urlscan.io logo urlscan.io
SecurityTrails logo

zrm.firstmind.com Open in urlscan Pro
63.32.161.232  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://zrm.firstmind.com/
Effective URL: https://zrm.firstmind.com/login
Submission: On June 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 9 domains to perform 22 HTTP transactions. The main IP is 63.32.161.232, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is zrm.firstmind.com.
TLS certificate: Issued by R11 on June 19th 2024. Valid for: 3 months.
This is the only time zrm.firstmind.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 63.32.161.232 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
4 2600:9000:275... 16509 (AMAZON-02)
1 151.101.0.176 54113 (FASTLY)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 151.101.128.176 54113 (FASTLY)
1 172.67.139.119 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2600:1901:0:b... 396982 (GOOGLE-CL...)
4 6 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 2001:4860:480... 15169 (GOOGLE)
22 14
3    63.32.161.232 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-161-232.eu-west-1.compute.amazonaws.com
zrm.firstmind.com
1    2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
4    2600:9000:275b:6400:6:2976:df40:21 (United States)

ASN16509 (AMAZON-02, US)
dua9kq6wryf0d.cloudfront.net
1    151.101.0.176 (San Francisco, United States)

ASN54113 (FASTLY, US)
js.stripe.com
2    2606:4700:3034::6815:1adf (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
2    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    151.101.128.176 (San Francisco, United States)

ASN54113 (FASTLY, US)
js.stripe.com
1    172.67.139.119 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
2    2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:26f0:3500:10::210:a99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    2600:1901:0:bc29:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
cdn.mxpnl.com
6    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
7 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 360
www.linkedin.com — Cisco Umbrella Rank: 545
px4.ads.linkedin.com — Cisco Umbrella Rank: 6416
4 KB
4 cloudfront.net
dua9kq6wryf0d.cloudfront.net
218 KB
4 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 2060
ka-f.fontawesome.com — Cisco Umbrella Rank: 5357
100 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 71
region1.google-analytics.com — Cisco Umbrella Rank: 2355
21 KB
3 firstmind.com
zrm.firstmind.com
12 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
173 KB
2 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1638
150 KB
1 mxpnl.com
cdn.mxpnl.com — Cisco Umbrella Rank: 6280
19 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 902
14 KB
22 9
Domain Requested by
5 px.ads.linkedin.com 3 redirects snap.licdn.com
4 dua9kq6wryf0d.cloudfront.net zrm.firstmind.com
3 ka-f.fontawesome.com kit.fontawesome.com
zrm.firstmind.com
3 zrm.firstmind.com 1 redirects
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com zrm.firstmind.com
www.google-analytics.com
2 js.stripe.com zrm.firstmind.com
js.stripe.com
1 region1.google-analytics.com www.googletagmanager.com
1 px4.ads.linkedin.com zrm.firstmind.com
1 www.linkedin.com 1 redirects
1 cdn.mxpnl.com zrm.firstmind.com
1 snap.licdn.com www.googletagmanager.com
1 kit.fontawesome.com zrm.firstmind.com
22 13

This site contains no links.

Subject Issuer Validity Valid
zrm.firstmind.com
R11		 2024-06-19 -
2024-09-17		 3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-04 -
2025-01-03		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-05-22 -
2024-08-22		 3 months crt.sh
ka-f.fontawesome.com
GTS CA 1P5		 2024-05-03 -
2024-08-01		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-12-13 -
2024-12-12		 a year crt.sh
*.mxpnl.com
GeoTrust TLS RSA CA G1		 2023-07-12 -
2024-08-11		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-01-30 -
2024-07-30		 6 months crt.sh

This page contains 2 frames:

Primary Page: https://zrm.firstmind.com/login
Frame ID: 9572D89FF7741327D98A0C18272BD3A0
Requests: 21 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: DF0C4B85BFFC9971B38189EEA9975712
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login | FirstMind

Page URL History Show full URLs

  1. https://zrm.firstmind.com/ HTTP 302
    https://zrm.firstmind.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

