get.rethinkfirst.com Open in urlscan Pro
2606:2c40::c73c:671f Public Scan

Go To Rescan
Add Verdict Report

URL:
http://get.rethinkfirst.com/-temporary-slug-e55e5639-8697-4e5d-9c79-b2bb6c7c9234
Submission: On January 31 via api (January 31st 2022, 8:55:40 pm UTC) from US — Scanned from DE

Summary HTTP 32 Redirects Links 41 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 10 domains to perform 32 HTTP transactions. The main IP is 2606:2c40::c73c:671f, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is get.rethinkfirst.com.

This is the only time get.rethinkfirst.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2606:2c40::c7... 2606:2c40::c73c:671f	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:46b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
5	143.204.214.192 143.204.214.192	16509 (AMAZON-02) (AMAZON-02)
1	172.67.75.100 172.67.75.100	13335 (CLOUDFLAR...) (CLOUDFLARENET)
32	11

13 2606:2c40::c73c:671f (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

get.rethinkfirst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:46b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 143.204.214.192 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-192.fra53.r.cloudfront.net

d10lpsik1i8c69.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.75.100 (United States)

ASN13335 (CLOUDFLARENET, US)

settings.luckyorange.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	rethinkfirst.com get.rethinkfirst.com	84 KB
5	cloudfront.net d10lpsik1i8c69.cloudfront.net	98 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
2	hubspot.com app.hubspot.com — Cisco Umbrella Rank: 7153 track.hubspot.com — Cisco Umbrella Rank: 2675	1 KB
2	gstatic.com fonts.gstatic.com	67 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	2 KB
1	luckyorange.net settings.luckyorange.net — Cisco Umbrella Rank: 7611	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	39 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2564	16 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2549	20 KB
32	10

	Domain	Requested by
13	get.rethinkfirst.com	get.rethinkfirst.com
5	d10lpsik1i8c69.cloudfront.net	get.rethinkfirst.com d10lpsik1i8c69.cloudfront.net
2	www.google-analytics.com	www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	get.rethinkfirst.com
1	settings.luckyorange.net	d10lpsik1i8c69.cloudfront.net
1	www.googletagmanager.com	get.rethinkfirst.com
1	track.hubspot.com
1	js.hs-banner.com	get.rethinkfirst.com
1	js.hs-analytics.net	get.rethinkfirst.com
1	app.hubspot.com	get.rethinkfirst.com
32	11

This site contains links to these domains. Also see Links.

Domain
www.whil.com
connect.whil.com
www.rethinkfirst.com
whilconcepts.zendesk.com
www.rethinkbenefits.com
www.facebook.com
www.linkedin.com
twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
get.rethinkfirst.com Cloudflare Inc ECC CA-3	`2021-09-02` - `2022-09-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-14` - `2022-07-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://get.rethinkfirst.com/-temporary-slug-e55e5639-8697-4e5d-9c79-b2bb6c7c9234
Frame ID: 23096561DB07B36FC7F88F50A385CA36
Requests: 29 HTTP requests in this frame

Frame: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=6ea758b
Frame ID: D09158157C7EAB8E0652BEF93FCBFD5F
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Follow us on FacebookFollow us on LinkedInFollow us on TwitterFollow us on Instagram

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

72 %
HTTPS

80 %
IPv6

10
Domains

11
Subdomains

11
IPs

2
Countries

348 kB
Transfer

892 kB
Size

13
Cookies

41 Outgoing links

These are links going to different origins than the main page.

URL: https://www.whil.com/why-whil?hsLang=en&__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: Why Whil

Search URL Search Domain Scan URL

URL: https://www.whil.com/solutions?hsLang=en&__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: Our Solutions

Search URL Search Domain Scan URL

URL: https://www.whil.com/solutions/personal?hsLang=en&__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: Personal Wellbeing

Search URL Search Domain Scan URL

URL: https://www.whil.com/solutions/professional?hsLang=en&__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: Professional Resilience

Search URL Search Domain Scan URL

URL: https://www.whil.com/solutions/parenting?hsLang=en&__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: Parenting & Caregiving

Search URL Search Domain Scan URL

URL: https://www.whil.com/platform/science-based-courses?hsLang=en&__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: Science-Based Mini Courses

Search URL Search Domain Scan URL

URL: https://www.whil.com/platform/streamlined-setup?hsLang=en&__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: Streamlined Setup

Search URL Search Domain Scan URL

URL: https://www.whil.com/platform/automated-wellbeing-campaigns?hsLang=en&__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: Automated Wellbeing Campaigns

Search URL Search Domain Scan URL

URL: https://www.whil.com/platform/robust-analytics-and-reporting?hsLang=en&__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: Robust Analytics

Search URL Search Domain Scan URL

URL: https://www.whil.com/platform/enterprise-ready?hsLang=en&__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: Built for the Enterprise

Search URL Search Domain Scan URL

URL: https://www.whil.com/industries/customer-service?hsLang=en&__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: Customer Service

Search URL Search Domain Scan URL

URL: https://www.whil.com/industries/education?hsLang=en&__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: Education

Search URL Search Domain Scan URL

URL: https://www.whil.com/industries/financial-services?hsLang=en&__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: Financial Services

Search URL Search Domain Scan URL

URL: https://www.whil.com/industries/food-beverage?hsLang=en&__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: Food & Beverage

Search URL Search Domain Scan URL

URL: https://www.whil.com/industries/government?hsLang=en&__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: Government

Search URL Search Domain Scan URL

URL: https://www.whil.com/industries/healthcare?hsLang=en&__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: Healthcare

Search URL Search Domain Scan URL

URL: https://www.whil.com/industries/legal-services?hsLang=en&__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: Legal Services

Search URL Search Domain Scan URL

URL: https://www.whil.com/industries/sales-success?hsLang=en&__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: Sales & Success

Search URL Search Domain Scan URL

URL: https://www.whil.com/insights?hsLang=en&__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: Resources

Search URL Search Domain Scan URL

URL: https://www.whil.com/insights/topic/article?hsLang=en&__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.whil.com/insights/topic/podcast?hsLang=en&__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: Podcasts

