api.tiles.mapbox.com/mapbox-gl-js/v2.3.0/ 828 KB
221 KB 89ms
22ms Script
application/javascript 18.66.138.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.tiles.mapbox.com/mapbox-gl-js/v2.3.0/mapbox-gl.js
Requested by: Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.138.182 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-138-182.fra60.r.cloudfront.net
Software: / Express
Resource Hash: 98b379ff20a6b4b9084d4455e206aa66e5b522cb419efc36200ffc73b32abe81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 18 May 2022 01:26:40 GMT
Content-Encoding: gzip
Via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P4
Age: 13364095
X-Powered-By: Express
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed May 26 2021 00:27:18 GMT+0000 (Coordinated Universal Time)
ETag: "a7672b6a5c894e783270197e99036a8c"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-Amz-Cf-Id: pAndsP8d_5s_KNRXOnPfCHYHv26f409YlMgUbH5kLz60El1Sk4xClA==

GET
H/1.1 200
OK mapbox-gl.css
api.tiles.mapbox.com/mapbox-gl-js/v2.3.0/ 34 KB
5 KB 82ms
16ms Stylesheet
text/css 18.66.138.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.tiles.mapbox.com/mapbox-gl-js/v2.3.0/mapbox-gl.css
Requested by: Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.138.182 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-138-182.fra60.r.cloudfront.net
Software: / Express
Resource Hash: 5adc121bddb887b4d757aa9aa59f31e4636557f9f9457129d0acc1382e27333c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Sat, 24 Sep 2022 01:01:20 GMT
Content-Encoding: gzip
Via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P4
Age: 2220015
X-Powered-By: Express
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed May 26 2021 00:27:39 GMT+0000 (Coordinated Universal Time)
ETag: "e1c40426e607d9e6076e76417e51eef5"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-Amz-Cf-Id: 52AMGagSMnJvU0eI6kyeYyF9iVss_YDOiO6sY4TLREkg5tFA1RPFEQ==

GET
H2

200

turf.min.js Show response
npmcdn.com/@turf/turf@6.5.0/
Redirect Chain

https://npmcdn.com/@turf/turf/turf.min.js
https://npmcdn.com/@turf/turf@6.5.0/turf.min.js

590 KB
151 KB

44ms
44ms

Script
application/javascript

2606:4700:20::681a:acb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://npmcdn.com/@turf/turf@6.5.0/turf.min.js

Requested by

Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum

Protocol

Server

2606:4700:20::681a:acb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d00f3e8ff8a8f9c103dad61c2fd4bb58143e1404aadfdf09e29b6db1a2de0a3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 17:41:35 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 19344853
content-encoding: br
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01FXR4RZ4G2M110TAQBDA3MW8R-fra
server: cloudflare
etag: W/"939c2-B/O2XVTbZ/U8c28UNSVGFwzH8yM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XvIW21i04iVax9pxWkG%2B3cRTm7VZuwMnOVLQ6igSQ2UAYvmCsPJWnFLVeWiQ0ohoGFJHByk8fe1aV6RI94C%2BUY6VFL5cLxyvsagsW8B0SweyKu5LykA4QYvcMNz4R8qse0yPWk%2BMFGs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 75cb4e2fb8a79177-FRA

Redirect headers

date: Wed, 19 Oct 2022 17:41:35 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 75
fly-request-id: 01GFRN9XKBGVPEDNF8QGYJHDEJ-fra
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZnxbIOSVaMgfx4EAY3S%2FVrhN8xo4A7Bc1NhkLbeKpC5Q6FIxrt6fB3yEzYksUdcjQCuq0IXkj78G%2FfTRnX9Bk15sxzS6B7sTRwXBuc66L8aSX4cGVOf9hhOC1P99vDIGXn6671Ag%2B4Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /@turf/turf@6.5.0/turf.min.js
cache-control: public, max-age=14400, s-maxage=600
cf-ray: 75cb4e2f78149177-FRA

GET
H2 200 main.min.css
www.rallyhealth.com/css/ 165 KB
31 KB 110ms
108ms Stylesheet
text/css 149.126.77.158
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rallyhealth.com/css/main.min.css?v=1665766149
Requested by: Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.158.ip.incapdns.net
Software: /
Resource Hash: 8638de9b84a29135f93ddf68a554e5bc4f0306b74afdd505b43947251ec2fe7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 17:41:35 GMT
content-encoding: gzip
last-modified: Fri, 14 Oct 2022 16:49:09 GMT
x-cdn: Imperva
etag: W/"63499305-295e9"
vary: Accept-Encoding
content-type: text/css
x-iinfo: 10-44387292-44387297 PNNN RT(1666201294242 766) q(0 0 0 -1) r(1 1) U5
cache-control: max-age=31536000
expires: Thu, 19 Oct 2023 17:41:35 GMT

GET
H2 200 rally-logo.svg
www.rallyhealth.com/assets/ 6 KB
2 KB 111ms
107ms Image
image/svg+xml 149.126.77.158
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rallyhealth.com/assets/rally-logo.svg
Requested by: Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.158.ip.incapdns.net
Software: /
Resource Hash: 3b756aba12395a564274520d1f411b0402a5f745ca1ba3cbe17f89075a227bcc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 17:41:35 GMT
content-encoding: gzip
last-modified: Fri, 14 Oct 2022 16:46:10 GMT
x-cdn: Imperva
etag: W/"63499252-19a2"
vary: Accept-Encoding
content-type: image/svg+xml
x-iinfo: 10-44387292-44387297 PNNN RT(1666201294242 1143) q(0 0 0 -1) r(1 1) U5
cache-control: max-age=31536000
expires: Thu, 19 Oct 2023 17:41:35 GMT

GET
H2 200 QFL-logo_2x.png
rally-health-prod.imgix.net/Logos/ 34 KB
35 KB 64ms
15ms Image
image/png 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rally-health-prod.imgix.net/Logos/QFL-logo_2x.png?crop=focalpoint&fit=crop&fp-x=0.5&fp-y=0.5&h=283&q=100&w=800&s=dba603738428dc3af7de443b74dae743

Requested by

Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

82a3a1b3d297e97ecdeda5e8fa261da4ea9d64e08f9a645a472ec26b309d8a90

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-imgix-render-farm: 01.560
date: Wed, 19 Oct 2022 17:41:35 GMT
x-content-type-options: nosniff
last-modified: Wed, 12 Oct 2022 12:21:30 GMT
server: imgix
age: 624004
x-cache: HIT, HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: bec29abbfec3d640ab8e003804c2e3b3d0ffd581
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35099
x-served-by: cache-sjc10045-SJC, cache-fra19141-FRA

GET
H2 200 QFL-LP_header-image_2x.png
rally-health-prod.imgix.net/Module-Images/ 106 KB
106 KB 79ms
31ms Image
image/png 2a04:4e42:3::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rally-health-prod.imgix.net/Module-Images/QFL-LP_header-image_2x.png?crop=focalpoint&fit=crop&fp-x=0.5&fp-y=0.5&h=400&q=100&w=800&s=ecbe847f4c0ab09817b619bae85a9900

Requested by

Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

a4fa433b1862422fa3d7bb2ba6198421deb8f520b42a009982b625667a5cb200

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-imgix-render-farm: 01.560
date: Wed, 19 Oct 2022 17:41:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 09 Oct 2022 21:09:33 GMT
server: imgix
age: 851522
x-cache: HIT, HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-imgix-id: ebaca86b67d863b934bd0b174160ee45025d3838
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 108043
x-served-by: cache-sjc10040-SJC, cache-fra19141-FRA

GET
H2 200 Rally_Arrows_w_tmk.png
www.rallyhealth.com/assets/ 3 KB
3 KB 113ms
110ms Image
image/png 149.126.77.158
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rallyhealth.com/assets/Rally_Arrows_w_tmk.png
Requested by: Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.158.ip.incapdns.net
Software: /
Resource Hash: b896279fff3d8bb808e348cc28283721ec6e70165229623948c5239818b4bf4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 17:41:35 GMT
last-modified: Fri, 14 Oct 2022 16:46:10 GMT
x-cdn: Imperva
etag: "63499252-c91"
content-type: image/png
x-iinfo: 10-44387292-44387335 NNNY CT(87 176 0) RT(1666201294242 1145) q(0 0 0 -1) r(1 1) U5
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3217
expires: Thu, 19 Oct 2023 17:41:35 GMT

