connect.rethinkcare.com Open in urlscan Pro
2600:9000:21f3:ea00:10:1f89:a280:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ts.la/rethink
Effective URL:
https://connect.rethinkcare.com/sponsor/tesla
Submission: On February 24 via api (February 24th 2023, 2:16:48 am UTC) from US — Scanned from DE

Summary HTTP 20 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 20 HTTP transactions. The main IP is 2600:9000:21f3:ea00:10:1f89:a280:93a1, located in United States and belongs to AMAZON-02, US. The main domain is connect.rethinkcare.com. The Cisco Umbrella rank of the primary domain is 688846.
TLS certificate: Issued by Amazon on July 5th 2022. Valid for: a year.

This is the only time connect.rethinkcare.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a02:26f0:b20... 2a02:26f0:b200:185::b37	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a02:26f0:b20... 2a02:26f0:b200:1a9::b37	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	2620:1ec:4e:1... 2620:1ec:4e:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2600:9000:21f... 2600:9000:21f3:ea00:10:1f89:a280:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
3	2600:9000:249... 2600:9000:2491:2a00:7:a4a5:2fc0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	52.88.224.136 52.88.224.136	16509 (AMAZON-02) (AMAZON-02)
20	7

1 2a02:26f0:b200:185::b37 (Amsterdam, Netherlands) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

ts.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:b200:1a9::b37 (Amsterdam, Netherlands) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

ts.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:4e:1::45 (United States) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.rethinkbenefits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
connect.rethinkbenefits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:21f3:ea00:10:1f89:a280:93a1 (United States)

ASN16509 (AMAZON-02, US)

connect.rethinkcare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:cc (United States)

ASN13335 (CLOUDFLARENET, US)

acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2491:2a00:7:a4a5:2fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

media.whil.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.88.224.136 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-224-136.us-west-2.compute.amazonaws.com

backend.whil.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	whil.com media.whil.com — Cisco Umbrella Rank: 526586 backend.whil.com — Cisco Umbrella Rank: 516533	185 KB
5	rethinkcare.com connect.rethinkcare.com — Cisco Umbrella Rank: 688846	2 MB
4	bugsnag.com sessions.bugsnag.com — Cisco Umbrella Rank: 747	131 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	116 KB
2	rethinkbenefits.com 2 redirects www.rethinkbenefits.com connect.rethinkbenefits.com	508 B
2	ts.la 2 redirects ts.la — Cisco Umbrella Rank: 810022	1 KB
1	acsbapp.com acsbapp.com — Cisco Umbrella Rank: 3132	168 KB
20	7

	Domain	Requested by
5	connect.rethinkcare.com	connect.rethinkcare.com
4	backend.whil.com	connect.rethinkcare.com
4	sessions.bugsnag.com	connect.rethinkcare.com
3	media.whil.com	connect.rethinkcare.com
2	www.googletagmanager.com	connect.rethinkcare.com www.googletagmanager.com
2	ts.la	2 redirects
1	acsbapp.com	connect.rethinkcare.com
1	connect.rethinkbenefits.com	1 redirects
1	www.rethinkbenefits.com	1 redirects
20	9

This site contains links to these domains. Also see Links.

Domain
whilconcepts.zendesk.com

Subject Issuer	Validity	Valid
*.prod.whil.blue Amazon	`2022-07-05` - `2023-08-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.acsbapp.com GTS CA 1P5	`2023-01-06` - `2023-04-06`	3 months	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-26` - `2023-04-26`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://connect.rethinkcare.com/sponsor/tesla
Frame ID: 81FA117C253A1AC75A75986D67BBA441
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome

Page URL History Show full URLs

http://ts.la/rethink HTTP 301
https://ts.la/rethink HTTP 301
https://www.rethinkbenefits.com/landing/tesla HTTP 301
https://connect.rethinkbenefits.com/sponsor/tesla HTTP 302
https://connect.rethinkcare.com/sponsor/tesla Page URL

Detected technologies

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

20
Requests

95 %
HTTPS

89 %
IPv6

7
Domains

9
Subdomains

7
IPs

3
Countries

2333 kB
Transfer

6996 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://whilconcepts.zendesk.com/hc/en-us
Title: Need help? Contact support.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ts.la/rethink HTTP 301
https://ts.la/rethink HTTP 301
https://www.rethinkbenefits.com/landing/tesla HTTP 301
https://connect.rethinkbenefits.com/sponsor/tesla HTTP 302
https://connect.rethinkcare.com/sponsor/tesla Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request tesla Show response
connect.rethinkcare.com/sponsor/
Redirect Chain

http://ts.la/rethink
https://ts.la/rethink
https://www.rethinkbenefits.com/landing/tesla
https://connect.rethinkbenefits.com/sponsor/tesla
https://connect.rethinkcare.com/sponsor/tesla

3 KB
3 KB

1700ms
1596ms

Document
text/html

2600:9000:21f3:ea00:10:1f89:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.rethinkcare.com/sponsor/tesla

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:ea00:10:1f89:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