Search URL Search Domain Scan URL

URL: https://www.whil.com/resources/webinars?hsLang=en&__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: Webinars

Search URL Search Domain Scan URL

URL: https://www.whil.com/resources/events?hsLang=en&__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: Events

Search URL Search Domain Scan URL

URL: https://www.whil.com/insights/topic/news?hsLang=en&__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: News

Search URL Search Domain Scan URL

URL: https://www.whil.com/about/about-us?hsLang=en&__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.whil.com/about/testimonials?hsLang=en&__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: Testimonials

Search URL Search Domain Scan URL

URL: https://www.whil.com/about/good-whil?hsLang=en&__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: Good Whil

Search URL Search Domain Scan URL

URL: https://www.whil.com/about/contact-us?hsLang=en&__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://connect.whil.com/login?__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: Login

Search URL Search Domain Scan URL

URL: https://www.whil.com/about/our-team?__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: About Whil

Search URL Search Domain Scan URL

URL: https://www.rethinkfirst.com/
Title: About Rethink

Search URL Search Domain Scan URL

URL: https://www.whil.com/careers?__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.whil.com/request-a-demo?__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: Request a Demo

Search URL Search Domain Scan URL

URL: https://whilconcepts.zendesk.com/hc/en-us
Title: Support

Search URL Search Domain Scan URL

URL: https://www.whil.com/about/contact-us?__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.rethinkbenefits.com/eb/privacy-notice/?__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: Privacy Notice

Search URL Search Domain Scan URL

URL: https://www.rethinkbenefits.com/eb/terms-of-use/?__hstc=43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1&__hssc=43009466.1.1643662536406&__hsfp=1792297217
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.facebook.com/WeAreWhil/
Title: Follow us on Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/whil-concepts-inc-/
Title: Follow us on LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/WeAreWhil
Title: Follow us on Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/wearewhil/
Title: Follow us on Instagram

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 404
Not Found Primary Request -temporary-slug-e55e5639-8697-4e5d-9c79-b2bb6c7c9234 Show response
get.rethinkfirst.com/ 29 KB
8 KB 1663ms
1559ms Document
text/html 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: http://get.rethinkfirst.com/-temporary-slug-e55e5639-8697-4e5d-9c79-b2bb6c7c9234
Protocol: HTTP/1.1
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3c931ef92d063a2bff3c66470ed51335bd994d03cd804cfb22f1b0efbb50113

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Mon, 31 Jan 2022 20:55:34 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 6d65d76fcf160f86-MXP
Cache-Control: s-maxage=5,max-age=5
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: MISS
Access-Control-Allow-Credentials: false
X-HS-Reason: Email 63624724552 does not have web version enabled
X-HubSpot-Correlation-Id: adec83cd-8d48-4baa-8642-bbdbaf0116c6
X-HubSpot-NotFound: true
X-Trace: 2BC0F634C25C9CA05CDED78B4C7B98C0945DA44549000000000000000000
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BkySRezLDL340rZUUKL5OsSjN63hTLt48xDT2wx5luj%2FN55Ihdbjiffk17uwZdwyOum6tZcujK0dVX2ClM2xmvXkKauiuICU1thv2ftf1wvdFbYs1o7%2B5y5IqdjUDbJFD8aoTwH4pz76Auv32FQ2tAL3"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare

GET
H/1.1 200
OK jquery-1.7.1.js Show response
get.rethinkfirst.com/hs/hsstatic/jquery-libs/static-1.1/jquery/ 92 KB
34 KB 123ms
122ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

http://get.rethinkfirst.com/hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js

Requested by

Host: get.rethinkfirst.com
URL: http://get.rethinkfirst.com/-temporary-slug-e55e5639-8697-4e5d-9c79-b2bb6c7c9234

Protocol

HTTP/1.1

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://get.rethinkfirst.com/-temporary-slug-e55e5639-8697-4e5d-9c79-b2bb6c7c9234
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 20:55:34 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: HIT
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Age: 24525722
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
CF-Ray: 6d65d7799cfd0f86-MXP
Last-Modified: Tue, 25 Nov 2014 17:03:30 GMT
Server: cloudflare
ETag: W/"ddb84c1587287b2df08966081ef063bf"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BX%2FMVKSrJ3uO%2B%2FD3Rp33TkWqmJRhDwNjwfqWQ79tcdPMN%2Blb3tOrXn1Wbkes3nfjEOd4DlCTpXo2MUzVKcSKpSYw7Jp29rhkPmE7RkplHgU4IS94zRXKyJzKDzlwF%2BngcOueIiciqCLwcoZ5P%2FW8h0Qx"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: null
Via: 1.1 a7750b04e96e89c0816616ed8cc70afc.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: MXP64-C3
Content-Type: application/javascript
X-Amz-Cf-Id: HkrauIjB1EcWI9J11-D8FcOdt-EH1MjvcRKSxdef5mmUwbzkuBg6fw==
Expires: Tue, 31 Jan 2023 20:55:34 GMT

GET
H2 200 main.min.css
get.rethinkfirst.com/hs-fs/hub/2900416/hub_generated/template_assets/32930727087/1603750482706/Whil_-_Barricade/css/ 34 KB
9 KB 618ms
504ms Stylesheet
text/css 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://get.rethinkfirst.com/hs-fs/hub/2900416/hub_generated/template_assets/32930727087/1603750482706/Whil_-_Barricade/css/main.min.css
Requested by: Host: get.rethinkfirst.com
URL: http://get.rethinkfirst.com/-temporary-slug-e55e5639-8697-4e5d-9c79-b2bb6c7c9234
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d861e57ac167bee07303f4e004d435a87d4ddff86a8119915a8785d4bfe37714

