urlscan.io logo urlscan.io
SecurityTrails logo

www.rethinkfirst.com Open in urlscan Pro
104.209.197.87  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://go.rethinkfirst.com/
Effective URL: https://www.rethinkfirst.com/
Submission: On April 15 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 23 HTTP transactions. The main IP is 104.209.197.87, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.rethinkfirst.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on June 2nd 2019. Valid for: 2 years.
This is the only time www.rethinkfirst.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 35.174.150.168 14618 (AMAZON-AES)
13 104.209.197.87 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:2800:133... 15133 (EDGECAST)
1 152.199.19.160 15133 (EDGECAST)
1 51.140.6.23 8075 (MICROSOFT...)
23 6
4    35.174.150.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-3-ue1.aws.pardot.com
go.rethinkfirst.com
pi.pardot.com
13    104.209.197.87 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.rethinkfirst.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
rethink-cdn-edu.azureedge.net
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
1    51.140.6.23 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Domain Requested by
13 www.rethinkfirst.com www.rethinkfirst.com
4 rethink-cdn-edu.azureedge.net www.rethinkfirst.com
2 pi.pardot.com www.rethinkfirst.com
pi.pardot.com
2 go.rethinkfirst.com 1 redirects pi.pardot.com
1 dc.services.visualstudio.com az416426.vo.msecnd.net
1 az416426.vo.msecnd.net www.rethinkfirst.com
1 fonts.googleapis.com www.rethinkfirst.com
23 7

This site contains links to these domains. Also see Links.

Domain
www.rethinkbehavioralhealth.com
www.rethinkbenefits.com
www.rethinked.com
Subject Issuer Validity Valid
www.rethinkfirst.com
GeoTrust RSA CA 2018		 2019-06-02 -
2021-06-01		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2020-03-24 -
2020-06-16		 3 months crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2		 2020-03-18 -
2022-03-18		 2 years crt.sh
pi.pardot.com
DigiCert SHA2 Secure Server CA		 2019-12-26 -
2020-12-26		 a year crt.sh
dc.services.visualstudio.com
Microsoft IT TLS CA 5		 2020-03-17 -
2022-03-17		 2 years crt.sh
go.rethinkfirst.com
Let's Encrypt Authority X3		 2020-03-27 -
2020-06-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.rethinkfirst.com/
Frame ID: AF9A2E2A3CA6F5B6A0D82414B3CCE8F7
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://go.rethinkfirst.com/ HTTP 302
    https://www.rethinkfirst.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

23
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

914 kB
Transfer

1184 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://go.rethinkfirst.com/ HTTP 302
    https://www.rethinkfirst.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.rethinkfirst.com/
Redirect Chain
  • http://go.rethinkfirst.com/
  • https://www.rethinkfirst.com/
14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.rethinkfirst.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.209.197.87 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a4b24a3c47d23d9a9aa22723bdb50b5eb33f0e469f3c23d035988c042f23c84a

Request headers

:method
GET
:authority
www.rethinkfirst.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
cache-control
private
content-length
5595
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
set-cookie
TiPMix=24.0203057993298; path=/; HttpOnly; Domain=www.rethinkfirst.com; Max-Age=3600 x-ms-routing-name=self; path=/; HttpOnly; Domain=www.rethinkfirst.com; Max-Age=3600 ASP.NET_SessionId=td5ayuby1crbwprtamjqvbqi; path=/; secure; HttpOnly; SameSite=Lax
request-context
appId=cid-v1:6ffde7ed-c4d5-4e74-bf9a-721d0a70a3ec
access-control-allow-origin
*
date
Wed, 15 Apr 2020 16:50:46 GMT