None /

Resource Hash

ac70ed22dc9c34ee15a876f108fd7fa9feb3077a638fa157a390048ca5dde220

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .prod.whil.blue .whil.com .rethinkcare.com https://.bugsnag.com https://www.googletagmanager.com https://www.google-analytics.com https://app.link https://.acsbapp.com https://acsbapp.com blob:; img-src 'self' data: .prod.whil.blue .whil.com .rethinkcare.com https://www.google-analytics.com https://.virginpulse.com https://.acsbapp.com https://acsbapp.com https://.rethinkfirst.com; media-src 'self' .prod.whil.blue .whil.com .rethinkcare.com https://filecloud.rethinkfirst.com; frame-ancestors 'self' https://.sabacloud.com https://.mygo1.com https://.go1.com https://.engine.scorm.com https://.learnamp.com; frame-src https://metrics.whil.com https://metrics.rethinkcare.com https://.acsbapp.com https://acsbapp.com https://.accessibe.com; style-src 'self' 'unsafe-inline'; worker-src 'self' blob:; font-src 'self' data: https://fonts.gstatic.com https://.acsbapp.com https://acsbapp.com; connect-src 'self' .prod.whil.blue .whil.com .rethinkcare.com https://.bugsnag.com https://www.google-analytics.com https://api2.branch.io https://*.acsbapp.com https://acsbapp.com; child-src 'self' blob:; object-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
content-encoding: gzip
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.prod.whil.blue *.whil.com *.rethinkcare.com https://*.bugsnag.com https://www.googletagmanager.com https://www.google-analytics.com https://app.link https://*.acsbapp.com https://acsbapp.com blob:; img-src 'self' data: *.prod.whil.blue *.whil.com *.rethinkcare.com https://www.google-analytics.com https://*.virginpulse.com https://*.acsbapp.com https://acsbapp.com https://*.rethinkfirst.com; media-src 'self' *.prod.whil.blue *.whil.com *.rethinkcare.com https://filecloud.rethinkfirst.com; frame-ancestors 'self' https://*.sabacloud.com https://*.mygo1.com https://*.go1.com https://*.engine.scorm.com https://*.learnamp.com; frame-src https://metrics.whil.com https://metrics.rethinkcare.com https://*.acsbapp.com https://acsbapp.com https://*.accessibe.com; style-src 'self' 'unsafe-inline'; worker-src 'self' blob:; font-src 'self' data: https://fonts.gstatic.com https://*.acsbapp.com https://acsbapp.com; connect-src 'self' *.prod.whil.blue *.whil.com *.rethinkcare.com https://*.bugsnag.com https://www.google-analytics.com https://api2.branch.io https://*.acsbapp.com https://acsbapp.com; child-src 'self' blob:; object-src 'self'
content-type: text/html
date: Fri, 24 Feb 2023 02:16:43 GMT
etag: W/"0a7e30a912c67704a08b92dd7a9bf6fd"
last-modified: Wed, 01 Feb 2023 19:24:20 GMT
referrer-policy: same-origin
server: None
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-amz-cf-id: z0TBo9yx3l9ZqE78nAERCr6frqNGKL8TfNUM4P7N065dHM0fMT5oAA==
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-amz-version-id: IPZAFq7SuREk2Gx6jWZau.F3VnuBx9n.
x-cache: Error from cloudfront
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

Redirect headers

backend-pool: East
content-length: 0
date: Fri, 24 Feb 2023 02:16:40 GMT
location: https://connect.rethinkcare.com/sponsor/tesla
request-context: appId=cid-v1:ca603362-7f4c-4537-90ae-5ace5c42bf25
strict-transport-security: max-age=31536000; includeSubDomains
x-azure-ref: 0CB74YwAAAAAcnluF4tf+SY42A2YWHLX4RlJBMzFFREdFMDQyMAA3YzJhNWVhZS1lNDQyLTRiOWQtODM0Yi05NmEyOThlYTA2M2Y=
x-cache: CONFIG_NOCACHE

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 95 KB
38 KB 61ms
23ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=

Requested by

Host: connect.rethinkcare.com
URL: https://connect.rethinkcare.com/sponsor/tesla

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f700b36b9cf60a5edd7cd2beadf6dba2ebecb45a722fbc6bf992918bcc8eb927

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:16:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38440
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 01:24:32 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Feb 2023 02:16:42 GMT

GET
H2 200 main.a037332b.css
connect.rethinkcare.com/static/css/ 62 KB
11 KB 41ms
40ms Stylesheet
text/css 2600:9000:21f3:ea00:10:1f89:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.rethinkcare.com/static/css/main.a037332b.css

Requested by

Host: connect.rethinkcare.com
URL: https://connect.rethinkcare.com/sponsor/tesla

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:ea00:10:1f89:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