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://get.rethinkfirst.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1603750482706
date: Mon, 31 Jan 2022 20:55:35 GMT
via: 1.1 2a6e657acb4fd3f6aee2e3da45e44642.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: W0Y4CVF7KYQQ9YMY
x-amz-id-2: 617wE+T2PTqTLEIsL1e2ZzWRoCbiG2oJEOY6aeLJAKcmkw1/IBnsKPNxmFstBa1gqUjxERPaKvU=
last-modified: Mon, 26 Oct 2020 22:14:43 GMT
server: cloudflare
etag: W/"bbf3f6d8d6b9f4a8ffd1d0d569fba034"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mT4vNWF%2FZcDMYh%2Ba9WzkYgGjpltP5S%2FAKQOdmWkeKNzZjPvfAndyeplX9koOcCgFrcaoZhxSVmV9rMrtwVT%2FE8HNnLq6Le4xvrSIYvNqxBhtPYWJlN%2FDaoFtQw8ipxN9xxX8RGHNUmyHe7xXnQExVX7L"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: kPIVzFKhuUt7MVF9SGALeamuxA4hxPFC
cf-ray: 6d65d77a4aac0f6e-MXP
x-amz-cf-id: ujVPL9ffBJbldpcYqt867U3dA8N6Ca2GH078cfrfhdRs_H8MJe-bww==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 theme-overrides.min.css
get.rethinkfirst.com/hs-fs/hub/2900416/hub_generated/template_assets/32930729165/1616784666542/Whil_-_Barricade/css/ 24 KB
6 KB 468ms
355ms Stylesheet
text/css 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://get.rethinkfirst.com/hs-fs/hub/2900416/hub_generated/template_assets/32930729165/1616784666542/Whil_-_Barricade/css/theme-overrides.min.css
Requested by: Host: get.rethinkfirst.com
URL: http://get.rethinkfirst.com/-temporary-slug-e55e5639-8697-4e5d-9c79-b2bb6c7c9234
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e57b4ba7a6513789da1feedc67e0a35b3dbc79c0ae7e45b5ffd97e148177ce6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://get.rethinkfirst.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1616784666637
date: Mon, 31 Jan 2022 20:55:35 GMT
via: 1.1 9557da2570df16242f84a67f254d7f30.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: W0Y6PMJNSDJX1FAZ
x-amz-id-2: ejI6dVpph9JcxrE/oFENZafHWao5qEcgDUUlt3tkz0g4yPpm8G2HPeCZUwfqzuxOtlOZSHS7A+I=
last-modified: Fri, 26 Mar 2021 18:51:07 GMT
server: cloudflare
etag: W/"94a95e21b2f4bbb56e2fb73df391490e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XD9Qi1zDYrFfaFT%2FEOjTpAkgi6z%2B2YfTTAz0eg59%2BjDEluuAs3A0%2B6%2FREtzIHE3Wv39RpupWqgk9voax9HmYcaBeDx%2BGeqLvuYmRWt4da4J%2FMIjkIavLRuXLHy7Iri3b0mhRLwwPfUaMCRAYObPFE6hR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: GstnDhLNkeAgWmTJmdW6GzMF12vIRhbH
cf-ray: 6d65d77a5aad0f6e-MXP
x-amz-cf-id: rfYLJa7No3fY8tCHJPfAPbgyEVlXbhM7S33e_z9hfYkM_1GZdmJuqw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 css
fonts.googleapis.com/ 7 KB
723 B 43ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,500,600,700|Teko:300,400,500,600,700&display=swap

Requested by

Host: get.rethinkfirst.com
URL: http://get.rethinkfirst.com/-temporary-slug-e55e5639-8697-4e5d-9c79-b2bb6c7c9234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2a4408871c311e7f51cdcc0568bd226d3065873fad5c44b63bb217a34b6b0a05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://get.rethinkfirst.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 20:55:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 31 Jan 2022 20:55:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 31 Jan 2022 20:55:34 GMT

GET
H2 200 module_32931130686_menu-section.min.css
get.rethinkfirst.com/hs-fs/hub/2900416/hub_generated/module_assets/32931130686/1595883642470/ 6 KB
2 KB 487ms
374ms Stylesheet
text/css 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://get.rethinkfirst.com/hs-fs/hub/2900416/hub_generated/module_assets/32931130686/1595883642470/module_32931130686_menu-section.min.css
Requested by: Host: get.rethinkfirst.com
URL: http://get.rethinkfirst.com/-temporary-slug-e55e5639-8697-4e5d-9c79-b2bb6c7c9234
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 546f7d31435007e29d940e018ea4f6eae647727997c9076e8dd18a3b3213b0b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://get.rethinkfirst.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1595883642470
date: Mon, 31 Jan 2022 20:55:35 GMT
via: 1.1 3500e6db5ae43764ed5ca43fc6d56058.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: W0Y0SVEDY77KHYPQ
x-amz-id-2: 1fHQ21tquxrzhIT52W4Wqw4+Ff1K2rye1SO3bjPRViaYHWVwCgrBLIjt8zu9FzCvu2Y9sDDt8mw=
last-modified: Mon, 27 Jul 2020 21:00:43 GMT
server: cloudflare
etag: W/"5352dd08784ee424674aadaa9b5c0b62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzMy7FqdohZCmoTzhArFH5yf%2Fyb2CXKxsUHicuRcdV5dc9reNJZtTPofKnFQyMVBKVGZA9thNtQU7qL7S%2B0WwE1sPBZWiCEwMqNat0VLFioepB4kJTWxhKV9lpqCMrllbhR0KViulS%2FXUNV%2BmTgdWQ14"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: s5G2zZC3mFBsT02hsjX0MySa6Yeuu7o7
cf-ray: 6d65d77a5aae0f6e-MXP
x-amz-cf-id: EnUfTVR4-NeNRBldzlI_4ea39Yia3rq6mbLaiCUGkdNWSl3gGlxc_Q==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 module_32927080739_social-follow.min.css
get.rethinkfirst.com/hs-fs/hub/2900416/hub_generated/module_assets/32927080739/1595883641730/ 559 B
799 B 502ms
388ms Stylesheet
text/css 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://get.rethinkfirst.com/hs-fs/hub/2900416/hub_generated/module_assets/32927080739/1595883641730/module_32927080739_social-follow.min.css
Requested by: Host: get.rethinkfirst.com
URL: http://get.rethinkfirst.com/-temporary-slug-e55e5639-8697-4e5d-9c79-b2bb6c7c9234
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73b2e8094dcadce0b1cb72fb929542725bf14286d35208ebb3aac9b05ffb9e8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://get.rethinkfirst.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1595883641730
date: Mon, 31 Jan 2022 20:55:35 GMT
via: 1.1 4ee1745ee3cece0fab563f5a32ba165a.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: YZ2CEH2D8K9MZ73D
x-amz-id-2: DYGFHkft2y8gvE+JERJFwW5e0IaaGY2HE2IMs0OHhtuOjQnvNwwk06iIo+tQDGp2iTzdqE+uhs0=
last-modified: Mon, 27 Jul 2020 21:00:42 GMT
server: cloudflare
etag: W/"cf4c66441030ea88c00cbae41e9e74ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BbCZkVO5%2BPklj8hK9EdE175eVwP9eK8oExHhhavaUGnuVB6AbuLHMppsbxRq1uqHJjoV9pwXZhlqy8DK61tgeZ21VSz%2Bpcc9KEIN3U8yxsz4%2FvzEe7QG32QbWMYasMzuuyMqAPp98csjSnK12lqllIgq"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: mbuch8OncnSmXP_5tR8ciqW01ScfCRNS
cf-ray: 6d65d77a5aaf0f6e-MXP
x-amz-cf-id: vkz6ozO3Pl4vdNIQn4PVLQnk-eif30E-swoMthZPQG0OObRrwPNC6A==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 41ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:regular,700&display=swap