Redirect headers

Date
Wed, 15 Apr 2020 16:50:46 GMT
Set-Cookie
pardot=a0imp80js6kn10nvm4g3t90jid; path=/ flash_message=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=rethinkfirst.com flash_success_message=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=rethinkfirst.com flash_error=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=rethinkfirst.com flash_warning=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=rethinkfirst.com flash_created_object_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=rethinkfirst.com flash_access_message=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=rethinkfirst.com
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
https://www.rethinkfirst.com/
Vary
User-Agent
Content-Length
0
Content-Type
text/html; charset=UTF-8
X-Pardot-Route
32427ff3465437d362f61c790f7d2406
Server
PardotServer
X-Pardot-LB
a083ac6fc1531fb089982e922db67d20
css
fonts.googleapis.com/ 		2 KB
685 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: www.rethinkfirst.com
URL: https://www.rethinkfirst.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.rethinkfirst.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 15 Apr 2020 16:50:46 GMT
server
ESF
date
Wed, 15 Apr 2020 16:50:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 15 Apr 2020 16:50:46 GMT
HomeRethink
rethink-cdn-edu.azureedge.net/styles/ 		158 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rethink-cdn-edu.azureedge.net/styles/HomeRethink?v=PGkDWLGaemAcgNspqVSnGifJlqf5QWa6SiDz2rGWRAA1
Requested by
Host: www.rethinkfirst.com
URL: https://www.rethinkfirst.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F32) /
Resource Hash
e84b7118796e91dee6f76634e0b0d29c48c5255096f3ad0da2f9e2480afa0bd1

Request headers

Referer
https://www.rethinkfirst.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 16:50:46 GMT
content-encoding
gzip
last-modified
Wed, 21 Aug 2019 16:00:35 GMT
server
ECAcc (frc/8F32)
age
20566211
status
200
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
expires
Thu, 15 Apr 2021 16:50:46 GMT
cache-control
public
accept-ranges
bytes
content-length
39141
request-context
appId=cid-v1:6ffde7ed-c4d5-4e74-bf9a-721d0a70a3ec
HomeRethink
rethink-cdn-edu.azureedge.net/js/ 		121 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rethink-cdn-edu.azureedge.net/js/HomeRethink?v=iPZp9tRXd3Ga6ZDbi51hL-xxoH_m5teyxjztUxDAz4E1
Requested by
Host: www.rethinkfirst.com
URL: https://www.rethinkfirst.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F98) /
Resource Hash
d3429937b76cd82c8d7b1c426184f594227f3678caf362bc81cafd112e18e216

Request headers

Referer
https://www.rethinkfirst.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 16:50:46 GMT
content-encoding
gzip
last-modified
Tue, 23 Jul 2019 06:53:46 GMT
server
ECAcc (frc/8F98)
age
23104620
status
200
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
expires
Thu, 15 Apr 2021 16:50:46 GMT
cache-control
public
accept-ranges
bytes
content-length
52189
request-context
appId=cid-v1:6ffde7ed-c4d5-4e74-bf9a-721d0a70a3ec
rethink-first-logo.png
www.rethinkfirst.com/Images/HomeRethink/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rethinkfirst.com/Images/HomeRethink/rethink-first-logo.png
Requested by
Host: www.rethinkfirst.com
URL: https://www.rethinkfirst.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.209.197.87 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e4ba769279ef43017e827aec78b39236225689c7f4fcbc957debce209e91b376

Request headers

Referer
https://www.rethinkfirst.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 16:50:46 GMT
last-modified
Thu, 12 Mar 2020 15:12:32 GMT
etag
"9b997fa780f8d51:0"
status
200
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
3584
request-context
appId=cid-v1:6ffde7ed-c4d5-4e74-bf9a-721d0a70a3ec
hero_mobile.jpg
www.rethinkfirst.com/Images/HomeRethink/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rethinkfirst.com/Images/HomeRethink/hero_mobile.jpg
Requested by
Host: www.rethinkfirst.com
URL: https://www.rethinkfirst.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.209.197.87 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ea1a8464babdfa41bb89ae7110bfd8130f32705b4224e5058459f4ef1baca4d8

Request headers

Referer
https://www.rethinkfirst.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 16:50:46 GMT
last-modified
Fri, 15 Sep 2017 21:58:53 GMT
etag
"41ff5d16d2ed31:0"
status
200
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
48064
request-context
appId=cid-v1:6ffde7ed-c4d5-4e74-bf9a-721d0a70a3ec
icon-bh-u102011-fr.png
www.rethinkfirst.com/Images/HomeRethink/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rethinkfirst.com/Images/HomeRethink/icon-bh-u102011-fr.png
Requested by
Host: www.rethinkfirst.com
URL: https://www.rethinkfirst.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.209.197.87 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c01401363e140125942b6ca0b4a6168622a34e7cdf579491ee4b98ed947c89ce