GET
H2 200 rally-logo-reverse.svg
www.rallyhealth.com/assets/ 7 KB
3 KB 405ms
402ms Image
image/svg+xml 149.126.77.158
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rallyhealth.com/assets/rally-logo-reverse.svg
Requested by: Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.158.ip.incapdns.net
Software: /
Resource Hash: 7a03b37a0f12c558430891010aa7374c1fa21371c91c7eddbe327e600c3e597f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 17:41:35 GMT
content-encoding: gzip
last-modified: Fri, 14 Oct 2022 16:46:10 GMT
x-cdn: Imperva
etag: W/"63499252-1b03"
vary: Accept-Encoding
content-type: image/svg+xml
x-iinfo: 10-44387292-44387337 NNNN CT(94 188 0) RT(1666201294242 1148) q(0 0 3 -1) r(4 4) U5
cache-control: max-age=31536000
expires: Thu, 19 Oct 2023 17:41:35 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 85 KB
30 KB 55ms
16ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Requested by

Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 08:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30244
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Oct 2023 08:07:26 GMT

GET
H2 200 plugin.min.js Show response
www.rallyhealth.com/js/dist/ 95 KB
27 KB 115ms
115ms Script
application/javascript 149.126.77.158
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rallyhealth.com/js/dist/plugin.min.js?v=1665766148
Requested by: Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.158.ip.incapdns.net
Software: /
Resource Hash: 33654d576736b5d8da1c4a7c0598a364f206aa0df34ba0efc59f42d0e2e6728c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 17:41:35 GMT
content-encoding: gzip
last-modified: Fri, 14 Oct 2022 16:49:08 GMT
x-cdn: Imperva
etag: W/"63499304-17cca"
vary: Accept-Encoding
content-type: application/javascript
x-iinfo: 10-44387292-44387297 PNNN RT(1666201294242 1020) q(0 0 0 -1) r(1 1) U5
cache-control: max-age=31536000
expires: Thu, 19 Oct 2023 17:41:35 GMT

GET
H2 200 main.min.js Show response
www.rallyhealth.com/js/dist/ 34 KB
9 KB 414ms
413ms Script
application/javascript 149.126.77.158
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rallyhealth.com/js/dist/main.min.js?v=1665766148
Requested by: Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.158.ip.incapdns.net
Software: /
Resource Hash: 1844f10c93b29aaa35de3dab61a922a6065eff572a7ad2f74cfde412a9f86662

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 17:41:35 GMT
content-encoding: gzip
last-modified: Fri, 14 Oct 2022 16:49:08 GMT
x-cdn: Imperva
etag: W/"63499304-8999"
vary: Accept-Encoding
content-type: application/javascript
x-iinfo: 10-44387292-44387330 NNNN CT(97 196 0) RT(1666201294242 1075) q(0 0 3 -1) r(4 4) U5
cache-control: max-age=31536000
expires: Thu, 19 Oct 2023 17:41:35 GMT

GET
H2 200 _Incapsula_Resource Show response
www.rallyhealth.com/ 142 KB
20 KB 36ms
33ms Script
application/javascript 149.126.77.158
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rallyhealth.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=73401972
Requested by: Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.158.ip.incapdns.net
Software: /
Resource Hash: d46bc0e166e73b210cd81209b071585a95c2bb4e7a1da918c9c195deca34c5cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 20584
content-type: application/javascript

GET
H2 200 amplitude-8.21.1-min.gz.js Show response
cdn.amplitude.com/libs/ 78 KB
25 KB 66ms
19ms Script
application/javascript 52.222.206.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-8.21.1-min.gz.js
Requested by: Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 93e8cd53ed78b8a27087304b6f33103ec3ce745003f62d9a2ad77cc40a1ace30

Request headers

Referer: https://www.rallyhealth.com/
Origin: https://www.rallyhealth.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 19:44:12 GMT
content-encoding: gzip
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-amz-version-id: UAXIG_gXYToRdTowQhWNLrT1YuPxKcSX
x-amz-cf-pop: FRA56-P3
age: 79044
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 25142
last-modified: Thu, 22 Sep 2022 18:57:21 GMT
server: AmazonS3
etag: "f371ea8154adecf96550964dd193fd4c"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: 9QI9C7Dp9n4PF1Fk8IPSoAWk-Ota99Yupl0KSG4GbxRFx3jyXA0YFg==

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 974 B
1 KB 2743ms
588ms XHR
application/json 54.171.150.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=8E391C8B533058250A490D4D%40AdobeOrg&d_nsid=0&ts=1666201295534

Requested by

Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.150.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-150-101.eu-west-1.compute.amazonaws.com

Software

Resource Hash

af9aad30d77da4214abffaa264fd11a99fe5695acf4eb0709cf4c5d383e051db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.rallyhealth.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v044-0dbe68728.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: W+cxnAQnS/Y=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.rallyhealth.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 559
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 33 KB
12 KB 52ms
49ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/5ef16568c699/launch-9e740193cc86.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 17:41:35 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
etag: "d860c16ac938f7d839f0ec158d02d0f0:1644856531.418573"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.rallyhealth.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12163
expires: Wed, 19 Oct 2022 18:41:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 61ms
14ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 19 Oct 2022 17:01:59 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2376
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 19 Oct 2022 19:01:59 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 297 KB
73 KB 106ms
59ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5X8NLTL

Requested by

Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

565659f8795be22c3dd4245ed1f04b6091e068aadade84aeda1d2bf31d3b4e73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 17:41:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74385
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 17:21:57 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 19 Oct 2022 17:41:35 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 102 KB
27 KB 61ms
17ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

510d71bfae8484c59b9b3bd6064b3edd0348bb79b3b448bc1093bc7a73265b6a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 19 Oct 2022 17:41:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27029
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: yEamTl5xfDyokThO0UwHsWER4JYE3NecKih0robEt84guVMmQlmrBkJq/41/xF2JFiDExXGhVTr5eYkGvvbU7g==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 503 350914
hello.myfonts.net/count/ 0
0 36ms
36ms Stylesheet
text/html 2606:4700::6811:f449
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.myfonts.net/count/350914
Requested by: Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/css/main.min.css?v=1665766149
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:f449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 QFL-LP_coach-support_2x.png
d362armbx6l2g0.cloudfront.net/Tout-Images/ 18 KB
18 KB 77ms
29ms Image
image/png 2600:9000:225e:2a00:4:f286:6800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d362armbx6l2g0.cloudfront.net/Tout-Images/QFL-LP_coach-support_2x.png
Requested by: Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:2a00:4:f286:6800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ad9a44f2d2996ab6d06acdaf17b947b3a44693a7998cd773c57918d7d38636b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 17:43:50 GMT
x-amz-version-id: TohGNSttvYh_CLsLGx.mMK1aV1CnjYyh
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
last-modified: Thu, 25 Mar 2021 17:01:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 86266
etag: "0780bdf16e9bcb42c089922b01a7140b"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 18171
x-amz-cf-id: lCspcRvriSaJ6bP6Xvcmc3E55nK3V_Qxsab_FYgaU76sQcdjrEsy6w==

GET
H2 200 QFL-LP_any-time-access_2x.png
d362armbx6l2g0.cloudfront.net/Tout-Images/ 14 KB
14 KB 66ms
19ms Image
image/png 2600:9000:225e:2a00:4:f286:6800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d362armbx6l2g0.cloudfront.net/Tout-Images/QFL-LP_any-time-access_2x.png
Requested by: Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:2a00:4:f286:6800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f0e15e16e7a347037e7f7665bc59e9a96a4ac6a18222f3ea570fa5d76ca8bff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 17:43:50 GMT
x-amz-version-id: TqNNctFfNsqsjnJ_rXkx1vNX2Rq3Icts
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
last-modified: Thu, 25 Mar 2021 17:00:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 86266
etag: "f396f09747d9540cd6c28c2ccd59e930"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 14338
x-amz-cf-id: dMHb6ffHb8hR_H_LLSyD4m1InsECy9JZhWqLwSsCq8-IXVkBg2O4sg==