Requested by

Host: get.rethinkfirst.com
URL: http://get.rethinkfirst.com/-temporary-slug-e55e5639-8697-4e5d-9c79-b2bb6c7c9234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

62bd7091eeb23e4141a0eb78186579f42b66d1ed8508e0e65bfe3675fc27fce6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://get.rethinkfirst.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 20:16:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 31 Jan 2022 20:55:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 31 Jan 2022 20:55:34 GMT

GET
H2 200 Rethink%20First%20Logo.png
get.rethinkfirst.com/hs-fs/hubfs/455%20-%20Corporate/Images/Brand/ 13 KB
14 KB 810ms
809ms Image
image/png 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://get.rethinkfirst.com/hs-fs/hubfs/455%20-%20Corporate/Images/Brand/Rethink%20First%20Logo.png?width=1078&name=Rethink%20First%20Logo.png
Requested by: Host: get.rethinkfirst.com
URL: http://get.rethinkfirst.com/-temporary-slug-e55e5639-8697-4e5d-9c79-b2bb6c7c9234
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 092cb747b54d67cbcf6abf132d1988ca971224d7a05ee245d8eaabe19312a2b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://get.rethinkfirst.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1634057688869
date: Mon, 31 Jan 2022 20:55:35 GMT
via: 1.1 470d4277236d0557f3e42c6bfe9dac78.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-hs-alternate-content-type: text/plain
x-amz-server-side-encryption: AES256
cf-ray: 6d65d77d7a8e0f6e-MXP
edge-cache-tag: F-57360039719,FD-49189798572,P-2900416,FLS-ALL
x-amz-meta-index-tag: all
x-amz-replication-status: COMPLETED
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-length: 13002
last-modified: Tue, 12 Oct 2021 16:54:49 GMT
server: cloudflare
etag: "69aa8b4d6461e14cf42b281e27c7f9bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZV16synZiiFKxiOHDE3qUUTrXQU8h5x6LLVk7%2BEfJ%2FFHMpSRIFfIFShapkyP1nougVzI33BGHVzVJLd5HQCk0E9ozSIJpSlDdPyImbp8TT4sXs7MFoAXCGygDjy9lU%2F%2FRfbt%2Btrr1hjeIhA1E2FZCdVd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: all
x-amz-cf-id: zkzq1lY-P1n6S-Z_nQDuIHQh9_os4OGDVwH7U9IcIkYO0P9b8GhqXw==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H2 200 main.min.js Show response
get.rethinkfirst.com/hs-fs/hub/2900416/hub_generated/template_assets/32927080760/1595882600074/Whil_-_Barricade/js/ 460 B
841 B 381ms
381ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://get.rethinkfirst.com/hs-fs/hub/2900416/hub_generated/template_assets/32927080760/1595882600074/Whil_-_Barricade/js/main.min.js
Requested by: Host: get.rethinkfirst.com
URL: http://get.rethinkfirst.com/-temporary-slug-e55e5639-8697-4e5d-9c79-b2bb6c7c9234
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d0f4d66463c5e13e309ce353ec512beca746e511903c0c99ef2a61a7a617781

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://get.rethinkfirst.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1595882600074
date: Mon, 31 Jan 2022 20:55:35 GMT
via: 1.1 de349bd2105a0a744704f391ff854e62.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: 2D2BE0GP5EKBZFS9
x-amz-id-2: 1zwOKAsQQpQOunjIrTva35S+WXEdVJojJXqePbEp4OQuVCfTWbdi56vklAqRHkz3aTJriQlNdyY=
last-modified: Mon, 27 Jul 2020 20:43:21 GMT
server: cloudflare
etag: W/"d813214eed9843f2949a04925b5633ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LvMo9Wc1gX3ZU%2BXAB1NqK5EMdPfaPc5rbUKCoHk6Kh1m2V7r6GtV6Y72auU%2BMJpOPORAbAlqgbtW7hBvHnO1AzQWpKEwWMWA5AtqtdLkZKGYv%2B1PRbBr%2BdZOUO3CRD5pWH%2Fgr2o0Gji3K9Pdc2FOfBMG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: IKC07fHRcPWUmHb3LS78vshs5oCo65Yq
cf-ray: 6d65d77cb8c60f6e-MXP
x-amz-cf-id: fybP_sH5GcNdzfWRQthhMjWP4PiX3hv2HG6e_R2T_tb2J7ShVdKt0A==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H/1.1 200
OK project.js Show response
get.rethinkfirst.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 1 KB
2 KB 99ms
98ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

http://get.rethinkfirst.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js

Requested by

Host: get.rethinkfirst.com
URL: http://get.rethinkfirst.com/-temporary-slug-e55e5639-8697-4e5d-9c79-b2bb6c7c9234