22
Requests

95 %
HTTPS

64 %
IPv6

9
Domains

13
Subdomains

14
IPs

3
Countries

706 kB
Transfer

2995 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://zrm.firstmind.com/ HTTP 302
    https://zrm.firstmind.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1993444&time=1718930069162&url=https%3A%2F%2Fzrm.firstmind.com%2Flogin HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1993444&time=1718930069162&url=https%3A%2F%2Fzrm.firstmind.com%2Flogin&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1993444%26time%3D1718930069162%26url%3Dhttps%253A%252F%252Fzrm.firstmind.com%252Flogin%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1993444&time=1718930069162&url=https%3A%2F%2Fzrm.firstmind.com%2Flogin&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1993444&time=1718930069162&url=https%3A%2F%2Fzrm.firstmind.com%2Flogin&cookiesTest=true&liSync=true&e_ipv6=AQKXn4cr2NKZZwAAAZA4N1hZzWOELC7kjLqbc6IyNdx_8yHe36h632XEg1wSTsdvLktddNB6

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
zrm.firstmind.com/
Redirect Chain
  • https://zrm.firstmind.com/
  • https://zrm.firstmind.com/login
7 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zrm.firstmind.com/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
63.32.161.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-161-232.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
6df0519902f978ceaea90b59d00bc58f2af638868b24491c69c9fb777b0fc001
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Fri, 21 Jun 2024 00:34:27 GMT
Etag
W/"6df0519902f978ceaea90b59d00bc58f"
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Referrer-Policy
strict-origin-when-cross-origin
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1718930068&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=CKikVYuhsiJH%2Fs6xwafkZQPfkXW7%2F2nT0k6rNiPhPFg%3D"}]}
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1718930068&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=CKikVYuhsiJH%2Fs6xwafkZQPfkXW7%2F2nT0k6rNiPhPFg%3D
Server
Cowboy
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
d0e17522-2598-411d-ae8c-71f6692ed599
X-Runtime
0.100875
X-Xss-Protection
1; mode=block