None /

Resource Hash

0c8875dc1de9fd55740a90352d60ddf1ab4ee3a9938bf034fc381aa01c49917b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .prod.whil.blue .whil.com .rethinkcare.com https://.bugsnag.com https://www.googletagmanager.com https://www.google-analytics.com https://app.link https://.acsbapp.com https://acsbapp.com blob:; img-src 'self' data: .prod.whil.blue .whil.com .rethinkcare.com https://www.google-analytics.com https://.virginpulse.com https://.acsbapp.com https://acsbapp.com https://.rethinkfirst.com; media-src 'self' .prod.whil.blue .whil.com .rethinkcare.com https://filecloud.rethinkfirst.com; frame-ancestors 'self' https://.sabacloud.com https://.mygo1.com https://.go1.com; frame-src https://metrics.whil.com https://metrics.rethinkcare.com https://.acsbapp.com https://acsbapp.com https://.accessibe.com; style-src 'self' 'unsafe-inline'; worker-src 'self' blob:; font-src 'self' data: https://fonts.gstatic.com https://.acsbapp.com https://acsbapp.com; connect-src 'self' .prod.whil.blue .whil.com .rethinkcare.com https://.bugsnag.com https://www.google-analytics.com https://api2.branch.io https://*.acsbapp.com https://acsbapp.com; child-src 'self' blob:; object-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://connect.rethinkcare.com/sponsor/tesla
Origin: https://connect.rethinkcare.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 02:03:40 GMT
x-amz-version-id: SJwbyDRe1ktufcOhP8Tye3PX7Z98UF58
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.prod.whil.blue *.whil.com *.rethinkcare.com https://*.bugsnag.com https://www.googletagmanager.com https://www.google-analytics.com https://app.link https://*.acsbapp.com https://acsbapp.com blob:; img-src 'self' data: *.prod.whil.blue *.whil.com *.rethinkcare.com https://www.google-analytics.com https://*.virginpulse.com https://*.acsbapp.com https://acsbapp.com https://*.rethinkfirst.com; media-src 'self' *.prod.whil.blue *.whil.com *.rethinkcare.com https://filecloud.rethinkfirst.com; frame-ancestors 'self' https://*.sabacloud.com https://*.mygo1.com https://*.go1.com; frame-src https://metrics.whil.com https://metrics.rethinkcare.com https://*.acsbapp.com https://acsbapp.com https://*.accessibe.com; style-src 'self' 'unsafe-inline'; worker-src 'self' blob:; font-src 'self' data: https://fonts.gstatic.com https://*.acsbapp.com https://acsbapp.com; connect-src 'self' *.prod.whil.blue *.whil.com *.rethinkcare.com https://*.bugsnag.com https://www.google-analytics.com https://api2.branch.io https://*.acsbapp.com https://acsbapp.com; child-src 'self' blob:; object-src 'self'
x-amz-cf-pop: FRA2-C2
age: 2679183
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 23 Jan 2023 21:32:51 GMT
server: None
etag: W/"b198c27faa1cb8c35f48a22e3e281aae"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000,public
x-amz-cf-id: UGjjC_El6GugEhirByfSySvdZmx_AJVFZb1np2qI7G-VPf-xac8hDQ==

GET
H2 200 main.8560550e.js Show response
connect.rethinkcare.com/static/js/ 6 MB
2 MB 16ms
15ms Script
application/javascript 2600:9000:21f3:ea00:10:1f89:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.rethinkcare.com/static/js/main.8560550e.js

Requested by

Host: connect.rethinkcare.com
URL: https://connect.rethinkcare.com/sponsor/tesla

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:ea00:10:1f89:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

None /

Resource Hash

e9ba6943ef123d1cc24ef32793d5e570b7ba504cddc87c286662f02d88424ea5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .prod.whil.blue .whil.com .rethinkcare.com https://.bugsnag.com https://www.googletagmanager.com https://www.google-analytics.com https://app.link https://.acsbapp.com https://acsbapp.com blob:; img-src 'self' data: .prod.whil.blue .whil.com .rethinkcare.com https://www.google-analytics.com https://.virginpulse.com https://.acsbapp.com https://acsbapp.com https://.rethinkfirst.com; media-src 'self' .prod.whil.blue .whil.com .rethinkcare.com https://filecloud.rethinkfirst.com; frame-ancestors 'self' https://.sabacloud.com https://.mygo1.com https://.go1.com; frame-src https://metrics.whil.com https://metrics.rethinkcare.com https://.acsbapp.com https://acsbapp.com https://.accessibe.com; style-src 'self' 'unsafe-inline'; worker-src 'self' blob:; font-src 'self' data: https://fonts.gstatic.com https://.acsbapp.com https://acsbapp.com; connect-src 'self' .prod.whil.blue .whil.com .rethinkcare.com https://.bugsnag.com https://www.google-analytics.com https://api2.branch.io https://*.acsbapp.com https://acsbapp.com; child-src 'self' blob:; object-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://connect.rethinkcare.com/sponsor/tesla
Origin: https://connect.rethinkcare.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 19:40:51 GMT
x-amz-version-id: RHeDiMRTXqsliKc7p0ODWoi8W0twMvLO
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.prod.whil.blue *.whil.com *.rethinkcare.com https://*.bugsnag.com https://www.googletagmanager.com https://www.google-analytics.com https://app.link https://*.acsbapp.com https://acsbapp.com blob:; img-src 'self' data: *.prod.whil.blue *.whil.com *.rethinkcare.com https://www.google-analytics.com https://*.virginpulse.com https://*.acsbapp.com https://acsbapp.com https://*.rethinkfirst.com; media-src 'self' *.prod.whil.blue *.whil.com *.rethinkcare.com https://filecloud.rethinkfirst.com; frame-ancestors 'self' https://*.sabacloud.com https://*.mygo1.com https://*.go1.com; frame-src https://metrics.whil.com https://metrics.rethinkcare.com https://*.acsbapp.com https://acsbapp.com https://*.accessibe.com; style-src 'self' 'unsafe-inline'; worker-src 'self' blob:; font-src 'self' data: https://fonts.gstatic.com https://*.acsbapp.com https://acsbapp.com; connect-src 'self' *.prod.whil.blue *.whil.com *.rethinkcare.com https://*.bugsnag.com https://www.google-analytics.com https://api2.branch.io https://*.acsbapp.com https://acsbapp.com; child-src 'self' blob:; object-src 'self'
x-amz-cf-pop: FRA2-C2
age: 1924551
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 01 Feb 2023 19:24:17 GMT
server: None
etag: W/"4847eec64c050ef19be05ed8e25a6e8a"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: dblP9eVL_QMgEyhLoXBlxn5760PL16VCczGDO_7uRmd99E1EyNanEQ==