Protocol

HTTP/1.1

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://get.rethinkfirst.com/-temporary-slug-e55e5639-8697-4e5d-9c79-b2bb6c7c9234
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 20:55:35 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: HIT
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Age: 7184949
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
CF-Ray: 6d65d77d7da60f86-MXP
Last-Modified: Tue, 09 Nov 2021 16:12:42 GMT
Server: cloudflare
ETag: W/"61ca66de658cab9587e4636894680d5d"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Wc09idiwQ0DV2hqd61zB62X0MV%2BR5jRhEVdb4EnJNi35BhTQ9Y%2FgGFW1OvEgB6xvL7r7PMbTHpGJUr3gHbdhCD2bfr6rO43wzDMOkG9Z9LK%2BQYw65o1rVU%2B%2BNARxH8utFGZ7tW9SglZ1AZDd%2FYN7gyF"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
Via: 1.1 8dd9765909fe9494b6dd4a72ba9e7b65.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: MXP63-P3
Content-Type: application/javascript
X-Amz-Cf-Id: FeaG0c6R1eJ6NGIO48OqSkmi-tdJBfBeWwjgfQ7yaszmvAKZ8CB6AA==
Expires: Tue, 31 Jan 2023 20:55:35 GMT

GET
H2 200 module_32931130686_menu-section.min.js Show response
get.rethinkfirst.com/hs-fs/hub/2900416/hub_generated/module_assets/32931130686/1595883642309/ 2 KB
1 KB 397ms
396ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://get.rethinkfirst.com/hs-fs/hub/2900416/hub_generated/module_assets/32931130686/1595883642309/module_32931130686_menu-section.min.js
Requested by: Host: get.rethinkfirst.com
URL: http://get.rethinkfirst.com/-temporary-slug-e55e5639-8697-4e5d-9c79-b2bb6c7c9234
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 181e0b3e314e5543d0ffe2fa57c918a6fa34bd8897a2c4c16be4141353fda098

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://get.rethinkfirst.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis: 1595883642309
date: Mon, 31 Jan 2022 20:55:35 GMT
via: 1.1 de349bd2105a0a744704f391ff854e62.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 12
content-encoding: br
x-amz-request-id: S2QDKEC7NBSE3VRR
x-amz-id-2: /XMlixl5KzA65wWEjBI7wsP+3/Okv3wGj4iAUcyO4Lxlo9NWNvAIxMew8+yW4YKjUw2u4B/ZzJw=
last-modified: Mon, 27 Jul 2020 21:00:43 GMT
server: cloudflare
etag: W/"31bfedb4acac25574d70c53eff4035ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=912nTCxMC1n%2FbcXltgL21%2F4ERPangiwxD1UGjqJT%2BE2FrlPfaCLo4Sc%2FBWX2C0g2y8%2BQc%2FyJ9HqoXdHZMFygV5GbrXK37gUozZJIJpVj3YYCgXnVWD7KjNOVafYKZ9B3DyuVABr8zR203aJHy99iBHpr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials: false
x-amz-version-id: _PD8NjYcSM2xzeqM1L9mtMdcaXSkZLFv
cf-ray: 6d65d77d7a840f6e-MXP
x-amz-cf-id: EjOYeCbQcu0fb_3C-mMbsFg3tuGSH8FFl7H3rtBO0_CdJ-YxqCdLjA==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 12

GET
H/1.1 200
OK 2900416.js Show response
get.rethinkfirst.com/hs/scriptloader/ 964 B
2 KB 277ms
220ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: http://get.rethinkfirst.com/hs/scriptloader/2900416.js
Requested by: Host: get.rethinkfirst.com
URL: http://get.rethinkfirst.com/-temporary-slug-e55e5639-8697-4e5d-9c79-b2bb6c7c9234
Protocol: HTTP/1.1
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8c029b81a504f22ad613ad3f9c7628035198b8b6ed939982c698b98178fdeb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://get.rethinkfirst.com/-temporary-slug-e55e5639-8697-4e5d-9c79-b2bb6c7c9234
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 20:55:35 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
X-HubSpot-Correlation-Id: e6525eb6-0df0-43cb-b4b0-461d8bf71689
Connection: keep-alive
Content-Length: 518
Last-Modified: Mon, 31 Jan 2022 20:45:55 GMT
Server: cloudflare
X-Trace: 2BB600CED50D30F9E475E9215271458B65D289F735000000000000000000
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Access-Control-Max-Age: 3600
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FxhnbqJTdGmNIp1s%2FKez6dYZgNA7pBdvx7q5Me318dmVsWIad3Zxrb2oEN14tQROaxKXPAQlNT2De1ZIcPSDjOTlh%2B5Q7F20AnX8vHcDf3NRR9iU9F85JqvnTt74MMaI8%2BfBc4lZrtiFy61wHDjtv64m"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: http://get.rethinkfirst.com
Cache-Control: public, max-age=60
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
CF-Ray: 6d65d77dde800f86-MXP
Expires: Mon, 31 Jan 2022 20:56:35 GMT

GET
H/1.1 200
OK index.js Show response
get.rethinkfirst.com/hs/hsstatic/HubspotToolsMenu/static-1.119/js/ 11 KB
5 KB 162ms
105ms Script
application/javascript 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

http://get.rethinkfirst.com/hs/hsstatic/HubspotToolsMenu/static-1.119/js/index.js

Requested by

Host: get.rethinkfirst.com
URL: http://get.rethinkfirst.com/-temporary-slug-e55e5639-8697-4e5d-9c79-b2bb6c7c9234