Redirect headers

Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Fri, 21 Jun 2024 00:34:27 GMT
Location
https://zrm.firstmind.com/login
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1718930068&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=CKikVYuhsiJH%2Fs6xwafkZQPfkXW7%2F2nT0k6rNiPhPFg%3D"}]}
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1718930068&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=CKikVYuhsiJH%2Fs6xwafkZQPfkXW7%2F2nT0k6rNiPhPFg%3D
Server
Cowboy
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
Via
1.1 vegur
X-Request-Id
d17392da-cdf9-45c6-93aa-d6e28b099774
X-Runtime
0.108032
d30292dd19.js
kit.fontawesome.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/d30292dd19.js
Requested by
Host: zrm.firstmind.com
URL: https://zrm.firstmind.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72c1b84f83b3f46dbe858907079343ef87ca7e28e4c897c5dacd1a924235879e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zrm.firstmind.com/
Origin
https://zrm.firstmind.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 00:34:28 GMT
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
896fe9bf68165d66-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F9rdylBOAhG7mmEa3BHh
clients-a6340837.css
dua9kq6wryf0d.cloudfront.net/packs/css/ 		1 MB
144 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dua9kq6wryf0d.cloudfront.net/packs/css/clients-a6340837.css
Requested by
Host: zrm.firstmind.com
URL: https://zrm.firstmind.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:6400:6:2976:df40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
379232ee12764da0d4d0c5cf8222c6d8851f963d29ca0087a833bd239dc59f9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zrm.firstmind.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 vegur, 1.1 f14a77f80eb66aa455bd94a07a2a0c64.cloudfront.net (CloudFront)
date
Thu, 20 Jun 2024 08:39:29 GMT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop
FRA60-P7
age
57298
x-cache
Hit from cloudfront
content-length
146610
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1718431951&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=EpMw4Qx7zI2uI%2FKifCeNFiHk39ANFt8mscaqL4i4OHo%3D
last-modified
Fri, 26 May 2023 08:13:50 GMT
server
Cowboy
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1718431951&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=EpMw4Qx7zI2uI%2FKifCeNFiHk39ANFt8mscaqL4i4OHo%3D"}]}
content-type
text/css
x-amz-cf-id
kVWUEktQSlxszRilKUJMohgu16lRPVHkohuThjgLHw0DCYgP2ijsnA==
clients-5d391cc331071eca9232.js
dua9kq6wryf0d.cloudfront.net/packs/js/ 		171 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dua9kq6wryf0d.cloudfront.net/packs/js/clients-5d391cc331071eca9232.js
Requested by
Host: zrm.firstmind.com
URL: https://zrm.firstmind.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:6400:6:2976:df40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
f7ab547bdf0056f3d3e66e0c34de84bd08739855b60580af65dbd6413a81c10e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zrm.firstmind.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 vegur, 1.1 f14a77f80eb66aa455bd94a07a2a0c64.cloudfront.net (CloudFront)
date
Thu, 20 Jun 2024 08:39:30 GMT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop
FRA60-P7
age
57298
x-cache
Hit from cloudfront
content-length
52573
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1718431951&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=EpMw4Qx7zI2uI%2FKifCeNFiHk39ANFt8mscaqL4i4OHo%3D
last-modified
Fri, 26 May 2023 08:13:50 GMT
server
Cowboy
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1718431951&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=EpMw4Qx7zI2uI%2FKifCeNFiHk39ANFt8mscaqL4i4OHo%3D"}]}
content-type
application/javascript
x-amz-cf-id
zuldNUBZIgFFm7RMRDAdZXg-9RGHgCQ1QTk7palt6bclr1pW1yolqA==
/
js.stripe.com/v3/ 		613 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: zrm.firstmind.com
URL: https://zrm.firstmind.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
2d084de7700c14a77b82b9aea2e3a7d3ffa67ef7348ade10913e4dfe53b49237
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zrm.firstmind.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 21 Jun 2024 00:34:28 GMT
via
1.1 varnish
age
1
x-cache
HIT
content-length
153018
x-request-id
d31bbfb3-318b-40f0-9b2f-7ffbe003ae82
x-served-by
cache-fra-eddf8230124-FRA
last-modified
Thu, 20 Jun 2024 22:31:53 GMT
server
Fastly
etag
"97e522c73453ae130fb4dfc713ca7b39"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
icon_white-1878e6a403bc223ddd6d5e62553df0e20d89c4013d4707d06b11b7bf4991a223.png
dua9kq6wryf0d.cloudfront.net/assets/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dua9kq6wryf0d.cloudfront.net/assets/icon_white-1878e6a403bc223ddd6d5e62553df0e20d89c4013d4707d06b11b7bf4991a223.png
Requested by
Host: zrm.firstmind.com
URL: https://zrm.firstmind.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:6400:6:2976:df40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