GET
H2 200 QFL-LP_help-beyond-quit_2x.png
d362armbx6l2g0.cloudfront.net/ 15 KB
16 KB 81ms
34ms Image
image/png 2600:9000:225e:2a00:4:f286:6800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d362armbx6l2g0.cloudfront.net/QFL-LP_help-beyond-quit_2x.png
Requested by: Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:2a00:4:f286:6800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bfc978d39c228b6e373412d2275ba1b1953989ca07b35e23ea1f3fb2eb767d81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 18 Oct 2022 17:43:50 GMT
x-amz-version-id: ApZCEWZqE8qKWKA95kCb3T9AUN7ZcaoN
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
last-modified: Thu, 25 Mar 2021 17:02:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 86266
etag: "8ff4119272459ce47d147b3e42de6b66"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 15633
x-amz-cf-id: pw9rL22V-d56o91imXZyiCFutByZ3QdYE5FWJrUo7SUsAZ_sbyttmw==

GET
H2 200 350914_4_0.woff2
www.rallyhealth.com/assets/fonts/ 65 KB
65 KB 502ms
500ms Font
application/octet-stream 149.126.77.158
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rallyhealth.com/assets/fonts/350914_4_0.woff2
Requested by: Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.158.ip.incapdns.net
Software: /
Resource Hash: bb24ca0cbb54af3d9f26295634e9d00d7db9aaaf50d2b2ca4506b94bea4343df

Request headers

Referer: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Origin: https://www.rallyhealth.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 17:41:35 GMT
last-modified: Fri, 14 Oct 2022 16:46:10 GMT
x-cdn: Imperva
etag: "63499252-1042a"
content-type: application/octet-stream
x-iinfo: 10-44387292-44387341 NNNN CT(95 196 0) RT(1666201294242 1183) q(0 0 3 -1) r(4 5) U5
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 66602
expires: Thu, 19 Oct 2023 17:41:35 GMT

GET
H2 200 350914_0_0.woff2
www.rallyhealth.com/assets/fonts/ 21 KB
21 KB 195ms
193ms Font
application/octet-stream 149.126.77.158
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rallyhealth.com/assets/fonts/350914_0_0.woff2
Requested by: Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.158.ip.incapdns.net
Software: /
Resource Hash: 6cb6b6e5a292040c2bb8074878e03d7e031da6253d5eec31edf1c100802b61db

Request headers

Referer: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Origin: https://www.rallyhealth.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 17:41:35 GMT
last-modified: Fri, 14 Oct 2022 16:46:10 GMT
x-cdn: Imperva
etag: "63499252-5357"
content-type: application/octet-stream
x-iinfo: 10-44387292-44387343 NNNY CT(86 176 0) RT(1666201294242 1185) q(0 0 0 -1) r(1 2) U5
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 21335
expires: Thu, 19 Oct 2023 17:41:35 GMT

GET
H2 200 350914_3_0.woff2
www.rallyhealth.com/assets/fonts/ 21 KB
21 KB 153ms
152ms Font
application/octet-stream 149.126.77.158
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rallyhealth.com/assets/fonts/350914_3_0.woff2
Requested by: Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.158.ip.incapdns.net
Software: /
Resource Hash: fe1f651485263fd8479553b0c3bb23099f1696cbcfcec653bb29c542daf750e7

Request headers

Referer: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Origin: https://www.rallyhealth.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 17:41:35 GMT
last-modified: Fri, 14 Oct 2022 16:46:10 GMT
x-cdn: Imperva
etag: "63499252-53a5"
content-type: application/octet-stream
x-iinfo: 10-44387292-44387297 PNNN RT(1666201294242 1186) q(0 0 0 -1) r(1 1) U5
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 21413
expires: Thu, 19 Oct 2023 17:41:35 GMT

GET
H2 200 350914_2_0.woff2
www.rallyhealth.com/assets/fonts/ 20 KB
20 KB 247ms
246ms Font
application/octet-stream 149.126.77.158
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rallyhealth.com/assets/fonts/350914_2_0.woff2
Requested by: Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.158.ip.incapdns.net
Software: /
Resource Hash: e98d5c943d6e8e8cf5aacb45eb401803e41608126e69badc40ee5e028943fd84

Request headers

Referer: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Origin: https://www.rallyhealth.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 17:41:35 GMT
last-modified: Fri, 14 Oct 2022 16:46:10 GMT
x-cdn: Imperva
etag: "63499252-50ea"
content-type: application/octet-stream
x-iinfo: 10-44387292-44387335 PNNy RT(1666201294242 1187) q(0 0 0 -1) r(1 2) U5
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 20714
expires: Thu, 19 Oct 2023 17:41:35 GMT

GET
H2 200 non-critical.min.css
www.rallyhealth.com/css/ 103 KB
20 KB 226ms
225ms Stylesheet
text/css 149.126.77.158
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rallyhealth.com/css/non-critical.min.css?v=1665766149
Requested by: Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.158.ip.incapdns.net
Software: /
Resource Hash: f1244de44d19da5e8166dbc266d98a21e2f480c5faa9e109c9d2bde3385fc164

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 17:41:35 GMT
content-encoding: gzip
last-modified: Fri, 14 Oct 2022 16:49:09 GMT
x-cdn: Imperva
etag: W/"63499305-19b04"
vary: Accept-Encoding
content-type: text/css
x-iinfo: 10-44387292-44387297 PNNN RT(1666201294242 1199) q(0 1 1 -1) r(2 2) U5
cache-control: max-age=31536000
expires: Thu, 19 Oct 2023 17:41:35 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 996 B
638 B 55ms
19ms Script
application/x-javascript 2a02:26f0:480:f::213:7edd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 156544cd13b925123ef0a1b00a86d757161c0352c181070c26ffd2988316db74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 17:41:35 GMT
content-encoding: gzip
last-modified: Wed, 19 Oct 2022 14:16:37 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=74519
accept-ranges: bytes
content-length: 470

OPTIONS
H2 200 /
api.amplitude.com/ Frame 0
0 531ms
174ms Preflight 52.11.95.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.95.35 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-95-35.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: cross-origin-resource-policy
Access-Control-Request-Method: POST
Origin: https://www.rallyhealth.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers: cross-origin-resource-policy
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Wed, 19 Oct 2022 17:41:36 GMT
strict-transport-security: max-age=15768000

POST
H2 200 / Show response
api.amplitude.com/ 7 B
204 B 196ms
196ms XHR
text/html 52.11.95.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.95.35 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-95-35.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.rallyhealth.com/
Cross-Origin-Resource-Policy: cross-origin
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 19 Oct 2022 17:41:36 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-635036d0-4633021e27e976c2438fcfaa
content-length: 7
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 106 KB
42 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-5X28TLH&cid=672477658.1666201296

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aedbc06281d03af66672f5aa01d8fc869f7b38eee043ad15492914ac3a09187f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 17:41:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42356
x-xss-protection: 0
last-modified: Wed, 19 Oct 2022 17:21:57 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 19 Oct 2022 17:41:35 GMT

GET
H2 200 1598193977106649 Show response
connect.facebook.net/signals/config/ 293 KB
85 KB 20ms
20ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1598193977106649?v=2.9.86&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

20ea1e508e535ef9c38fbd4a1ca9ee3b1a270f9f27e29a726784c4443f080e5a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 19 Oct 2022 17:41:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86466
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: h9GtaqrL4ADd2WfWI4LkpbfpQOdF1lRNI+ka4zxHRdcQMV6D3I0lBeNqobfqsVS4mKWwPVNuHqOaxzGTAXnMaQ==
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 20ms
18ms Script
application/x-javascript 2a02:26f0:480:f::213:7edd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 17:41:35 GMT
content-encoding: gzip
last-modified: Wed, 19 Oct 2022 14:14:21 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=74640
accept-ranges: bytes
content-length: 3063