Request headers

Referer
https://www.rethinkfirst.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 16:50:46 GMT
last-modified
Thu, 12 Mar 2020 15:12:32 GMT
etag
"35af7ea780f8d51:0"
status
200
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
5456
request-context
appId=cid-v1:6ffde7ed-c4d5-4e74-bf9a-721d0a70a3ec
icon-bene-u102024-fr.png
www.rethinkfirst.com/Images/HomeRethink/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rethinkfirst.com/Images/HomeRethink/icon-bene-u102024-fr.png
Requested by
Host: www.rethinkfirst.com
URL: https://www.rethinkfirst.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.209.197.87 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ee378ca978efbc7b4e2adb7e2bcad88225baa21f5bb73ba4d41d7e8a17b52872

Request headers

Referer
https://www.rethinkfirst.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 16:50:46 GMT
last-modified
Thu, 12 Mar 2020 15:12:32 GMT
etag
"35af7ea780f8d51:0"
status
200
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
7069
request-context
appId=cid-v1:6ffde7ed-c4d5-4e74-bf9a-721d0a70a3ec
tablet100.png
www.rethinkfirst.com/Images/HomeRethink/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rethinkfirst.com/Images/HomeRethink/tablet100.png
Requested by
Host: www.rethinkfirst.com
URL: https://www.rethinkfirst.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.209.197.87 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
39aa8deba9fbcc56a5ab56b6cbf675226a3a900a32e930a85ff1c1c9ef762100

Request headers

Referer
https://www.rethinkfirst.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 16:50:46 GMT
last-modified
Fri, 15 Sep 2017 21:58:53 GMT
etag
"615df5d16d2ed31:0"
status
200
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
21731
request-context
appId=cid-v1:6ffde7ed-c4d5-4e74-bf9a-721d0a70a3ec
tech-group-working2.png
www.rethinkfirst.com/Images/HomeRethink/ 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rethinkfirst.com/Images/HomeRethink/tech-group-working2.png
Requested by
Host: www.rethinkfirst.com
URL: https://www.rethinkfirst.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.209.197.87 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5215088d7e613f62fc4c61c0df702c3647126f78f63c2e3ab4fc7d12e2b99fff

Request headers

Referer
https://www.rethinkfirst.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 16:50:46 GMT
last-modified
Thu, 12 Mar 2020 15:12:32 GMT
etag
"23d280a780f8d51:0"
status
200
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
81285
request-context
appId=cid-v1:6ffde7ed-c4d5-4e74-bf9a-721d0a70a3ec
graph_hp2.png
www.rethinkfirst.com/Images/HomeRethink/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rethinkfirst.com/Images/HomeRethink/graph_hp2.png
Requested by
Host: www.rethinkfirst.com
URL: https://www.rethinkfirst.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.209.197.87 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2d9010732ba966440d65cc4d284ae035ce9530eee7eea5d89364f52b2033fd40

Request headers

Referer
https://www.rethinkfirst.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 16:50:46 GMT
last-modified
Thu, 12 Mar 2020 15:12:32 GMT
etag
"23a7ea780f8d51:0"
status
200
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
88600
request-context
appId=cid-v1:6ffde7ed-c4d5-4e74-bf9a-721d0a70a3ec
graph4.png
www.rethinkfirst.com/Images/HomeRethink/ 		136 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rethinkfirst.com/Images/HomeRethink/graph4.png
Requested by
Host: www.rethinkfirst.com
URL: https://www.rethinkfirst.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.209.197.87 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fdfb7d7ffb1fe6653d98006fecbbe04850a954cc781be131458ddeec0be4601b

Request headers

Referer
https://www.rethinkfirst.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 16:50:46 GMT
last-modified
Thu, 12 Mar 2020 15:12:32 GMT
etag
"be9d7da780f8d51:0"
status
200
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
139301
request-context
appId=cid-v1:6ffde7ed-c4d5-4e74-bf9a-721d0a70a3ec
kathlee-bailey-stengel.jpg
www.rethinkfirst.com/Images/HomeRethink/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rethinkfirst.com/Images/HomeRethink/kathlee-bailey-stengel.jpg
Requested by
Host: www.rethinkfirst.com
URL: https://www.rethinkfirst.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.209.197.87 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
32cc4c3b565f94fe4e7106a85fbe1d99e3b7e588122b7ddbe9881143adae25de