GET
H2 200 app.js Show response
acsbapp.com/apps/app/dist/js/ 471 KB
168 KB 199ms
172ms Script
text/javascript 2606:4700:10::6816:cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Requested by: Host: connect.rethinkcare.com
URL: https://connect.rethinkcare.com/sponsor/tesla
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3b21e77de6f67b4a530f42d9aa7c0bb9afea74c2372c22f58a8dfa5f5a05bae

Request headers

Referer
Origin: https://connect.rethinkcare.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:16:42 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-goog-meta-goog-reserved-file-mtime: 1677170021
x-guploader-uploadid: ADPycdssvsCQNDH4FKojczxQ3N9VlgHBipgrZzC_RG_S8xcakQPnpYiakT5XUfLWCu4vfzHOLXaapg9K5Yup4exwGkPNH555nfbQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Thu, 23 Feb 2023 16:34:22 GMT
server: cloudflare
etag: W/"25350aff689524382c7d906f925cb1dc"
vary: Accept-Encoding
x-goog-generation: 1677170062636675
content-type: text/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=Tb1mkg==, md5=JTUK/2iVJDgsfZBvklyx3A==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: no-cache
x-goog-stored-content-length: 481913
cf-ray: 79e4b3634a723602-FRA
expires: Sat, 24 Feb 2024 02:16:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
79 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XY0S082VM5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b182cef56598108ee60b567359c1a124cad713f1a9138a80541ee66baaa54db5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:16:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80294
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 24 Feb 2023 02:16:42 GMT

OPTIONS
H2 200 /
sessions.bugsnag.com/ 0
0 197ms
149ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://connect.rethinkcare.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 24 Feb 2023 02:16:43 GMT
via: 1.1 google

OPTIONS
H2 200 /
sessions.bugsnag.com/ 0
0 146ms
146ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://connect.rethinkcare.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 24 Feb 2023 02:16:43 GMT
via: 1.1 google

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
97 B 151ms
150ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: connect.rethinkcare.com
URL: https://connect.rethinkcare.com/static/js/main.8560550e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1.0
Referer
Bugsnag-Sent-At: 2023-02-24T02:16:42.905Z
accept-language: de-DE,de;q=0.9
Bugsnag-Api-Key: ad32f8961c2cb2d30657b5ecc8bafb82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 24 Feb 2023 02:16:43 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

POST
H3 202 / Show response
sessions.bugsnag.com/ 21 B
34 B 145ms
145ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: connect.rethinkcare.com
URL: https://connect.rethinkcare.com/static/js/main.8560550e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1.0
Referer
Bugsnag-Sent-At: 2023-02-24T02:16:43.007Z
accept-language: de-DE,de;q=0.9
Bugsnag-Api-Key: ad32f8961c2cb2d30657b5ecc8bafb82
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 24 Feb 2023 02:16:43 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

GET
H2 200 maintenance.prod.json Show response
media.whil.com/general/frontend/ 40 B
823 B 260ms
21ms Fetch
application/json 2600:9000:2491:2a00:7:a4a5:2fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://media.whil.com/general/frontend/maintenance.prod.json

Requested by

Host: connect.rethinkcare.com
URL: https://connect.rethinkcare.com/static/js/main.8560550e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:2a00:7:a4a5:2fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

None /

Resource Hash

6affdfadf3d5586065ab47969e3cf589e16c8cfe172eaa5b8979a63900f8c912

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: RyJLTtTrIDwDYbCluYgDkX6AyJW9kCL1
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
date: Fri, 24 Feb 2023 02:16:43 GMT
x-amz-cf-pop: FRA56-P7
age: 997
x-cache: Hit from cloudfront
content-length: 40
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 24 May 2021 03:40:54 GMT
server: None
etag: "81577ecd6ec4bd91f9114cc041c9d493"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://connect.rethinkcare.com
access-control-expose-headers: ETag
x-frame-options: DENY
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: mdTFSyUo51tQjGilZGhDV5zJydCknI02ZA2dCNazdq3ZdlVFTD9yLw==