GET
H2 200 2727.js Show response
script.crazyegg.com/pages/scripts/0068/ 6 KB
2 KB 97ms
45ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0068/2727.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5X8NLTL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5242902da084a84deef4f44a78fc11468c51ebfbd7d376faba35e499969575e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 17:41:35 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 22568
cf-polished: origSize=5668
ce-version: 11.4.26
cf-bgj: minify
last-modified: Wed, 19 Oct 2022 11:25:27 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 75cb4e330ade5c56-FRA

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 87ms
47ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5X8NLTL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e9a45d0e1d5117dcf8afef7611e4b1bcce8601bf12b0f9323420c71233a06db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 17:41:35 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 19 Oct 2022 17:41:35 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 82ms
47ms Image
image/gif 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-5X8NLTL&cv=87&v=3&t=t&pid=1994964917&rv=ah0&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAAAAAAI&tc=334&dl=www.rallyhealth.com%2Fquit-for-life&tdp=GTM-5X8NLTL;9234605;0;0;0&z=0

Requested by

Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 17:41:35 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 td
www.googletagmanager.com/ 0
15 B 71ms
37ms Image
image/gif 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=GTM-5X8NLTL&cv=87&v=3&t=t&pid=1994964917&rv=ah0&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAAAAAAI&tc=334&dl=www.rallyhealth.com%2Fquit-for-life&tdp=GTM-5X8NLTL;9234605;0;0;0&z=0
Requested by: Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 17:41:35 GMT
server: Golfe2
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 80ms
47ms Image
image/gif 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-5X8NLTL&cv=87&v=3&t=t&pid=1994964917&rv=ah0&es=1&e=gtm.init&eid=0&u=AAAAAAAAAAAAAAAAAAI&tc=334&z=0

Requested by

Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 17:41:35 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=31163&time=1666201295796&url=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D31163%26time%3D1666201295796%26url%3Dhttps%253A%252F%252Fwww.rallyhealth.com%252F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=31163&time=1666201295796&url=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=31163&time=1666201295796&url=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum&liSync=true&e_ipv6=AQJFuTnvAov6MQAAAYPxViSwVW...

0
264 B

277ms
212ms

Image
application/javascript

13.107.43.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=31163&time=1666201295796&url=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum&liSync=true&e_ipv6=AQJFuTnvAov6MQAAAYPxViSwVWT-S7JQ328_Xr_GJrGbDFqKYyg6b8cW3_FcYsoTTdEH23S3kfbEGGK3ATMhXR-xiO3jXQ
Requested by: Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Protocol: H2
Server: 13.107.43.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 17:41:38 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 2E35FF93BBAC434392D2C37935AE7228 Ref B: VIEEDGE3209 Ref C: 2022-10-19T17:41:38Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXrZriDdJ7yztgc3CtJBg==

Redirect headers

date: Wed, 19 Oct 2022 17:41:38 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 7BE0FEC8D0B04BF0A44B85085B98C25F Ref B: FRAEDGE1410 Ref C: 2022-10-19T17:41:38Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=31163&time=1666201295796&url=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum&liSync=true&e_ipv6=AQJFuTnvAov6MQAAAYPxViSwVWT-S7JQ328_Xr_GJrGbDFqKYyg6b8cW3_FcYsoTTdEH23S3kfbEGGK3ATMhXR-xiO3jXQ
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXrZrh/IckZ6gEgfQfGcA==

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 53ms
16ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1598193977106649&ev=PageView&dl=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum&rl=&if=false&ts=1666201295813&sw=1600&sh=1200&v=2.9.86&r=stable&ec=0&o=30&fbp=fb.1.1666201295810.1042338615&it=1666201295704&coo=false&rqm=GET

Requested by

Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 19 Oct 2022 17:41:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 35ms
27ms Image
image/gif 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-5X8NLTL&cv=87&v=3&t=t&pid=1994964917&rv=ah0&es=1&e=gtm.js&eid=1&u=AAAAAAAQAAAAAAAAAAI&tc=334&tr=1ua.1cegg.1cl.1lcl.1lcl.1evl.1evl.1evl.1evl.1evl.1cl.1cl.1cl.1cl.1evl.1evl.1lcl.1evl.1evl.1cl.1cl.1evl.1cl.1lcl.1evl.1cl.1lcl.1lcl.1evl.1cl.1evl.1cl.1evl.1evl.1evl.1cl.1cl.1cl.1cl.1evl.1cl.1cl.1cl.1cl.1cl.1evl.1evl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1evl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1evl.1evl.1evl.1evl.1evl.1evl.1evl.1cl.1evl.1cl.1evl.1evl.1evl.1evl.1evl.1cl.1cl.1cl.1cl.1cl.1evl.1cl.1lcl.1evl.1cl.1evl.1cl.1lcl.1evl.1evl.1evl.1cl.1cl.1cl.1evl.1cl.1evl.1cl.1cl.1cl.1evl.1cl.1evl.1evl.1evl.1evl.1cl.1cl.1cl.1cl.1cl.1evl.1evl.1evl.1evl.1cl.1cl.1cl.1cl.1evl.1evl.1evl.1evl.1cl.1cl.1cl.1cl.1evl.1evl.1evl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1evl.1evl.1evl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1evl.1evl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1html.5cl.5lcl.5lcl.5evl.5evl.5evl.5evl.5evl.5cl.5cl.5cl.5cl.5evl.5evl.5lcl.5evl.5evl.5cl.5cl.5evl.5cl.5lcl.5evl.5cl.5lcl.5lcl.5evl.5cl.5evl.5cl.5evl.5evl.5evl.5cl.5cl.5cl.5cl.5evl.5cl.5cl.5cl.5cl.5cl.5evl.5evl&ti=1ua.2cegg.1cl.1lcl.1lcl.1evl.1evl.1evl.1evl.1evl.1cl.1cl.1cl.1cl.1evl.1evl.1lcl.1evl.1evl.1cl.1cl.1evl.1cl.1lcl.1evl.1cl.1lcl.1lcl.1evl.1cl.1evl.1cl.1evl.1evl.1evl.1cl.1cl.1cl.1cl.1evl.1cl.1cl.1cl.1cl.1cl.1evl.1evl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1evl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1evl.1evl.1evl.1evl.1evl.1evl.1evl.1cl.1evl.1cl.1evl.1evl.1evl.1evl.1evl.1cl.1cl.1cl.1cl.1cl.1evl.1cl.1lcl.1evl.1cl.1evl.1cl.1lcl.1evl.1evl.1evl.1cl.1cl.1cl.1evl.1cl.1evl.1cl.1cl.1cl.1evl.1cl.1evl.1evl.1evl.1evl.1cl.1cl.1cl.1cl.1cl.1evl.1evl.1evl.1evl.1cl.1cl.1cl.1cl.1evl.1evl.1evl.1evl.1cl.1cl.1cl.1cl.1evl.1evl.1evl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1evl.1evl.1evl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1evl.1evl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1html.1cl.1lcl.1lcl.1evl.1evl.1evl.1evl.1evl.1cl.1cl.1cl.1cl.1evl.1evl.1lcl.1evl.1evl.1cl.1cl.1evl.1cl.1lcl.1evl.1cl.1lcl.1lcl.1evl.1cl.1evl.1cl.1evl.1evl.1evl.1cl.1cl.1cl.1cl.1evl.1cl.1cl.1cl.1cl.1cl.1evl.1evl&z=0

Requested by

Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 17:41:35 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 28ms
27ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1998560133&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum&ul=en-us&de=UTF-8&dt=Quit-For-Life%20%7C%20Rally%20Health&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAEADQAAAACAAI~&jid=1072864739&gjid=1871989724&cid=672477658.1666201296&tid=UA-37681395-2&_gid=470330370.1666201296&_r=1&_slc=1&z=2122800342

Requested by

Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rallyhealth.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 17:41:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rallyhealth.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 26ms
26ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1998560133&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum&ul=en-us&de=UTF-8&dt=Quit-For-Life%20%7C%20Rally%20Health&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAACAAI~&jid=1970061338&gjid=681807001&cid=672477658.1666201296&tid=UA-37681395-2&_gid=470330370.1666201296&_r=1&gtm=2wgah05X8NLTL&z=949374044