7c73b8dbf32ff1bedade324cf3273412b42d3d9056aca9ce993eefcd925143f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zrm.firstmind.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 vegur, 1.1 f14a77f80eb66aa455bd94a07a2a0c64.cloudfront.net (CloudFront)
date
Thu, 20 Jun 2024 08:51:20 GMT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server
Cowboy
last-modified
Thu, 19 Jan 2023 10:36:00 GMT
x-amz-cf-pop
FRA60-P7
age
56587
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1718525513&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=arS6wJXsW8tPuDAoNRjnXwPvVlErcZVfKC5rfOCwy5Y%3D"}]}
content-type
image/png
x-cache
Hit from cloudfront
content-length
5546
x-amz-cf-id
odI19qw5PSf6Bdo2WpxBF2YQ6Q1INWUlkbsfWIinPKYEyNrvQV6hxQ==
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1718525513&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=arS6wJXsW8tPuDAoNRjnXwPvVlErcZVfKC5rfOCwy5Y%3D
logo_white-507c471cb029fea56d4a90d8c83a73658bc259df54f11f22abcbc347dc010e69.png
dua9kq6wryf0d.cloudfront.net/assets/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dua9kq6wryf0d.cloudfront.net/assets/logo_white-507c471cb029fea56d4a90d8c83a73658bc259df54f11f22abcbc347dc010e69.png
Requested by
Host: zrm.firstmind.com
URL: https://zrm.firstmind.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:6400:6:2976:df40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cowboy /
Resource Hash
6e9b8fbde36cbc9ccd961c14a3809cc6ea76e0a2816f611394b5314ac9b11b24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zrm.firstmind.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 vegur, 1.1 f14a77f80eb66aa455bd94a07a2a0c64.cloudfront.net (CloudFront)
date
Thu, 20 Jun 2024 06:21:20 GMT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
server
Cowboy
last-modified
Thu, 19 Jan 2023 10:36:00 GMT
x-amz-cf-pop
FRA60-P7
age
65587
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1718483146&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=LWRP8xpLMgE7kku%2F0BglZN9ZVWcVdJ1TebCyptrwGHA%3D"}]}
content-type
image/png
x-cache
Hit from cloudfront
content-length
14844
x-amz-cf-id
PiUqbE1PfASWrr2xupX1YFY5S448kyNDi1_sDpbpSILy6iTy3Bj6_g==
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1718483146&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=LWRP8xpLMgE7kku%2F0BglZN9ZVWcVdJ1TebCyptrwGHA%3D
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		59 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=d30292dd19
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/d30292dd19.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1adf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zrm.firstmind.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 00:34:28 GMT
content-encoding
gzip
via
1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sdx0ADrTjnwNg1zhLfI9fWW0pLMGXFikF292ecN1TqQnkGt7chvSXzNjXlW1yn%2FQfCvUFocCWxUQmQGxt%2FUj9DUZZ6houMljXHb81zMYp%2FLcFyGHJz4QOnKMQ13KL%2B%2Bx4tL4eyofBeG2PtbtDczNRRjZDg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
896fe9c29b5a65a7-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
Sf6G9PUGqNFEPxpfDQ-GuH4NZetFz5xmkHGzmTA6LSTmIfFeayu10A==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		26 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=d30292dd19
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/d30292dd19.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:1adf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zrm.firstmind.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 00:34:28 GMT
content-encoding
gzip
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aOkLXyuW2ujctTgX3EXbo0POPEFrTWn43eNICRkFwCP5RL61ZdpRd%2B5ulqD%2B5YZeB9dZMcqSHLUdYDvE3t7P%2FfR7fH%2FW%2BvDhx5kPNidNSYqugeJHT3UZ%2BsF5JYL%2Fa%2F7iHPvSUmWOHgMmFb9wuJGnJkZ9OQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
896fe9c29b5d65a7-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
CfQHqpYpowhkyO8Jk1mABzQFTNPLucdEfr8DtTEeufESz58Ed4KkHg==
gtm.js
www.googletagmanager.com/ 		227 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M28ZTF8
Requested by
Host: zrm.firstmind.com
URL: https://zrm.firstmind.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
488698be5a7f2f6e1882efc05a7462c9ae69fef62cf0f0a22610bc172603ea14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zrm.firstmind.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 00:34:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82564
x-xss-protection
0
last-modified
Fri, 21 Jun 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 21 Jun 2024 00:34:28 GMT
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame DF0C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://zrm.firstmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3789197
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 21 Jun 2024 00:34:28 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 11 Nov 2022 20:25:37 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
661167
x-content-type-options
nosniff