GET
H/1.1 200
OK joininfo Show response
backend.whil.com/v1/teams/tesla/ 2 KB
1 KB 217ms
217ms Fetch
application/json 52.88.224.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://backend.whil.com/v1/teams/tesla/joininfo

Requested by

Host: connect.rethinkcare.com
URL: https://connect.rethinkcare.com/static/js/main.8560550e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.224.136 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-224-136.us-west-2.compute.amazonaws.com

Software

Resource Hash

815d360cf6a660a8b871625babd7da41592f6570f77c24827df2d7c527061133

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Call-Context: 1100:WEB:82cc6a9b-9fb3-4892-824c-b12280f7032c
Content-Type: application/json

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'none'
Content-Encoding: gzip
Date: Fri, 24 Feb 2023 02:16:43 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Accept-Encoding, Origin
X-Frame-Options: DENY
Content-Type: application/json
Access-Control-Allow-Origin: https://connect.rethinkcare.com
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 830
X-XSS-Protection: 1; mode=block
Expires: 0

OPTIONS
H/1.1 200
OK joininfo
backend.whil.com/v1/teams/tesla/ 0
0 816ms
187ms Preflight 52.88.224.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://backend.whil.com/v1/teams/tesla/joininfo

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.224.136 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-224-136.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: call-context,content-type
Access-Control-Request-Method: GET
Origin: https://connect.rethinkcare.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Headers: Accept, Cache-Control, Content-Type, DNT, Authorization, User-Agent, X-Requested-With, Call-Context, Keep-Alive, Origin, If-Modified-Since
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: https://connect.rethinkcare.com
Access-Control-Max-Age: 604800
Connection: keep-alive
Content-Length: 0
Date: Fri, 24 Feb 2023 02:16:43 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Origin, Access-Control-Request-Headers

GET
H2 200 OpenSans-Regular.woff
connect.rethinkcare.com/assets/fonts/ 66 KB
67 KB 19ms
19ms Font
binary/octet-stream 2600:9000:21f3:ea00:10:1f89:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.rethinkcare.com/assets/fonts/OpenSans-Regular.woff

Requested by

Host: connect.rethinkcare.com
URL: https://connect.rethinkcare.com/static/css/main.a037332b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:ea00:10:1f89:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

None /

Resource Hash

332560dce3f998bbf338796f38bf560b5d3c71f5052f284c5293f59574d03e8f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .prod.whil.blue .whil.com .rethinkcare.com https://.bugsnag.com https://www.googletagmanager.com https://www.google-analytics.com https://app.link https://.acsbapp.com https://acsbapp.com blob:; img-src 'self' data: .prod.whil.blue .whil.com .rethinkcare.com https://www.google-analytics.com https://.virginpulse.com https://.acsbapp.com https://acsbapp.com https://.rethinkfirst.com; media-src 'self' .prod.whil.blue .whil.com .rethinkcare.com https://filecloud.rethinkfirst.com; frame-ancestors 'self' https://.sabacloud.com https://.mygo1.com https://.go1.com; frame-src https://metrics.whil.com https://metrics.rethinkcare.com https://.acsbapp.com https://acsbapp.com https://.accessibe.com; style-src 'self' 'unsafe-inline'; worker-src 'self' blob:; font-src 'self' data: https://fonts.gstatic.com https://.acsbapp.com https://acsbapp.com; connect-src 'self' .prod.whil.blue .whil.com .rethinkcare.com https://.bugsnag.com https://www.google-analytics.com https://api2.branch.io https://*.acsbapp.com https://acsbapp.com; child-src 'self' blob:; object-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://connect.rethinkcare.com/static/css/main.a037332b.css
Origin: https://connect.rethinkcare.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 01:00:27 GMT
x-amz-version-id: 4TGmlbzG0lRT3dxgN7wzkbvOGw3DmPWa
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.prod.whil.blue *.whil.com *.rethinkcare.com https://*.bugsnag.com https://www.googletagmanager.com https://www.google-analytics.com https://app.link https://*.acsbapp.com https://acsbapp.com blob:; img-src 'self' data: *.prod.whil.blue *.whil.com *.rethinkcare.com https://www.google-analytics.com https://*.virginpulse.com https://*.acsbapp.com https://acsbapp.com https://*.rethinkfirst.com; media-src 'self' *.prod.whil.blue *.whil.com *.rethinkcare.com https://filecloud.rethinkfirst.com; frame-ancestors 'self' https://*.sabacloud.com https://*.mygo1.com https://*.go1.com; frame-src https://metrics.whil.com https://metrics.rethinkcare.com https://*.acsbapp.com https://acsbapp.com https://*.accessibe.com; style-src 'self' 'unsafe-inline'; worker-src 'self' blob:; font-src 'self' data: https://fonts.gstatic.com https://*.acsbapp.com https://acsbapp.com; connect-src 'self' *.prod.whil.blue *.whil.com *.rethinkcare.com https://*.bugsnag.com https://www.google-analytics.com https://api2.branch.io https://*.acsbapp.com https://acsbapp.com; child-src 'self' blob:; object-src 'self'
x-amz-cf-pop: FRA2-C2
age: 3806177
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 67524
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 28 Dec 2022 22:05:22 GMT
server: None
etag: "d8879b4de397c4c91811c2c323ea8114"
x-frame-options: DENY
content-type: binary/octet-stream
cache-control: max-age=31536000,public
accept-ranges: bytes
x-amz-cf-id: mwJTO6WykNmnvDZOyHqATqYZLlx4PlQgqYe1C9zzf5Mfsoq3Yy60_Q==