Requested by

Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rallyhealth.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 17:41:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rallyhealth.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
442 B 87ms
28ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-37681395-2&cid=672477658.1666201296&jid=1072864739&gjid=1871989724&_gid=470330370.1666201296&_u=KGBAAEACQAAAACAAI~&z=1764161650

Requested by

Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rallyhealth.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 19 Oct 2022 17:41:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rallyhealth.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 503 350914
hello.myfonts.net/count/ 0
0 34ms
32ms Stylesheet
text/html 2606:4700::6811:f449
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.myfonts.net/count/350914
Requested by: Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/css/non-critical.min.css?v=1665766149
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:f449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 81ms
29ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-37681395-2&cid=672477658.1666201296&jid=1970061338&gjid=681807001&_gid=470330370.1666201296&_u=aGDAAEADQAAAACAAI~&z=450974350

Requested by

Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rallyhealth.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 19 Oct 2022 17:41:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rallyhealth.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www.rallyhealth.com.json Show response
script.crazyegg.com/pages/data-scripts/0068/2727/site/ Frame D736 4 KB
2 KB 75ms
41ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0068/2727/site/www.rallyhealth.com.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0068/2727.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c9b85219c6e149ac77257bbabaa0be2d161f13a1cafb6c2a10073d8b864a187

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 17:41:35 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 14851
ce-version: 11.4.26
content-length: 1571
last-modified: Wed, 19 Oct 2022 13:34:04 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75cb4e33ad6e91d7-FRA

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/a25d4acf/www-widgetapi.vflset/ 157 KB
52 KB 48ms
16ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a25d4acf/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9675106ffe936d9a2b9d234fab0ad0a194332664c6328576dcac6f99a6f1ef87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 14:47:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10449
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52758
x-xss-protection: 0
last-modified: Mon, 17 Oct 2022 00:16:40 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 19 Oct 2023 14:47:26 GMT

GET
H2 200 get-feed Show response
www.rallyhealth.com/actions/rally-utilities-module/gyms/ 7 MB
1 MB 1043ms
1042ms XHR
text/html 149.126.77.158
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rallyhealth.com/actions/rally-utilities-module/gyms/get-feed
Requested by: Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.158.ip.incapdns.net
Software: / Craft CMS
Resource Hash: 1b59a7459389cabe43ac517167e75604bd9907d737c9164472fe7662a289d68e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-iinfo: 10-44387292-44387335 PNNy RT(1666201294242 1492) q(0 0 0 -1) r(10 10) U5
date: Wed, 19 Oct 2022 17:41:36 GMT
content-encoding: gzip
x-cdn: Imperva
x-powered-by: Craft CMS
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 7d6ef81f9422694340d6007e6857f38a.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 88 KB
29 KB 39ms
38ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/7d6ef81f9422694340d6007e6857f38a.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0068/2727.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe2e94d62eb9d7e50da60842392c0ce372372aec72abcaa970afecff76a0228d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 17:41:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Oct 2022 14:16:57 GMT
server: cloudflare
age: 29710
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75cb4e3f2f5e5c56-FRA
content-length: 29957

POST
H2 200 / Show response
api.amplitude.com/ 7 B
205 B 181ms
181ms XHR
text/html 52.11.95.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.95.35 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-95-35.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.rallyhealth.com/
Cross-Origin-Resource-Policy: cross-origin
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 19 Oct 2022 17:41:38 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-635036d2-082237dd2b6d02e74811875e
content-length: 7
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

OPTIONS
H2 200 /
api.amplitude.com/ Frame 0
0 174ms
174ms Preflight 52.11.95.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.11.95.35 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-11-95-35.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: cross-origin-resource-policy
Access-Control-Request-Method: POST
Origin: https://www.rallyhealth.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers: cross-origin-resource-policy
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Wed, 19 Oct 2022 17:41:37 GMT
strict-transport-security: max-age=15768000

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 33ms
32ms Image
image/gif 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-5X8NLTL&cv=87&v=3&t=t&pid=1994964917&rv=ah0&e=gtm.js&eid=1&u=AAAAAAAQAAAAAAAAAAI&tc=334&tr=5cl.5cl.5cl.5cl.5cl.5cl.5cl.5evl.5cl.5cl.5cl.5cl.5cl.5cl.5cl.5evl.5evl.5evl.5evl.5evl.5evl.5evl.5cl.5evl.5cl.5evl.5evl.5evl.5evl.5evl.5cl.5cl.5cl.5cl.5cl.5evl.5cl.5lcl.5evl.5cl.5evl.5cl.5lcl.5evl.5evl.5evl.5cl.5cl.5cl.5evl.5cl.5evl.5cl.5cl.5cl.5evl.5cl.5evl.5evl.5evl.5evl.5cl.5cl.5cl.5cl.5cl.5evl.5evl.5evl.5evl.5cl.5cl.5cl.5cl.5evl.5evl.5evl.5evl.5cl.5cl.5cl.5cl.5evl.5evl.5evl.5cl.5cl.5cl.5cl.5cl.5cl.5cl.5evl.5evl.5evl.5cl.5cl.5cl.5cl.5cl.5cl.5cl.5evl.5evl.5cl.5cl.5cl.5cl.5cl.5cl.5cl.5cl.5cl.5cl.5cl.5cl.5cl.5cl.5html.5cegg.5ua&ti=1cl.1cl.1cl.1cl.1cl.1cl.1cl.1evl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1evl.1evl.1evl.1evl.1evl.1evl.1evl.1cl.1evl.1cl.1evl.1evl.1evl.1evl.1evl.1cl.1cl.1cl.1cl.1cl.1evl.1cl.1lcl.1evl.1cl.1evl.1cl.1lcl.1evl.1evl.1evl.1cl.1cl.1cl.1evl.1cl.1evl.1cl.1cl.1cl.1evl.1cl.1evl.1evl.1evl.1evl.1cl.1cl.1cl.1cl.1cl.1evl.1evl.1evl.1evl.1cl.1cl.1cl.1cl.1evl.1evl.1evl.1evl.1cl.1cl.1cl.1cl.1evl.1evl.1evl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1evl.1evl.1evl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1evl.1evl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1html.2cegg.1ua&z=0

Requested by

Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 17:41:37 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 _Incapsula_Resource
www.rallyhealth.com/ 1 B
89 B 15ms
15ms Image
text/plain 149.126.77.158
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rallyhealth.com/_Incapsula_Resource?SWKMTFSR=1&e=0.15851539932545267
Requested by: Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.158.ip.incapdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 3A8B 0
18 B 35ms
16ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.rallyhealth.com
Referer: https://www.rallyhealth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.rallyhealth.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 17:41:37 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 a469c055.min.js Show response
tag.demandbase.com/ 57 KB
16 KB 65ms
19ms Script
application/javascript 108.138.17.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.demandbase.com/a469c055.min.js

Requested by

Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-87.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c676ce3cda9b377716311a94a3d8c00c6024e9cfcd4884d34f55864c9ad9e07b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: KvmGQ6qthzWype34APgJJB882hhPHdJg
content-encoding: gzip
via: 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
date: Wed, 19 Oct 2022 17:02:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P7
age: 2360
x-cache: Hit from cloudfront
last-modified: Thu, 22 Apr 2021 18:50:00 GMT
server: AmazonS3
etag: W/"4c794f876d8ab65b635e3c7f1434a31c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=(), interest-cohort=()
x-amz-cf-id: gex-96moO2tOPygDkKkvRC-eUIyt77YFBEo3ApMBP61GB02RE8Ig9g==

GET
H2 200 csrf-data Show response
www.rallyhealth.com/actions/rally-utilities-module/freeform/ 146 B
479 B 136ms
136ms XHR
application/json 149.126.77.158
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rallyhealth.com/actions/rally-utilities-module/freeform/csrf-data
Requested by: Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.126.77.158 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS: 149.126.77.158.ip.incapdns.net
Software: / Craft CMS
Resource Hash: d3d2798658a02536e134797deb69974ad8fce1baecacc3d3d5ee7aea43f42705