Request headers

Referer
https://www.rethinkfirst.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 16:50:46 GMT
last-modified
Thu, 12 Mar 2020 15:12:32 GMT
etag
"8a727fa780f8d51:0"
status
200
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
5231
request-context
appId=cid-v1:6ffde7ed-c4d5-4e74-bf9a-721d0a70a3ec
steve-winter.jpg
www.rethinkfirst.com/Images/HomeRethink/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rethinkfirst.com/Images/HomeRethink/steve-winter.jpg
Requested by
Host: www.rethinkfirst.com
URL: https://www.rethinkfirst.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.209.197.87 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c36796e36901b9645997a76f6010988ac51b1828e00ed8907316fc0c38661ee9

Request headers

Referer
https://www.rethinkfirst.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 16:50:46 GMT
last-modified
Thu, 12 Mar 2020 15:12:32 GMT
etag
"df3580a780f8d51:0"
status
200
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
4901
request-context
appId=cid-v1:6ffde7ed-c4d5-4e74-bf9a-721d0a70a3ec
carol.jpg
www.rethinkfirst.com/Images/HomeRethink/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rethinkfirst.com/Images/HomeRethink/carol.jpg
Requested by
Host: www.rethinkfirst.com
URL: https://www.rethinkfirst.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.209.197.87 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4e95a99cef06f0b5c68a3ca9b2d18bb3602283550bb01383cfd5ba80e4b5ff8c

Request headers

Referer
https://www.rethinkfirst.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 16:50:46 GMT
last-modified
Thu, 12 Mar 2020 15:12:32 GMT
etag
"f2c87ba780f8d51:0"
status
200
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
4515
request-context
appId=cid-v1:6ffde7ed-c4d5-4e74-bf9a-721d0a70a3ec
badges_new.png
www.rethinkfirst.com/Images/HomeEdu/ 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rethinkfirst.com/Images/HomeEdu/badges_new.png
Requested by
Host: www.rethinkfirst.com
URL: https://www.rethinkfirst.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.209.197.87 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
671ce906ebcc3467bbbcf7a654305c831056a0f85afa7c4f9f188d3423b43511

Request headers

Referer
https://www.rethinkfirst.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 16:50:46 GMT
last-modified
Thu, 12 Mar 2020 15:12:31 GMT
etag
"42cb12a780f8d51:0"
status
200
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
115863
request-context
appId=cid-v1:6ffde7ed-c4d5-4e74-bf9a-721d0a70a3ec
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: www.rethinkfirst.com
URL: https://www.rethinkfirst.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AAA) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer
https://www.rethinkfirst.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 15 Apr 2020 16:50:47 GMT
content-encoding
gzip
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1326
x-cache
HIT
status
200
content-length
22495
x-ms-lease-status
unlocked
last-modified
Tue, 04 Feb 2020 19:23:51 GMT
server
ECAcc (ama/8AAA)
etag
0x8D7A9A7C460F06C
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
97e45dae-d01e-003d-0442-1351c2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
rethink-hero-5.jpg
rethink-cdn-edu.azureedge.net/Images/HomeRethink/ 		199 KB
199 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rethink-cdn-edu.azureedge.net/Images/HomeRethink/rethink-hero-5.jpg
Requested by
Host: www.rethinkfirst.com
URL: https://www.rethinkfirst.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F81) /
Resource Hash
adf610165738a5f419d60e8880263fb8ecccbd2a13fb66b78a8c844d72252a95