GET
BLOB 200
OK 1ed130c5-6487-451b-b095-8048f000c8e4
https://connect.rethinkcare.com/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://connect.rethinkcare.com/1ed130c5-6487-451b-b095-8048f000c8e4
Requested by: Host: connect.rethinkcare.com
URL: https://connect.rethinkcare.com/sponsor/tesla
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://connect.rethinkcare.com/sponsor/tesla
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H/1.1 200
OK tesla Show response
backend.whil.com/v1/sponsors/ 166 B
614 B 197ms
196ms Fetch
application/json 52.88.224.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://backend.whil.com/v1/sponsors/tesla

Requested by

Host: connect.rethinkcare.com
URL: https://connect.rethinkcare.com/static/js/main.8560550e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.224.136 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-224-136.us-west-2.compute.amazonaws.com

Software

Resource Hash

606ca4d82028ca036b380c30b256f1dbc8d34ed050e0fdf9effa5dfa42cf9784

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Call-Context: 1100:WEB:82cc6a9b-9fb3-4892-824c-b12280f7032c
Content-Type: application/json

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'none'
Date: Fri, 24 Feb 2023 02:16:44 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Origin
X-Frame-Options: DENY
Content-Type: application/json
Access-Control-Allow-Origin: https://connect.rethinkcare.com
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Length: 166
X-XSS-Protection: 1; mode=block
Expires: 0

OPTIONS
H/1.1 200
OK tesla
backend.whil.com/v1/sponsors/ 0
0 187ms
187ms Preflight 52.88.224.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://backend.whil.com/v1/sponsors/tesla

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.224.136 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-224-136.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: call-context,content-type
Access-Control-Request-Method: GET
Origin: https://connect.rethinkcare.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Headers: Accept, Cache-Control, Content-Type, DNT, Authorization, User-Agent, X-Requested-With, Call-Context, Keep-Alive, Origin, If-Modified-Since
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: https://connect.rethinkcare.com
Access-Control-Max-Age: 604800
Connection: keep-alive
Content-Length: 0
Date: Fri, 24 Feb 2023 02:16:44 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Vary: Origin, Access-Control-Request-Headers

GET
H2 200 tesla_220x37_99491f81-4dae-4892-889a-93514d544b70.png
media.whil.com/general/sponsors/ 3 KB
3 KB 947ms
927ms Image
image/png 2600:9000:2491:2a00:7:a4a5:2fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.whil.com/general/sponsors/tesla_220x37_99491f81-4dae-4892-889a-93514d544b70.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:2a00:7:a4a5:2fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

None /

Resource Hash

953ff3b6f73955aa75e1be1a0415b34c6629dcabe42f06a88553179406b257be

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 02:16:46 GMT
x-amz-version-id: 9J2DGjvNu3.Upy.BzXQZ6fn1LG10qu9a
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-amz-cf-pop: FRA56-P7
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 2656
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 22 Feb 2022 21:02:35 GMT
server: None
etag: "028e74ba755b827a7307314c04a11a3b"
x-frame-options: DENY
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: wwjEKDpp_6inCS1jJw-ooHIvedvgQNoJPXsbUOAPM947asrvNjhqlQ==

GET
H2 200 meeting_1513808362190.jpg
media.whil.com/general/sponsors/ 178 KB
179 KB 903ms
885ms Image
image/jpeg 2600:9000:2491:2a00:7:a4a5:2fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.whil.com/general/sponsors/meeting_1513808362190.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:2a00:7:a4a5:2fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

None /

Resource Hash

52f86f6865d91b7dadc688540f5962b429199daba56828c94d1635a61a7c67dc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
via: 1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
date: Fri, 24 Feb 2023 02:16:46 GMT
x-amz-cf-pop: FRA56-P7
x-cache: RefreshHit from cloudfront
content-length: 182656
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 30 Dec 2020 14:40:34 GMT
server: None
etag: "6ba74dedc23bd78e09ae0c07a3d838ed"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/jpeg
accept-ranges: bytes
x-amz-cf-id: gRNRQbTxF-KXRCkEI29rBOxn77vMDsZpB2olxUJsOovLaTWBqyGJSw==

GET
DATA 200
OK truncated
/ 370 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f681df20bf320d64df75d1c59af33393bfb9c4770ee083dc8fce10ea1e90ada

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 OpenSans-Semibold.woff
connect.rethinkcare.com/assets/fonts/ 68 KB
70 KB 19ms
19ms Font
binary/octet-stream 2600:9000:21f3:ea00:10:1f89:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.rethinkcare.com/assets/fonts/OpenSans-Semibold.woff

Requested by

Host: connect.rethinkcare.com
URL: https://connect.rethinkcare.com/static/css/main.a037332b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:ea00:10:1f89:a280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