Protocol

HTTP/1.1

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d9bc6dec214e0ac4562af8a3854d2d46772e46e66806ab6aed8ba22d833d0dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://get.rethinkfirst.com/-temporary-slug-e55e5639-8697-4e5d-9c79-b2bb6c7c9234
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 20:55:35 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: HIT
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Age: 6584296
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
CF-Ray: 6d65d77dddab0f6a-MXP
Last-Modified: Mon, 15 Nov 2021 14:59:45 GMT
Server: cloudflare
ETag: W/"e87d0efee17e652760ab5ccd33fbc8ad"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aiXGXcV%2BpSnN9u3Au2URS271swKTrR7QByM%2FTvYo%2FWx2rsxLMJuawSHyByB3XXt8uqD20T4f7420s5Nj%2BfJXu%2BOGI%2BYedPfYdyJJYsyUdpSyQ5WhD2UNbAm2du2bBm0EeKVk%2FZo%2FwBt%2FK65QWhKX9mnU"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: vdFz9Y2Y_lpsefQtRnWK89fgZF54ag5p
Via: 1.1 205017ec1deb1818ed40d527d0c96868.cloudfront.net (CloudFront)
Cache-Control: public, max-age=31536000
X-Amz-Cf-Pop: MXP63-P3
Content-Type: application/javascript
X-Amz-Cf-Id: YxbdhGLcbU-8bI8_hlc9s3OK8HtrSYRJ9oXBRw1DdrxXrLFnzcKayA==
Expires: Tue, 31 Jan 2023 20:55:35 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 37ms
10ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:regular,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://get.rethinkfirst.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:52:02 GMT
x-content-type-options: nosniff
age: 284613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 28 Jan 2023 13:52:02 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 49ms
22ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,500,600,700|Teko:300,400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://get.rethinkfirst.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 19:30:31 GMT
x-content-type-options: nosniff
age: 437104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:21:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 26 Jan 2023 19:30:31 GMT

GET
H2 204 has-permission Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
733 B 433ms
258ms Script
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=2900416&callback=jsonpHandler

Requested by

Host: get.rethinkfirst.com
URL: http://get.rethinkfirst.com/hs/hsstatic/HubspotToolsMenu/static-1.119/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://get.rethinkfirst.com/-temporary-slug-e55e5639-8697-4e5d-9c79-b2bb6c7c9234
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-hs-worker-debug-mode: false
server: cloudflare
x-hubspot-correlation-id: 34f2460b-3a22-4c69-9abd-9362e145500e
x-trace: 2B4F91513F066577F550055C41B9FC4842AFBEB44F000000000000000000
date: Mon, 31 Jan 2022 20:55:36 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
cf-cache-status: DYNAMIC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 6d65d7811f5d3755-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 2900416.js Show response
js.hs-analytics.net/analytics/1643662500000/ 62 KB
20 KB 429ms
248ms Script
text/javascript 2606:4700::6811:46b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1643662500000/2900416.js
Requested by: Host: get.rethinkfirst.com
URL: http://get.rethinkfirst.com/hs/scriptloader/2900416.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42329280b0cf83cd9362c2c18410b9a0e16571baa6d7b4877a59edfe4192c494

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://get.rethinkfirst.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:55:36 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: NTENDZZ71MA1K20V
x-amz-server-side-encryption: AES256
cf-ray: 6d65d7812da083a0-MXP
x-amz-id-2: VN7frK82t9MY7M2Hx7A0sqynw2l3uihEz8AwBTu0gG1yq7/ZU3dlmfX01VPaIAuGHmZzf8N3yd8=
last-modified: Thu, 11 Nov 2021 21:33:20 GMT
server: cloudflare
etag: W/"c4b0df6b5d3243e66e8ccc00df82ac27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Mon, 31 Jan 2022 21:00:35 GMT

GET
H2 200 2900416.js Show response
js.hs-banner.com/ 62 KB
16 KB 716ms
546ms Script
text/javascript 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/2900416.js
Requested by: Host: get.rethinkfirst.com
URL: http://get.rethinkfirst.com/hs/scriptloader/2900416.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af163e6370aa13abac18245d6c0f786a5db66448abba499f506b4bd11414727c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://get.rethinkfirst.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:55:36 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: KX72GCT11N16M015
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: 7gkNftun2NP43STc6kcN/UA6EBRQRJLCp2GPByYRRRg003QteyER+GpeEZ8mGrtRFVkObPfPVYo=
timing-allow-origin: *
last-modified: Thu, 11 Nov 2021 21:33:22 GMT
server: cloudflare
etag: W/"bf9ce368d7d81c9674d952c65b4035ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: MFy7i6PeM1iHOSRkjCK3SxBrXTE0qJNi
access-control-allow-origin: https://www.whil.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 6d65d7811c8c59bf-MXP
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Mon, 31 Jan 2022 21:00:36 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
508 B 248ms
248ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1792297217&v=1.1&a=2900416&ct=standard-page&ccu=http%3A%2F%2Fget.rethinkfirst.com%2F404&lvc=en&pu=http%3A%2F%2Fget.rethinkfirst.com%2F-temporary-slug-e55e5639-8697-4e5d-9c79-b2bb6c7c9234&cts=1643662536408&vi=c303f7f622303888f4aa6c890ca274f2&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://get.rethinkfirst.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:55:36 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 3dd2b059-1e0d-49f5-b946-ab45901e63cd
cf-ray: 6d65d7849fb23755-MXP
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rksr9UlpL8Z6ndmzlBcOqaR1hdld33Hrvq4IDdQVAf3UR%2F318v1SBCVn%2B%2Bjfmkv%2F277jBKJYhxDsmIz9gnHs%2BybEAZ5PTlJbvHTPr77%2BVAMqpM7LxZiIWW8XRFsi8oMUKnUjNmwo%2FGtJBwCKHnXb"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

49 KB
20 KB

29ms
7ms

Script
text/javascript

2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Protocol

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://get.rethinkfirst.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4842
date: Mon, 31 Jan 2022 19:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 31 Jan 2022 21:34:54 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 99 KB
39 KB 53ms
32ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5NXW785

Requested by

Host: get.rethinkfirst.com
URL: http://get.rethinkfirst.com/-temporary-slug-e55e5639-8697-4e5d-9c79-b2bb6c7c9234

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

27cc72cc33170074ad456f12151270b24f46476a7dfe8f37968cae08b99933cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://get.rethinkfirst.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:55:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39116
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 20:36:54 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 31 Jan 2022 20:55:36 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 14ms
13ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1871673099&t=pageview&_s=1&dl=http%3A%2F%2Fget.rethinkfirst.com%2F-temporary-slug-e55e5639-8697-4e5d-9c79-b2bb6c7c9234&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1152721609&gjid=1321211339&cid=675102650.1643662536&tid=UA-96382756-4&_gid=1101917303.1643662536&_r=1&_slc=1&z=709046605