Request headers

Referer
https://rethink-cdn-edu.azureedge.net/styles/HomeRethink?v=PGkDWLGaemAcgNspqVSnGifJlqf5QWa6SiDz2rGWRAA1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 15 Apr 2020 16:50:46 GMT
last-modified
Thu, 12 Mar 2020 15:12:32 GMT
server
ECAcc (frc/8F81)
age
199229
etag
"df3580a780f8d51:0"
status
200
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
203692
request-context
appId=cid-v1:6ffde7ed-c4d5-4e74-bf9a-721d0a70a3ec
fontawesome-webfont.woff2
rethink-cdn-edu.azureedge.net/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rethink-cdn-edu.azureedge.net/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.rethinkfirst.com
URL: https://www.rethinkfirst.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F8A) /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://rethink-cdn-edu.azureedge.net/styles/HomeRethink?v=PGkDWLGaemAcgNspqVSnGifJlqf5QWa6SiDz2rGWRAA1
Origin
https://www.rethinkfirst.com

Response headers

date
Wed, 15 Apr 2020 16:50:47 GMT
last-modified
Wed, 17 Jul 2019 01:44:19 GMT
server
ECAcc (frc/8F8A)
age
513340
etag
"51eddd26413cd51:0"
status
200
x-cache
HIT
content-type
application/x-font-woff
access-control-allow-origin
*
accept-ranges
bytes
content-length
77160
request-context
appId=cid-v1:6ffde7ed-c4d5-4e74-bf9a-721d0a70a3ec
pd.js
pi.pardot.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/pd.js
Requested by
Host: www.rethinkfirst.com
URL: https://www.rethinkfirst.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.150.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-3-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
925be107869153b6120de872c1ae333977bfaee69a0f7c6271f32d4a8348bca8

Request headers

Referer
https://www.rethinkfirst.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 15 Apr 2020 16:50:47 GMT
Content-Encoding
gzip
X-Pardot-Route
ea50fcd3dcf777490e1499615b883deb
X-Pardot-LB
a083ac6fc1531fb089982e922db67d20
Last-Modified
Fri, 13 Mar 2020 19:46:00 GMT
Server
PardotServer
ETag
"1442-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Cache-Control
max-age=63072000
Accept-Ranges
bytes
Content-Length
1842
Expires
Fri, 15 Apr 2022 16:50:47 GMT
track
dc.services.visualstudio.com/v2/ 		96 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
51.140.6.23 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
259065297974479d15e19a9ec5f7c01070c882c61e0a86480ee7d2980f68cc6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rethinkfirst.com/
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
BD7C0096-A02F-401A-8E37-1D23DA20837F
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Date
Wed, 15 Apr 2020 16:50:47 GMT
Access-Control-Max-Age
3600
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length
96
analytics
pi.pardot.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=7426&account_id=84952&title=RethinkFirst%20-%20A%20Leading%20Health%20Technology%20Company%20%7C%20RethinkFirst%20-%20A%20Leading%20Health%20Technology%20Company&url=https%3A%2F%2Fwww.rethinkfirst.com%2F&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.150.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-3-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
c4f2d63bab92cdbd68d865e4db9580c0216415df662d06c60bdb3d6bba8084ae

Request headers

Referer
https://www.rethinkfirst.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Apr 2020 16:50:47 GMT
Content-Encoding
gzip
X-Pardot-Route
13c7a24cfc43e49b0467af9964bf67ec
X-Pardot-LB
a083ac6fc1531fb089982e922db67d20
X-Pardot-Rsp
16/87/217
Vary
Accept-Encoding,User-Agent
P3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Content-Length
858
Server
PardotServer
Expires
Thu, 19 Nov 1981 08:52:00 GMT
analytics
go.rethinkfirst.com/ 		53 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.rethinkfirst.com/analytics?conly=true&visitor_id=249505277&visitor_id_sign=32cd3e529a3a33ace7985ce1c090aea16311d4e30c8f34048bfd4767bea91e4a108e68c252c23056194e48ff1bc7b098dcb29cca&pi_opt_in=&campaign_id=7426&account_id=84952&title=RethinkFirst%20-%20A%20Leading%20Health%20Technology%20Company%20%7C%20RethinkFirst%20-%20A%20Leading%20Health%20Technology%20Company&url=https%3A%2F%2Fwww.rethinkfirst.com%2F&referrer=
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=7426&account_id=84952&title=RethinkFirst%20-%20A%20Leading%20Health%20Technology%20Company%20%7C%20RethinkFirst%20-%20A%20Leading%20Health%20Technology%20Company&url=https%3A%2F%2Fwww.rethinkfirst.com%2F&referrer=
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.150.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
pi0-lba1-3-ue1.aws.pardot.com
Software
PardotServer /
Resource Hash
a3663aa6b825e077ddf40b6e5e49fd5d57b8174f06afb0aa37fe86ac9ebfd698