None /

Resource Hash

39fbdcc073b336595ad588fa05b91aa7faf21493c900067cb170ffa78274c9c2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .prod.whil.blue .whil.com .rethinkcare.com https://.bugsnag.com https://www.googletagmanager.com https://www.google-analytics.com https://app.link https://.acsbapp.com https://acsbapp.com blob:; img-src 'self' data: .prod.whil.blue .whil.com .rethinkcare.com https://www.google-analytics.com https://.virginpulse.com https://.acsbapp.com https://acsbapp.com https://.rethinkfirst.com; media-src 'self' .prod.whil.blue .whil.com .rethinkcare.com https://filecloud.rethinkfirst.com; frame-ancestors 'self' https://.sabacloud.com https://.mygo1.com https://.go1.com; frame-src https://metrics.whil.com https://metrics.rethinkcare.com https://.acsbapp.com https://acsbapp.com https://.accessibe.com; style-src 'self' 'unsafe-inline'; worker-src 'self' blob:; font-src 'self' data: https://fonts.gstatic.com https://.acsbapp.com https://acsbapp.com; connect-src 'self' .prod.whil.blue .whil.com .rethinkcare.com https://.bugsnag.com https://www.google-analytics.com https://api2.branch.io https://*.acsbapp.com https://acsbapp.com; child-src 'self' blob:; object-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://connect.rethinkcare.com/static/css/main.a037332b.css
Origin: https://connect.rethinkcare.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 03:56:02 GMT
x-amz-version-id: fBxswFwLnz38uulGhsBrIuClZUftFqox
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' *.prod.whil.blue *.whil.com *.rethinkcare.com https://*.bugsnag.com https://www.googletagmanager.com https://www.google-analytics.com https://app.link https://*.acsbapp.com https://acsbapp.com blob:; img-src 'self' data: *.prod.whil.blue *.whil.com *.rethinkcare.com https://www.google-analytics.com https://*.virginpulse.com https://*.acsbapp.com https://acsbapp.com https://*.rethinkfirst.com; media-src 'self' *.prod.whil.blue *.whil.com *.rethinkcare.com https://filecloud.rethinkfirst.com; frame-ancestors 'self' https://*.sabacloud.com https://*.mygo1.com https://*.go1.com; frame-src https://metrics.whil.com https://metrics.rethinkcare.com https://*.acsbapp.com https://acsbapp.com https://*.accessibe.com; style-src 'self' 'unsafe-inline'; worker-src 'self' blob:; font-src 'self' data: https://fonts.gstatic.com https://*.acsbapp.com https://acsbapp.com; connect-src 'self' *.prod.whil.blue *.whil.com *.rethinkcare.com https://*.bugsnag.com https://www.google-analytics.com https://api2.branch.io https://*.acsbapp.com https://acsbapp.com; child-src 'self' blob:; object-src 'self'
x-amz-cf-pop: FRA2-C2
age: 3450043
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 69884
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 28 Dec 2022 22:05:22 GMT
server: None
etag: "eb75936ba8af1046045e25f9c53926c4"
x-frame-options: DENY
content-type: binary/octet-stream
cache-control: max-age=31536000,public
accept-ranges: bytes
x-amz-cf-id: f9zpHA2DVUCuvF7MnSeg8hAo9HBWzuFnL1QKkgT345FfnpFgemjjTw==

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.ts.la/	1970-01-20 09:53:32	Name: ak_bmsc Value: 8389132C1CDD99D435FC40A6DE7E8AB7~000000000000000000000000000000~YAAQVRjdWIVxu3+GAQAAXk01gRIEo0rqAmmKVvA+y7IbXbZytAzNSe3Fy/ZS7IvkBhHyLZx+LXPL4FvyRHQJCKMvuW6BbnIaMS/qJ621UYYrBWeaadks8lOxXDxVbitDUBQGmhdAMC4/cjXwWstZb9Vadfz23/oxHk2wl7qRoIhDA6uWv16be7p9ofayMOXrZXRxaEOl5re0yJnD3EHdpk8faCya/ABTfTqoKjY0QR1lFcJU9stYHx9SJfQSHHzA0W35xkMzXMye/LMnSmjb1FrgNSOjWhW8G4eep8CwEZ7z6rkQnLlqJGXBSR3AicfY9y/l0h07IdqJHNcDQ3eOVL+6Q9798cpNL3CDdHqONzvFNvgYNy7uZtCoRl33phNJ+J6cFFL6ozb67BBLZ5o=