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://get.rethinkfirst.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 20:55:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://get.rethinkfirst.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 w.js Show response
d10lpsik1i8c69.cloudfront.net/ 5 KB
3 KB 35ms
7ms Script
application/javascript 143.204.214.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by: Host: get.rethinkfirst.com
URL: http://get.rethinkfirst.com/-temporary-slug-e55e5639-8697-4e5d-9c79-b2bb6c7c9234
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-192.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5cf27e0e31db874d77562c910f5a0eca1f37b32fde3dd4c2c5503a560ce40921

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://get.rethinkfirst.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:35:50 GMT
content-encoding: gzip
last-modified: Thu, 30 Sep 2021 14:06:55 GMT
server: AmazonS3
age: 1186
etag: W/"7ad74b945ef7019a5ff78b8e45bc1a20"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: iLGYYTgakxJWp16V1LA0Zl286yNnUtIs5wUAubsOgXRs24L1ycwjDA==

GET
H2 200 / Show response
settings.luckyorange.net/ 3 KB
2 KB 198ms
163ms Fetch
application/json 172.67.75.100
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.luckyorange.net/?u=http%3A%2F%2Fget.rethinkfirst.com%2F-temporary-slug-e55e5639-8697-4e5d-9c79-b2bb6c7c9234&s=272019

Requested by

Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.75.100 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46858564c22952b82cb76e0e4ff2c7895fae3dcaa2e10c132c7f194c0d03845a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://get.rethinkfirst.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:55:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: http://get.rethinkfirst.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HM7Sw%2BrI4xO5dLtI4Fu9GUKbvX47lbdwzhnSJZKkJ9SQ66VVlzNWYY4lDfeDviRlCWmYveTQwxBXlRzf%2Fh9xeFfkgVCnO8yv2%2BsuwwufiN3WHP4EOKAMWABid6RasKqdvic%2BaP%2FudQdS7w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 6d65d7857ef66939-FRA
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 clickstream.js Show response
d10lpsik1i8c69.cloudfront.net/js/ Frame D091 287 KB
92 KB 440ms
406ms Script
application/javascript 143.204.214.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=6ea758b
Requested by: Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-192.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 655f9cbe75c1c5210189d35ebbedda6cfc19f5834ec742aeb8e666339ed4eca2

Request headers

Referer
Origin: http://get.rethinkfirst.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 20:55:38 GMT
content-encoding: gzip
last-modified: Thu, 30 Sep 2021 14:06:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"49c52a71719229156fdc34187d349e14"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31536000
x-cache: Miss from cloudfront
x-amz-cf-id: u7lyEiSkI3RO7KLUGjo7h_XiDcDjK-FZVdBgR-RXKYY5OX2A5nn9ZA==
via: 1.1 b073c20359d711b751afd124dda34076.cloudfront.net (CloudFront)

GET
H2 200 logo-light.png
d10lpsik1i8c69.cloudfront.net/graphics/ 1 KB
1 KB 9ms
8ms Image
image/png 143.204.214.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10lpsik1i8c69.cloudfront.net/graphics/logo-light.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-192.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://get.rethinkfirst.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 18:53:54 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Thu, 30 Sep 2021 14:06:55 GMT
server: AmazonS3
age: 7783304
etag: "35ce74c31e3ef54462a234340af702d7"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 1143
x-amz-cf-id: uH4HWt5-Tz50uTq09rIQ4UfW_iJlroNvy7kpJ5BQuvwdcR0eKlqnFQ==

GET
H2 200 sound-on-white.png
d10lpsik1i8c69.cloudfront.net/graphics/ 277 B
619 B 9ms
9ms Image
image/png 143.204.214.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10lpsik1i8c69.cloudfront.net/graphics/sound-on-white.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-192.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://get.rethinkfirst.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:10:29 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Thu, 30 Sep 2021 14:06:55 GMT
server: AmazonS3
age: 8480709
etag: "76f1993de0fd323f67cece8d8e63bfa2"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 277
x-amz-cf-id: aA2znuF38A_04zZcbcHv-UDzPkfPsFwXurTLlkNXdXymXleuN0f1zQ==

GET
BLOB 200
OK 14fc96f6-5d8a-4c15-8c6b-60e8b4e25ecb
http://get.rethinkfirst.com/ Frame D091 0
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://get.rethinkfirst.com/14fc96f6-5d8a-4c15-8c6b-60e8b4e25ecb
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 0

GET
BLOB 200
OK 72211c49-9d62-40dc-b030-f17ad85e3205
http://get.rethinkfirst.com/ Frame D091 30 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://get.rethinkfirst.com/72211c49-9d62-40dc-b030-f17ad85e3205
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb5a1fff57218742c5c1e469970504556a10d235b2379872b4ffcef9901d3bc0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 31224

GET
H2 200 reset.css
d10lpsik1i8c69.cloudfront.net/css/ 2 KB
1 KB 8ms
8ms Stylesheet
text/css 143.204.214.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/css/reset.css
Requested by: Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=6ea758b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-192.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://get.rethinkfirst.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 04:17:54 GMT
content-encoding: gzip
last-modified: Thu, 30 Sep 2021 14:06:55 GMT
server: AmazonS3
age: 7835863
etag: W/"7144eaceff0b31347712515a6116074e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: oZDxUZUcf9d4C4_O9zPt00WREmVccXEEfn-t8gQsvqc-iSNWTPWb_Q==

POST
H/1.1 200
OK perf Show response
get.rethinkfirst.com/_hcms/ 2 B
909 B 252ms
252ms XHR
text/plain 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: http://get.rethinkfirst.com/_hcms/perf
Requested by: Host: get.rethinkfirst.com
URL: http://get.rethinkfirst.com/-temporary-slug-e55e5639-8697-4e5d-9c79-b2bb6c7c9234
Protocol: HTTP/1.1
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: http://get.rethinkfirst.com/-temporary-slug-e55e5639-8697-4e5d-9c79-b2bb6c7c9234
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: application/json