x-request-id
3fc60821-6c5c-4ee1-8b7a-44bce09780b9
x-served-by
cache-fra-eddf8230076-FRA
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Requested by
Host: zrm.firstmind.com
URL: https://zrm.firstmind.com/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zrm.firstmind.com/
Origin
https://zrm.firstmind.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 00:34:28 GMT
via
1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
78168
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
server
cloudflare
etag
"a9fd1225fb2cd32320e2b931dca01089"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EE54myYvd0%2Bf%2FCVpzJSn3nJicrcg49qlX9hrESYSz9hjf3zukCixKwzVWMx%2FTRv9bNIduRsiwsknhKWiutbiypw%2BK7Qp%2FXYQl9eQQcXCkaic0kkahl69Qb3wx0N9FZH11HYfAhkxbw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
896fe9c2fbb89c07-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
6tHF2QgTOnL7PDdEtrIeQiAWwlwqnGrPLzH9nqIkttA5Tw4X_7CP6w==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M28ZTF8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zrm.firstmind.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 20 Jun 2024 22:46:52 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6457
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 21 Jun 2024 00:46:52 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M28ZTF8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:10::210:a99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zrm.firstmind.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 00:34:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 18 Jun 2024 16:46:52 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=54688
accept-ranges
bytes
content-length
14004
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ 		55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: zrm.firstmind.com
URL: https://zrm.firstmind.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:bc29:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
UploadServer /
Resource Hash
395e1e13608ef6f630c22329001b619f5434fc1eb6567e8d31f600b0fc3c5cc6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zrm.firstmind.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 00:26:46 GMT
content-encoding
gzip
age
463
x-guploader-uploadid
ACJd0NqI8Pt-BDRgNKBCe26RLTbTDMu3-H_RH4DoX7cD3wGAgR-Cxfyc8_an6FAXPfU8DqEr0pI3wPw0Rw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18820
last-modified
Fri, 07 Jun 2024 18:57:45 GMT
server
UploadServer
etag
"0f8e1f29672ad8af54e7b02671b3de79"
vary
Accept-Encoding
x-goog-generation
1717786665797756
x-goog-hash
crc32c=gzfIUg==, md5=D44fKWcq2K9U57AmcbPeeQ==
access-control-allow-origin
*
content-type
text/javascript
cache-control
public,max-age=600
x-goog-stored-content-length
18820
accept-ranges
bytes
expires
Fri, 21 Jun 2024 00:36:46 GMT
attribution_trigger
px.ads.linkedin.com/ 		2 B
813 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=1993444&time=1718930069162&url=https%3A%2F%2Fzrm.firstmind.com%2Flogin
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
*
Referer
https://zrm.firstmind.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 00:34:29 GMT
content-encoding
gzip
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 520F32753F9A4F34A95256B24AC7B91B Ref B: FRAEDGE1222 Ref C: 2024-06-21T00:34:29Z
access-control-allow-methods
GET, OPTIONS
x-li-fabric
prod-lva1
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-type
application/json
x-li-proto
http/2
x-restli-protocol-version
1.0.0
access-control-allow-headers
*
x-li-uuid
AAYbW5gua5Hf7VZwMlk+qg==
x-fs-uuid
00061b5b982e6b91dfed567032593eaa
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1993444&time=1718930069162&url=https%3A%2F%2Fzrm.firstmind.com%2Flogin
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1993444&time=1718930069162&url=https%3A%2F%2Fzrm.firstmind.com%2Flogin&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1993444%26time%3D1718930069162%26url%3Dhttps%253A%252F%252Fzrm.firstmind.com%252F...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1993444&time=1718930069162&url=https%3A%2F%2Fzrm.firstmind.com%2Flogin&cookiesTest=true&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1993444&time=1718930069162&url=https%3A%2F%2Fzrm.firstmind.com%2Flogin&cookiesTest=true&liSync=true&e_ipv6=AQKXn4cr2NKZZwAAAZA4N1hZzWOELC7kjLqbc6...
0
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1993444&time=1718930069162&url=https%3A%2F%2Fzrm.firstmind.com%2Flogin&cookiesTest=true&liSync=true&e_ipv6=AQKXn4cr2NKZZwAAAZA4N1hZzWOELC7kjLqbc6IyNdx_8yHe36h632XEg1wSTsdvLktddNB6
Requested by
Host: zrm.firstmind.com
URL: https://zrm.firstmind.com/login
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://zrm.firstmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 21 Jun 2024 00:34:29 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 453D3661B22949689FE0EC5E8C37C2C8 Ref B: FRAEDGE1407 Ref C: 2024-06-21T00:34:29Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYbW5gzBS041sKAaI/6iQ==