Request headers

Accept: */*
Referer: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-iinfo: 10-44387292-44387335 PNNy RT(1666201294242 3400) q(0 0 0 -1) r(1 1) U5
date: Wed, 19 Oct 2022 17:41:37 GMT
content-encoding: gzip
x-cdn: Imperva
x-powered-by: Craft CMS
vary: Accept-Encoding
content-type: application/json; charset=UTF-8

GET
H2 200 www.rallyhealth.com.json Show response
script.crazyegg.com/pages/data-scripts/0068/2727/sampling/ Frame D736 165 B
262 B 31ms
31ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0068/2727/sampling/www.rallyhealth.com.json?t=462833
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/7d6ef81f9422694340d6007e6857f38a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 457a05ac2d95a0b1116469ea3a3217b344db98b9475ffdf6f3930f39d884ae45

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 17:41:37 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 14852
ce-version: 11.4.26
content-length: 146
last-modified: Wed, 19 Oct 2022 13:34:05 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75cb4e3fb9ba91d7-FRA

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ Frame D736 19 B
461 B 276ms
16ms XHR
application/json 18.66.97.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/7d6ef81f9422694340d6007e6857f38a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-88.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 15:00:41 GMT
via: 1.1 0c688bb347bc402edc1209f13e04d88c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 8649658
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: afbBsPK01aF0ulWbgdsj8Jg4016tHZBOPkQs9fMrB9W3D07aKzSx7A==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ Frame D736 19 B
461 B 71ms
21ms XHR
application/json 18.66.122.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/7d6ef81f9422694340d6007e6857f38a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 15:01:20 GMT
via: 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 8649619
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: qsfdFeGAPJ8wFpP-giOvTzl7Fts3-a5z_3M06j32FTLOopbadnu7aw==

GET
BLOB 200
OK d92f9a81-72e5-4725-ab0c-45219a3f3d86
https://www.rallyhealth.com/ 45 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.rallyhealth.com/d92f9a81-72e5-4725-ab0c-45219a3f3d86
Requested by: Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8f74416e7bc7051dbd2c0b2dec8cdb9a5ba4b36f88ba1b65c3e7dd7447b4090

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 45
Content-Type: text/javascript

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/demandbase
https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
https://segments.company-target.com/log?vendor=choca&user_id=AAFAgE7GoG4AACBeAR3MWw
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAFAgE7GoG4AACBeAR3MWw&verifyHash=7111d212e8237aaf9d0943f0b6baa3f170612acf

26 B
409 B

107ms
107ms

Image
image/gif

52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAFAgE7GoG4AACBeAR3MWw&verifyHash=7111d212e8237aaf9d0943f0b6baa3f170612acf
Requested by: Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Protocol: HTTP/1.1
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 17:41:38 GMT
Via: 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P3
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Content-Type: image/gif
Vary: Origin
Connection: keep-alive
trace-id: 7612abf35fc6dafd
X-Amz-Cf-Id: xxcNRdtj84bVwVgGRRe1YDVrGySeZKWeGx-g2BJlXcYCYgIjHr3OUQ==

Redirect headers

Date: Wed, 19 Oct 2022 17:41:38 GMT
Via: 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P3
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AAFAgE7GoG4AACBeAR3MWw&verifyHash=7111d212e8237aaf9d0943f0b6baa3f170612acf
Connection: keep-alive
trace-id: 4e6808d595983377
Content-Length: 0
X-Amz-Cf-Id: uPlxK0rh9j2_Wn1xBg6t3J9yvSS4q2fUpBYJuZ5OAAbMN6homuf8CQ==

GET
H2 451 464526.gif
id.rlcdn.com/ 0
98 B 94ms
59ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/464526.gif
Requested by: Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 19 Oct 2022 17:41:38 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 clock Show response
tracking.crazyegg.com/ Frame D736 26 B
133 B 215ms
108ms XHR
text/plain 54.76.252.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1666201298236
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/7d6ef81f9422694340d6007e6857f38a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.252.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-252-170.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: d2ae500c8ecda7b7cd79a3bacba7cee0a2c169c80cf2bc84005506a173ade92c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 19 Oct 2022 17:41:38 GMT
cache-control: no-store
server: awselb/2.0
content-length: 26
content-type: text/plain

GET
H/1.1 200
OK dest5.html Show response
unitedhealthgroup.demdex.net/ Frame 092F 7 KB
3 KB 946ms
207ms Document
text/html 34.248.152.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://unitedhealthgroup.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/512027f42d3c/5ef16568c699/launch-9e740193cc86.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.248.152.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-152-242.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.rallyhealth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v044-07bc8010b.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: QGZ6+/gXR7I=
content-encoding: gzip
date: Wed, 19 Oct 2022 17:41:39 GMT
last-modified: Mon, 17 Oct 2022 12:31:03 GMT
transfer-encoding: chunked
vary: accept-encoding

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y1A20gAAAJpnbgOJ
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=27914227566322846541209279120506921333
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1A20gAAAJpnbgOJ

42 B
942 B

890ms
890ms

Image
image/gif

54.171.150.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1A20gAAAJpnbgOJ

Requested by

Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum

Protocol

HTTP/1.1

Server

54.171.150.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-150-101.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v044-041e262a1.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: XXN8eO18TFw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1A20gAAAJpnbgOJ
Date: Wed, 19 Oct 2022 17:41:38 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 s73201559982141
smetrics.optum.com/b/ss/uhgrallyhealthprod/1/JS-2.22.4-LCS4/ 43 B
373 B 1930ms
162ms Image
image/gif 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.optum.com/b/ss/uhgrallyhealthprod/1/JS-2.22.4-LCS4/s73201559982141?AQB=1&ndh=1&pf=1&t=19%2F9%2F2022%2017%3A41%3A38%203%200&mid=29782500787301135432243292256933133980&aamlh=6&ce=UTF-8&pageName=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum&g=https%3A%2F%2Fwww.rallyhealth.com%2Fquit-for-life%3Futm_source%3DOptum&cc=USD&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c25=D%3DpageName&v25=D%3DpageName&c44=%3Futm_source%3DOptum&v44=%3Futm_source%3DOptum&v72=D%3Dmid&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=8E391C8B533058250A490D4D%40AdobeOrg&AQE=1

Requested by

Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 17:41:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 20 Oct 2022 17:41:40 GMT
server: jag
etag: 3578140047658909696-4619888356603720294
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 18 Oct 2022 17:41:40 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 37ms
37ms Image
image/gif 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-5X8NLTL&cv=87&v=3&t=t&pid=1994964917&rv=ah0&es=1&e=gtm.dom&eid=4&u=AAAAAAAQAAAAAAAAAAI&tc=334&tr=1ytl.1html.5html.5ytl&ti=1ytl.1html.1html.1ytl&z=0

Requested by

Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 17:41:38 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 389be251-f572-4bbc-966c-61dd457d2896
https://www.rallyhealth.com/ 260 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.rallyhealth.com/389be251-f572-4bbc-966c-61dd457d2896
Requested by: Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60d8508062baa7f4beda6ed4029f2e1ba9f881f93857c32e8ecb5b29f0bc82f0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 260
Content-Type: text/javascript

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEIqCG-cUwIsXdCLGQzfXTWA&google_cver=1
dpm.demdex.net/ Frame 092F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=Mjc5MTQyMjc1NjYzMjI4NDY1NDEyMDkyNzkxMjA1MDY5MjEzMzM=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=Mjc5MTQyMjc1NjYzMjI4NDY1NDEyMDkyNzkxMjA1MDY5MjEzMzM=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIqCG-cUwIsXdCLGQzfXTWA&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

681ms
662ms

Image
image/gif

54.171.150.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIqCG-cUwIsXdCLGQzfXTWA&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum

Protocol

HTTP/1.1

Server

54.171.150.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-150-101.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://unitedhealthgroup.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v044-007244ce9.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: GpwtK5roSSA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 19 Oct 2022 17:41:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIqCG-cUwIsXdCLGQzfXTWA&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 092F 70 B
265 B 129ms
40ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.rallyhealth.com&ttd_tpi=1
Requested by: Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://unitedhealthgroup.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 19 Oct 2022 17:41:39 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET image.sbix
global.ib-ibi.com/ Frame 092F 0
0