Request headers

Referer
https://www.rethinkfirst.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Apr 2020 16:50:48 GMT
X-Pardot-Route
13c7a24cfc43e49b0467af9964bf67ec
X-Pardot-LB
a083ac6fc1531fb089982e922db67d20
X-Pardot-Rsp
16/103/14
Vary
User-Agent
P3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Content-Length
53
Server
PardotServer
Expires
Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| appInsights string| piAId string| piCId string| piHostname object| AI object| Microsoft function| __extends function| _endsWith function| checkNamespace function| getPardotUrl function| piTracker function| piGetParameter function| piGetCookie function| piSetCookie string| piVersion number| piScriptNum object| piScriptObj object| pi string| property function| piResponse

4 Cookies

Domain/Path Name / Value
www.rethinkfirst.com/ Name: ai_user
Value: qCzzX|2020-04-15T16:50:47.073Z
www.rethinkfirst.com/ Name: ASP.NET_SessionId
Value: td5ayuby1crbwprtamjqvbqi
.www.rethinkfirst.com/ Name: x-ms-routing-name
Value: self
.www.rethinkfirst.com/ Name: TiPMix
Value: 24.0203057993298

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
dc.services.visualstudio.com
fonts.googleapis.com
go.rethinkfirst.com
pi.pardot.com
rethink-cdn-edu.azureedge.net
www.rethinkfirst.com
104.209.197.87
152.199.19.160
2606:2800:133:206e:1315:22a5:2006:24fd
2a00:1450:4001:80b::200a
35.174.150.168
51.140.6.23
259065297974479d15e19a9ec5f7c01070c882c61e0a86480ee7d2980f68cc6d
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d9010732ba966440d65cc4d284ae035ce9530eee7eea5d89364f52b2033fd40
32cc4c3b565f94fe4e7106a85fbe1d99e3b7e588122b7ddbe9881143adae25de
39aa8deba9fbcc56a5ab56b6cbf675226a3a900a32e930a85ff1c1c9ef762100
4e95a99cef06f0b5c68a3ca9b2d18bb3602283550bb01383cfd5ba80e4b5ff8c
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5215088d7e613f62fc4c61c0df702c3647126f78f63c2e3ab4fc7d12e2b99fff
671ce906ebcc3467bbbcf7a654305c831056a0f85afa7c4f9f188d3423b43511
925be107869153b6120de872c1ae333977bfaee69a0f7c6271f32d4a8348bca8
a3663aa6b825e077ddf40b6e5e49fd5d57b8174f06afb0aa37fe86ac9ebfd698
a4b24a3c47d23d9a9aa22723bdb50b5eb33f0e469f3c23d035988c042f23c84a
a8252492db56de6a43a1e52010746aa4b09c216f522dfaa82a62169a811e3405
adf610165738a5f419d60e8880263fb8ecccbd2a13fb66b78a8c844d72252a95
c01401363e140125942b6ca0b4a6168622a34e7cdf579491ee4b98ed947c89ce
c36796e36901b9645997a76f6010988ac51b1828e00ed8907316fc0c38661ee9
c4f2d63bab92cdbd68d865e4db9580c0216415df662d06c60bdb3d6bba8084ae
d3429937b76cd82c8d7b1c426184f594227f3678caf362bc81cafd112e18e216
e4ba769279ef43017e827aec78b39236225689c7f4fcbc957debce209e91b376
e84b7118796e91dee6f76634e0b0d29c48c5255096f3ad0da2f9e2480afa0bd1
ea1a8464babdfa41bb89ae7110bfd8130f32705b4224e5058459f4ef1baca4d8
ee378ca978efbc7b4e2adb7e2bcad88225baa21f5bb73ba4d41d7e8a17b52872
fdfb7d7ffb1fe6653d98006fecbbe04850a954cc781be131458ddeec0be4601b