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-XY0S082VM5&l=dataLayer&cx=c(Line 50) Message: Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-XY0S082VM5&gtm=45je32m0&_p=871945076&gcs=G100&cid=1479302125.1677205003&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677205003&sct=1&seg=0&dl=https%3A%2F%2Fconnect.rethinkcare.com%2Fsponsor%2Ftesla&dt=Registration&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1' because it violates the following Content Security Policy directive: "connect-src 'self' .prod.whil.blue .whil.com .rethinkcare.com https://.bugsnag.com https://www.google-analytics.com https://api2.branch.io https://*.acsbapp.com https://acsbapp.com".
security	error	URL: https://connect.rethinkcare.com/sponsor/tesla Message: Failed to find a valid digest in the 'integrity' attribute for resource 'https://acsbapp.com/apps/app/dist/js/app.js' with computed SHA-384 integrity 'V1+UX7SZzhbA9IkXzbUeYAJufb2gGW/GgJbJA8PA0ryZgHmYx30mP4dD4r6wqENx'. The resource has been blocked.
security	error	URL: https://www.googletagmanager.com/gtag/js?id=G-XY0S082VM5&l=dataLayer&cx=c(Line 50) Message: Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-XY0S082VM5&gtm=45je32m0&_p=871945076&gcs=G100&cid=1479302125.1677205003&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1677205003&sct=1&seg=0&dl=https%3A%2F%2Fconnect.rethinkcare.com%2Fsponsor%2Ftesla&dt=Registration&en=scroll&epn.percent_scrolled=90&_et=6' because it violates the following Content Security Policy directive: "connect-src 'self' .prod.whil.blue .whil.com .rethinkcare.com https://.bugsnag.com https://www.google-analytics.com https://api2.branch.io https://*.acsbapp.com https://acsbapp.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' .prod.whil.blue .whil.com .rethinkcare.com https://.bugsnag.com https://www.googletagmanager.com https://www.google-analytics.com https://app.link https://.acsbapp.com https://acsbapp.com blob:; img-src 'self' data: .prod.whil.blue .whil.com .rethinkcare.com https://www.google-analytics.com https://.virginpulse.com https://.acsbapp.com https://acsbapp.com https://.rethinkfirst.com; media-src 'self' .prod.whil.blue .whil.com .rethinkcare.com https://filecloud.rethinkfirst.com; frame-ancestors 'self' https://.sabacloud.com https://.mygo1.com https://.go1.com https://.engine.scorm.com https://.learnamp.com; frame-src https://metrics.whil.com https://metrics.rethinkcare.com https://.acsbapp.com https://acsbapp.com https://.accessibe.com; style-src 'self' 'unsafe-inline'; worker-src 'self' blob:; font-src 'self' data: https://fonts.gstatic.com https://.acsbapp.com https://acsbapp.com; connect-src 'self' .prod.whil.blue .whil.com .rethinkcare.com https://.bugsnag.com https://www.google-analytics.com https://api2.branch.io https://*.acsbapp.com https://acsbapp.com; child-src 'self' blob:; object-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acsbapp.com
backend.whil.com
connect.rethinkbenefits.com
connect.rethinkcare.com
media.whil.com
sessions.bugsnag.com
ts.la
www.googletagmanager.com
www.rethinkbenefits.com
2600:1901:0:7a0b::
2600:9000:21f3:ea00:10:1f89:a280:93a1
2600:9000:2491:2a00:7:a4a5:2fc0:93a1
2606:4700:10::6816:cc
2620:1ec:4e:1::45
2a00:1450:4001:82a::2008
2a02:26f0:b200:185::b37
2a02:26f0:b200:1a9::b37
52.88.224.136
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0c8875dc1de9fd55740a90352d60ddf1ab4ee3a9938bf034fc381aa01c49917b
332560dce3f998bbf338796f38bf560b5d3c71f5052f284c5293f59574d03e8f
39fbdcc073b336595ad588fa05b91aa7faf21493c900067cb170ffa78274c9c2
52f86f6865d91b7dadc688540f5962b429199daba56828c94d1635a61a7c67dc
606ca4d82028ca036b380c30b256f1dbc8d34ed050e0fdf9effa5dfa42cf9784
6affdfadf3d5586065ab47969e3cf589e16c8cfe172eaa5b8979a63900f8c912
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
815d360cf6a660a8b871625babd7da41592f6570f77c24827df2d7c527061133
8f681df20bf320d64df75d1c59af33393bfb9c4770ee083dc8fce10ea1e90ada
953ff3b6f73955aa75e1be1a0415b34c6629dcabe42f06a88553179406b257be
ac70ed22dc9c34ee15a876f108fd7fa9feb3077a638fa157a390048ca5dde220
b182cef56598108ee60b567359c1a124cad713f1a9138a80541ee66baaa54db5
d3b21e77de6f67b4a530f42d9aa7c0bb9afea74c2372c22f58a8dfa5f5a05bae
e9ba6943ef123d1cc24ef32793d5e570b7ba504cddc87c286662f02d88424ea5
f700b36b9cf60a5edd7cd2beadf6dba2ebecb45a722fbc6bf992918bcc8eb927

connect.rethinkcare.com Open in urlscan Pro 2600:9000:21f3:ea00:10:1f89:a280:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

95 %HTTPS

89 %IPv6

7 Domains

9 Subdomains

7 IPs

3 Countries

2333 kBTransfer

6996 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

1 Cookies

3 Console Messages

Security Headers

Indicators

connect.rethinkcare.com Open in urlscan Pro
2600:9000:21f3:ea00:10:1f89:a280:93a1 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

95 %
HTTPS

89 %
IPv6

7
Domains

9
Subdomains

7
IPs

3
Countries

2333 kB
Transfer

6996 kB
Size

1
Cookies

20 HTTP transactions
1 data transactions