GET
H2 200 nr-1169.min.js Show response
js-agent.newrelic.com/ 27 KB
10 KB 65ms
15ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1169.min.js
Requested by: Host: www.rallyhealth.com
URL: https://www.rallyhealth.com/quit-for-life?utm_source=Optum
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cddee6bb37cab7b576ddf080fd6ba00fa8420d0afc0531f413633175e9e5f9c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Wed, 19 Oct 2022 17:41:40 GMT
x-amz-request-id: 5MFJ35WJ508QFNAB
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 10276
x-amz-id-2: 6ppobov0vYnq2q4XHJ+pMEEu7v/nyfkwVycm/70NLWDqNmRiVtF1+FGnwmjqg96CDZmQrwYMLFY=
x-served-by: cache-hhn4037-HHN
last-modified: Wed, 20 May 2020 21:16:15 GMT
server: AmazonS3
x-timer: S1666201300.279644,VS0,VE0
etag: "7e312620a90879b595db1bff9c42ed57"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 117

GET
H/1.1 403
Forbidden 8f22def631
bam.nr-data.net/1/ 0
0 1104ms
499ms Script
text/plain 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/8f22def631?a=278441150&sa=1&v=1169.7b094c0&t=Unnamed%20Transaction&rst=6203&ck=1&ref=https://www.rallyhealth.com/quit-for-life&be=1115&fe=6131&dc=3744&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1666201294090,%22n%22:0,%22f%22:318,%22dn%22:318,%22dne%22:346,%22c%22:346,%22s%22:361,%22ce%22:380,%22rq%22:380,%22rp%22:1089,%22rpe%22:1105,%22dl%22:1092,%22di%22:3742,%22ds%22:3742,%22de%22:3745,%22dc%22:6131,%22l%22:6131,%22le%22:6131%7D,%22navigation%22:%7B%7D%7D&fp=1557&fcp=1791&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1169.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Wed, 19 Oct 2022 17:41:41 GMT
Server: cloudflare
Connection: keep-alive
CF-RAY: 75cb4e539bf6f6bd-NRT
Content-Length: 2
Vary: Accept-Encoding
Content-Type: text/plain;charset=UTF-8

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 24ms
24ms Image
image/gif 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-5X8NLTL&cv=87&v=3&t=t&pid=1994964917&rv=ah0&es=1&e=gtm.load&eid=5&u=AAAAAAAQAAAAAAAAAAI&tc=334&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rallyhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Oct 2022 17:41:40 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: global.ib-ibi.com
URL: https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=27914227566322846541209279120506921333

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rallyhealth.com/	1970-01-20 15:34:29	Name: visid_incap_661021 Value: e7DFGPEhRGmyrCOhumSntc42UGMAAAAAQUIPAAAAAADN/hVAYxaDPDnP0HSvPIcT
.rallyhealth.com/	1969-12-31 23:59:59	Name: incap_ses_408_661021 Value: A2xAE1nOkCXL6AEfNoKpBc42UGMAAAAA8TKhZopYj+ZNzeg2Xtn+Tw==
.rallyhealth.com/	1970-01-20 15:35:37	Name: amp_c00ff2 Value: qZs46zoqGampnSJlfZwVn-...1gfolc6q0.1gfolc6q4.1.1.2
.rallyhealth.com/	1970-01-20 16:26:01	Name: _ga Value: GA1.2.672477658.1666201296
.rallyhealth.com/	1970-01-20 06:51:27	Name: _gid Value: GA1.2.470330370.1666201296
.rallyhealth.com/	1970-01-20 08:59:37	Name: _fbp Value: fb.1.1666201295810.1042338615
.rallyhealth.com/	1970-01-20 06:50:01	Name: _gat Value: 1
.rallyhealth.com/	1970-01-20 06:50:01	Name: _gat_UA-37681395-2 Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: UaaL5ehPhDA
.youtube.com/	1970-01-20 11:09:13	Name: VISITOR_INFO1_LIVE Value: Tk-YxAoEEno
.linkedin.com/	1970-01-20 07:33:13	Name: UserMatchHistory Value: AQJWTxwHWGVSJwAAAYPxVh04Mlj841YiocYOjX_iWbisJsAnobACuNqCBBxTcv_u-xvwvtMRUuSofg
.linkedin.com/	1970-01-20 07:33:13	Name: AnalyticsSyncHistory Value: AQJxJMs8G5LfQwAAAYPxVh04rnfWChHn0N2w9Fk83HoWZL9P86WJ2k2anwdgIGAhe0ZqE-9Dth5rstM3d6y1jw
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 15:35:37	Name: bcookie Value: "v=2&5eeeafd2-9c94-4617-8933-de2036ca5ee0"
.linkedin.com/	1970-01-20 06:51:27	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2732:u=1:x=1:i=1666201296:t=1666287696:v=2:sig=AQH2Jbh0Mctnanmk1HtAuOiifRmgZFda"
.rallyhealth.com/	1969-12-31 23:59:59	Name: cebs Value: 1
www.rallyhealth.com/	1969-12-31 23:59:59	Name: CRAFT_CSRF_TOKEN Value: 0426cf8286fb74a954edd5bffe660ed6b1293442c14bf0b11fb2c1b6dbc453dca%3A2%3A%7Bi%3A0%3Bs%3A16%3A%22CRAFT_CSRF_TOKEN%22%3Bi%3A1%3Bs%3A40%3A%2285GMKG06umFgf0FszVokdNfH7ZEmFp1YWxc5ZNEv%22%3B%7D
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 15:35:37	Name: bscookie Value: "v=1&20221019174137527540e4-fa57-492b-84dd-b109338d3277AQGPjT-4-7rB7vx0Ayhs4zC1UVveIvhu"
.linkedin.com/	1970-01-20 11:09:13	Name: li_gc Value: MTswOzE2NjYyMDEyOTc7MjswMjEBwWL6cgGEzZZLdIVNlZNuW5D3drCvgMPXk/6A6fKQJw==
.bidr.io/	1970-01-20 16:18:34	Name: bito Value: AAFAgE7GoG4AACBeAR3MWw
.bidr.io/	1970-01-20 16:18:34	Name: bitoIsSecure Value: ok
.demdex.net/	1970-01-20 11:09:13	Name: demdex Value: 27914227566322846541209279120506921333
.rallyhealth.com/	1969-12-31 23:59:59	Name: AMCVS_8E391C8B533058250A490D4D%40AdobeOrg Value: 1
.rallyhealth.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.company-target.com/	1970-01-20 16:26:01	Name: tuuid Value: d2371625-9b2a-4627-b07a-241b5c9de1a5
.company-target.com/	1970-01-20 16:26:01	Name: tuuid_lu Value: 1666201298
.rallyhealth.com/	1969-12-31 23:59:59	Name: cebsp Value: 1
.rallyhealth.com/	1970-01-20 15:35:37	Name: _ce.s Value: v~c36186e5e5d6561481d285b341487aecbd629a3c~vpv~0~v11.rlc~1666201298455
.everesttech.net/	1970-01-20 15:35:37	Name: everest_g_v2 Value: g_surferid~Y1A20gAAAJpnbgOJ
.doubleclick.net/	1970-01-20 16:11:37	Name: IDE Value: AHWqTUkuHOwzPVl93BMqiUgdCygbPsk2EN1Fm2Qj82yWsnSJ1PtU1Ni82hIVlURsApA
.dpm.demdex.net/	1970-01-20 11:09:13	Name: dpm Value: 27914227566322846541209279120506921333
.rallyhealth.com/	1970-01-20 16:26:01	Name: AMCV_8E391C8B533058250A490D4D%40AdobeOrg Value: -2121179033%7CMCIDTS%7C19285%7CMCMID%7C29782500787301135432243292256933133980%7CMCAAMLH-1666806098%7C6%7CMCAAMB-1666806098%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1666208498s%7CNONE%7CMCSYNCSOP%7C411-19292%7CvVersion%7C5.3.0
.demdex.net/	1970-01-20 11:09:13	Name: dextp Value: 771-1-1666201299243\|903-1-1666201299343\|285689-1-1666201299444