Response headers

CF-Ray: 6d65d7975d510f86-MXP
Date: Mon, 31 Jan 2022 20:55:39 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
X-HubSpot-Correlation-Id: 3720cb8f-ad78-4e87-bb9e-fa2861271fc0
X-Trace: 2B9138AB3AAC742A4F32AF5D40E543F40FF7E56499000000000000000000
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UphUjkUw%2BM5NsbnKhQCVe5Es1tvscpvZtOOkSYglpmCDBNhHRnoxd1WGfpRWLAIVk5nunTzrIJ38Us30GbCqt6NBp%2BeFa7XU5bZlDhUpDrQr%2FeImRxP4t7RdOusqXis%2BmQ7jLL0II3xis37lvqG%2BLrGp"}],"group":"cf-nel","max_age":604800}
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-Robots-Tag: none
Content-Length: 2

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.get.rethinkfirst.com/	1969-12-31 23:59:59	Name: __cfruid Value: 734843c2c72ee2b6038dd92df062ce3a26f187af-1643662535
.hubspot.com/	1970-01-20 00:34:24	Name: __cf_bm Value: r4tHWVfh3MM_QVWLfgXbI3WaJ5hH0_qXTsoVdCaAQ1g-1643662536-0-AVs7B3qIgIr7MVwIOlk7Zz8R+kgTYej/kPfATqstqe/6u6Bqz88SWMMzpuwAdPeYaT0+/DHwKU/y+7+4t60QZY4=
.rethinkfirst.com/	1970-01-20 09:55:58	Name: __hstc Value: 43009466.c303f7f622303888f4aa6c890ca274f2.1643662536406.1643662536406.1643662536406.1
.rethinkfirst.com/	1970-01-20 09:55:58	Name: hubspotutk Value: c303f7f622303888f4aa6c890ca274f2
.rethinkfirst.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.rethinkfirst.com/	1970-01-20 00:34:24	Name: __hssc Value: 43009466.1.1643662536406
.rethinkfirst.com/	1970-01-20 18:05:34	Name: _ga Value: GA1.2.675102650.1643662536
.rethinkfirst.com/	1970-01-20 00:35:48	Name: _gid Value: GA1.2.1101917303.1643662536
.rethinkfirst.com/	1970-01-20 00:34:22	Name: _gat Value: 1
.rethinkfirst.com/	1970-01-20 18:05:34	Name: _lo_uid Value: 272019-1643662536653-502e12f99d488280
.rethinkfirst.com/	1970-01-20 00:34:23	Name: _lorid Value: 272019-1643662536653-b0adbefbf5387fb1
.rethinkfirst.com/	1970-01-20 09:19:58	Name: _lo_v Value: 1
.rethinkfirst.com/	1970-01-20 04:53:34	Name: __lotl Value: http%3A%2F%2Fget.rethinkfirst.com%2F-temporary-slug-e55e5639-8697-4e5d-9c79-b2bb6c7c9234

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://get.rethinkfirst.com/-temporary-slug-e55e5639-8697-4e5d-9c79-b2bb6c7c9234 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.hubspot.com
d10lpsik1i8c69.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
get.rethinkfirst.com
js.hs-analytics.net
js.hs-banner.com
settings.luckyorange.net
track.hubspot.com
www.google-analytics.com
www.googletagmanager.com
143.204.214.192
172.67.75.100
2606:2c40::c73c:671f
2606:4700::6811:46b0
2606:4700::6812:14bf
2606:4700::6813:9a53
2a00:1450:4001:802::2003
2a00:1450:4001:810::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2008
092cb747b54d67cbcf6abf132d1988ca971224d7a05ee245d8eaabe19312a2b3
181e0b3e314e5543d0ffe2fa57c918a6fa34bd8897a2c4c16be4141353fda098
27cc72cc33170074ad456f12151270b24f46476a7dfe8f37968cae08b99933cb
2a4408871c311e7f51cdcc0568bd226d3065873fad5c44b63bb217a34b6b0a05
401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245
42329280b0cf83cd9362c2c18410b9a0e16571baa6d7b4877a59edfe4192c494
46858564c22952b82cb76e0e4ff2c7895fae3dcaa2e10c132c7f194c0d03845a
546f7d31435007e29d940e018ea4f6eae647727997c9076e8dd18a3b3213b0b5
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5cf27e0e31db874d77562c910f5a0eca1f37b32fde3dd4c2c5503a560ce40921
5d9bc6dec214e0ac4562af8a3854d2d46772e46e66806ab6aed8ba22d833d0dd
62bd7091eeb23e4141a0eb78186579f42b66d1ed8508e0e65bfe3675fc27fce6
655f9cbe75c1c5210189d35ebbedda6cfc19f5834ec742aeb8e666339ed4eca2
73b2e8094dcadce0b1cb72fb929542725bf14286d35208ebb3aac9b05ffb9e8b
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb
8d0f4d66463c5e13e309ce353ec512beca746e511903c0c99ef2a61a7a617781
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
af163e6370aa13abac18245d6c0f786a5db66448abba499f506b4bd11414727c
c3c931ef92d063a2bff3c66470ed51335bd994d03cd804cfb22f1b0efbb50113
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c8c029b81a504f22ad613ad3f9c7628035198b8b6ed939982c698b98178fdeb0
d861e57ac167bee07303f4e004d435a87d4ddff86a8119915a8785d4bfe37714
da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57b4ba7a6513789da1feedc67e0a35b3dbc79c0ae7e45b5ffd97e148177ce6a
fb5a1fff57218742c5c1e469970504556a10d235b2379872b4ffcef9901d3bc0

get.rethinkfirst.com Open in urlscan Pro 2606:2c40::c73c:671f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

32 Requests

72 %HTTPS

80 %IPv6

10 Domains

11 Subdomains

11 IPs

2 Countries

348 kBTransfer

892 kBSize

13 Cookies

41 Outgoing links

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

get.rethinkfirst.com Open in urlscan Pro
2606:2c40::c73c:671f Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

72 %
HTTPS

80 %
IPv6

10
Domains

11
Subdomains

11
IPs

2
Countries

348 kB
Transfer

892 kB
Size

13
Cookies

32 HTTP transactions
0 data transactions