Redirect headers

date
Fri, 21 Jun 2024 00:34:28 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 8271F533191F4CEFBAC6C37365E5825C Ref B: FRAEDGE1309 Ref C: 2024-06-21T00:34:29Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1993444&time=1718930069162&url=https%3A%2F%2Fzrm.firstmind.com%2Flogin&cookiesTest=true&liSync=true&e_ipv6=AQKXn4cr2NKZZwAAAZA4N1hZzWOELC7kjLqbc6IyNdx_8yHe36h632XEg1wSTsdvLktddNB6
x-li-proto
http/2
content-length
0
x-li-uuid
AAYbW5gw2Qp5IU/Gv9PqbA==
collect
www.google-analytics.com/j/ 		15 B
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1005115415&t=pageview&_s=1&dl=https%3A%2F%2Fzrm.firstmind.com%2Flogin&ul=de-de&de=UTF-8&dt=Login%20%7C%20FirstMind&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=2021715547&gjid=2052710257&cid=1357922577.1718930069&tid=UA-159298891-1&_gid=1624043060.1718930069&_r=1&_slc=1&gtm=45He46j0n81M28ZTF8za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&npa=1&z=27908725
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
9f7b53ce79530d72e4ef24ba01ab78b518b3b84257b7ac8517ac2d6c88797477
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://zrm.firstmind.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 21 Jun 2024 00:34:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://zrm.firstmind.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		259 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-38VWFP7P5B&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8e7d3faa05d0dfdaf76f72f83d23ea96c0083a1ee187ee0bcdd63495380e1556
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zrm.firstmind.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 00:34:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94043
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 21 Jun 2024 00:34:29 GMT
collect
region1.google-analytics.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-38VWFP7P5B&gtm=45je46j0v9126070767za200&_p=1718930068890&gcd=13l3l3l2l3&npa=1&dma_cps=sypham&dma=1&tag_exp=0&ul=de-de&sr=1600x1200&cid=1357922577.1718930069&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fzrm.firstmind.com%2Flogin&dt=Login%20%7C%20FirstMind&sid=1718930069&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1324&_z=sendBeacon
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-38VWFP7P5B&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zrm.firstmind.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 21 Jun 2024 00:34:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://zrm.firstmind.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
px.ads.linkedin.com/wa/ 		0
195 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Accept
*
Referer
https://zrm.firstmind.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 00:34:29 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 48E12A7038DF468CACBB02785DAF55B5 Ref B: FRAEDGE1309 Ref C: 2024-06-21T00:34:29Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
access-control-allow-origin
https://zrm.firstmind.com
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYbW5g0wQAj1U3Y/e7laA==
favicon.png
zrm.firstmind.com/ 		872 B
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://zrm.firstmind.com/favicon.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
63.32.161.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-161-232.eu-west-1.compute.amazonaws.com
Software
Cowboy /
Resource Hash
52bf038a2ac7ccfd8b3e5ee51e145bb524c9199acd296768224ca6847a459769
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://zrm.firstmind.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 21 Jun 2024 00:34:29 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 vegur
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Server
Cowboy
Last-Modified
Fri, 26 May 2023 08:11:24 GMT
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1718930069&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=Zhzxh39Ru37EXr7maRT4ONO%2FF6GnPu1fz8y3pSTnG7E%3D"}]}
Content-Type
image/png
Connection
keep-alive
Content-Length
872
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1718930069&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=Zhzxh39Ru37EXr7maRT4ONO%2FF6GnPu1fz8y3pSTnG7E%3D

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| FontAwesomeKitConfig boolean| _rails_loaded object| toastr object| Turbolinks object| dataLayer object| webpackChunkStripeJSouter function| noop function| Stripe object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id object| gtm object| mixpanel function| lintrk boolean| _already_called_lintrk object| gaplugins object| gaGlobal object| gaData object| ORIBILI