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://hello.myfonts.net/count/350914 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://hello.myfonts.net/count/350914 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://hello.myfonts.net/count/350914 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://id.rlcdn.com/464526.gif Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=27914227566322846541209279120506921333 Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://bam.nr-data.net/1/8f22def631?a=278441150&sa=1&v=1169.7b094c0&t=Unnamed%20Transaction&rst=6203&ck=1&ref=https://www.rallyhealth.com/quit-for-life&be=1115&fe=6131&dc=3744&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1666201294090,%22n%22:0,%22f%22:318,%22dn%22:318,%22dne%22:346,%22c%22:346,%22s%22:361,%22ce%22:380,%22rq%22:380,%22rp%22:1089,%22rpe%22:1105,%22dl%22:1092,%22di%22:3742,%22ds%22:3742,%22de%22:3745,%22dc%22:6131,%22l%22:6131,%22le%22:6131%7D,%22navigation%22:%7B%7D%7D&fp=1557&fcp=1791&jsonp=NREUM.setToken Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.amplitude.com
api.tiles.mapbox.com
assets-tracking.crazyegg.com
assets.adobedtm.com
bam.nr-data.net
cdn.amplitude.com
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
d362armbx6l2g0.cloudfront.net
dpm.demdex.net
global.ib-ibi.com
hello.myfonts.net
id.rlcdn.com
js-agent.newrelic.com
match.adsrvr.org
match.prod.bidr.io
npmcdn.com
pagestates-tracking.crazyegg.com
px.ads.linkedin.com
px4.ads.linkedin.com
rally-health-prod.imgix.net
rallyhealth.com
script.crazyegg.com
segments.company-target.com
smetrics.optum.com
snap.licdn.com
stats.g.doubleclick.net
tag.demandbase.com
tracking.crazyegg.com
unitedhealthgroup.demdex.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.linkedin.com
www.rallyhealth.com
www.youtube.com
global.ib-ibi.com
108.138.17.87
13.107.43.14
13.36.218.177
149.126.77.158
151.101.130.137
162.247.241.14
18.66.122.45
18.66.138.182
18.66.97.88
192.230.66.158
216.58.212.162
2600:9000:225e:2a00:4:f286:6800:93a1
2606:4700:20::681a:acb
2606:4700::6811:f449
2606:4700::6813:9408
2620:1ec:21::14
2a00:1450:4001:80e::200e
2a00:1450:4001:828::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2008
2a00:1450:400c:c07::9d
2a02:26f0:3500:591::1e80
2a02:26f0:480:f::213:7edd
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:3::720
34.248.152.242
34.251.26.3
35.244.174.68
35.71.131.137
52.11.95.35
52.222.206.118
52.222.214.106
54.171.150.101
54.76.252.170
54.77.129.99
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
156544cd13b925123ef0a1b00a86d757161c0352c181070c26ffd2988316db74
1844f10c93b29aaa35de3dab61a922a6065eff572a7ad2f74cfde412a9f86662
1b59a7459389cabe43ac517167e75604bd9907d737c9164472fe7662a289d68e
1e9a45d0e1d5117dcf8afef7611e4b1bcce8601bf12b0f9323420c71233a06db
20ea1e508e535ef9c38fbd4a1ca9ee3b1a270f9f27e29a726784c4443f080e5a
2ded55d37943e4b26c210071772a79585b8a33f01283e40d7a8bbf4541d1cfac
33654d576736b5d8da1c4a7c0598a364f206aa0df34ba0efc59f42d0e2e6728c
3b756aba12395a564274520d1f411b0402a5f745ca1ba3cbe17f89075a227bcc
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3f0e15e16e7a347037e7f7665bc59e9a96a4ac6a18222f3ea570fa5d76ca8bff
457a05ac2d95a0b1116469ea3a3217b344db98b9475ffdf6f3930f39d884ae45
510d71bfae8484c59b9b3bd6064b3edd0348bb79b3b448bc1093bc7a73265b6a
5242902da084a84deef4f44a78fc11468c51ebfbd7d376faba35e499969575e3
565659f8795be22c3dd4245ed1f04b6091e068aadade84aeda1d2bf31d3b4e73
5adc121bddb887b4d757aa9aa59f31e4636557f9f9457129d0acc1382e27333c
60d8508062baa7f4beda6ed4029f2e1ba9f881f93857c32e8ecb5b29f0bc82f0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c9b85219c6e149ac77257bbabaa0be2d161f13a1cafb6c2a10073d8b864a187
6cb6b6e5a292040c2bb8074878e03d7e031da6253d5eec31edf1c100802b61db
7a03b37a0f12c558430891010aa7374c1fa21371c91c7eddbe327e600c3e597f
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
82a3a1b3d297e97ecdeda5e8fa261da4ea9d64e08f9a645a472ec26b309d8a90
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8638de9b84a29135f93ddf68a554e5bc4f0306b74afdd505b43947251ec2fe7d
8ad9a44f2d2996ab6d06acdaf17b947b3a44693a7998cd773c57918d7d38636b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
93e8cd53ed78b8a27087304b6f33103ec3ce745003f62d9a2ad77cc40a1ace30
9675106ffe936d9a2b9d234fab0ad0a194332664c6328576dcac6f99a6f1ef87
98b379ff20a6b4b9084d4455e206aa66e5b522cb419efc36200ffc73b32abe81
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a4fa433b1862422fa3d7bb2ba6198421deb8f520b42a009982b625667a5cb200
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aedbc06281d03af66672f5aa01d8fc869f7b38eee043ad15492914ac3a09187f
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
af9aad30d77da4214abffaa264fd11a99fe5695acf4eb0709cf4c5d383e051db
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b896279fff3d8bb808e348cc28283721ec6e70165229623948c5239818b4bf4d
bb24ca0cbb54af3d9f26295634e9d00d7db9aaaf50d2b2ca4506b94bea4343df
bfc978d39c228b6e373412d2275ba1b1953989ca07b35e23ea1f3fb2eb767d81
c676ce3cda9b377716311a94a3d8c00c6024e9cfcd4884d34f55864c9ad9e07b
cddee6bb37cab7b576ddf080fd6ba00fa8420d0afc0531f413633175e9e5f9c8
d00f3e8ff8a8f9c103dad61c2fd4bb58143e1404aadfdf09e29b6db1a2de0a3f
d2ae500c8ecda7b7cd79a3bacba7cee0a2c169c80cf2bc84005506a173ade92c
d3d2798658a02536e134797deb69974ad8fce1baecacc3d3d5ee7aea43f42705
d46bc0e166e73b210cd81209b071585a95c2bb4e7a1da918c9c195deca34c5cc
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e24b2cc040bd00c415b990e9603679b7ce0ad4aa1e8f4fcfb708a15841ed817a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8f74416e7bc7051dbd2c0b2dec8cdb9a5ba4b36f88ba1b65c3e7dd7447b4090
e98d5c943d6e8e8cf5aacb45eb401803e41608126e69badc40ee5e028943fd84
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1244de44d19da5e8166dbc266d98a21e2f480c5faa9e109c9d2bde3385fc164
fe1f651485263fd8479553b0c3bb23099f1696cbcfcec653bb29c542daf750e7
fe2e94d62eb9d7e50da60842392c0ce372372aec72abcaa970afecff76a0228d

www.rallyhealth.com Open in urlscan Pro 149.126.77.158 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

79 Requests

90 %HTTPS

42 %IPv6

29 Domains

38 Subdomains

32 IPs

6 Countries

2648 kBTransfer

10730 kBSize

34 Cookies

3 Outgoing links

Page URL History

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.rallyhealth.com Open in urlscan Pro
149.126.77.158 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

90 %
HTTPS

42 %
IPv6

29
Domains

38
Subdomains

32
IPs

6
Countries

2648 kB
Transfer

10730 kB
Size

34
Cookies

79 HTTP transactions
1 data transactions