16 Cookies

Domain/Path Name / Value
zrm.firstmind.com/ Name: _candidate_test_session
Value: rf7KdZ53mfo21C4PbN8guzvNoxcTAqA%2BWfJrhZELkHqsGGprStmrWdDTMerGsjzgUqxAFVKl0t4RKxmMwZp8FsD0DSWzE8gZVoeFJG1PtXavyATPeHE%2BqtJhhK21L%2BAeABOJj6tMHDbb7tkVeMd%2BAUXzy07AjfxpesFcFBe%2B%2BmRunCwcOK%2FLg7Y1eg%3D%3D--00EYVHsPWeQw6JIj--O%2FhXCeHTlvkVSmxWQf6E6g%3D%3D
.firstmind.com/ Name: _ga
Value: GA1.2.1357922577.1718930069
.firstmind.com/ Name: _gid
Value: GA1.2.1624043060.1718930069
.firstmind.com/ Name: _gat_UA-159298891-1
Value: 1
.firstmind.com/ Name: mp_dcae7fb1847570562ac78dfe24a32e32_mixpanel
Value: %7B%22distinct_id%22%3A%20%22%24device%3A190383756c54b1-0998b16da6d74b-26001f51-1d4c00-190383756c54b1%22%2C%22%24device_id%22%3A%20%22190383756c54b1-0998b16da6d74b-26001f51-1d4c00-190383756c54b1%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%7D
.linkedin.com/ Name: li_sugr
Value: 2bef66ce-4edc-48d2-820a-2f39b29eb551
.linkedin.com/ Name: bcookie
Value: "v=2&186d725d-6d69-466b-8bdd-7c0e7df84d36"
.linkedin.com/ Name: lidc
Value: "b=VGST05:s=V:r=V:a=V:p=V:g=3125:u=1:x=1:i=1718930069:t=1719016469:v=2:sig=AQEBQLKn-Sgv2D3lJRzkrC3K5BUEZ6ml"
.firstmind.com/ Name: _ga_38VWFP7P5B
Value: GS1.2.1718930069.1.0.1718930069.0.0.0
.linkedin.com/ Name: UserMatchHistory
Value: AQIKIpmp3z80YwAAAZA4N1dtMW-uaw0KuLihNnKuBei6p7FmV-3AptsUbpVFuuKE3v_bAOvr1E2ZHw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQIl0XvvMcdxhwAAAZA4N1dtRsbyRY0doqbPJgATtSaOh2nzqwjOOcZ8Eamzt-EBr2VpX-X4KcSq2PRikZqDhA
.www.linkedin.com/ Name: bscookie
Value: "v=1&20240621003429496b0bf0-4300-40c4-81f2-e020ea7d711aAQGkbEZJ9dZYix5m3tbIlj65H2gL1vrs"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MTg5MzAwNjk7MjswMjELA0vI9kQlbxepP+P3ar8+SEu+/enU7QlM8nZtkvV4Yw==
m.stripe.com/ Name: m
Value: 2dc3e6c1-5994-4dea-bef6-7cad34984ae151d60e
.zrm.firstmind.com/ Name: __stripe_mid
Value: 00e27363-1f65-4009-b98a-68d5ca2563e6895110
.zrm.firstmind.com/ Name: __stripe_sid
Value: c05fcf6a-0913-4a77-9c1c-35f14d0ec87da7e5c0

1 Console Messages

Source Level URL
Text
rendering warning URL: https://zrm.firstmind.com/login(Line 8)
Message:
The key "target-densitydpi" is not supported.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.mxpnl.com
dua9kq6wryf0d.cloudfront.net
js.stripe.com
ka-f.fontawesome.com
kit.fontawesome.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
snap.licdn.com
www.google-analytics.com
www.googletagmanager.com
www.linkedin.com
zrm.firstmind.com
13.107.42.14
151.101.0.176
151.101.128.176
172.67.139.119
2001:4860:4802:34::36
2001:4860:4802:36::178
2600:1901:0:bc29::
2600:9000:275b:6400:6:2976:df40:21
2606:4700:3034::6815:1adf
2606:4700:4400::ac40:93bc
2620:1ec:21::14
2a00:1450:4001:80b::2008
2a02:26f0:3500:10::210:a99
63.32.161.232
2d084de7700c14a77b82b9aea2e3a7d3ffa67ef7348ade10913e4dfe53b49237
379232ee12764da0d4d0c5cf8222c6d8851f963d29ca0087a833bd239dc59f9f
395e1e13608ef6f630c22329001b619f5434fc1eb6567e8d31f600b0fc3c5cc6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
488698be5a7f2f6e1882efc05a7462c9ae69fef62cf0f0a22610bc172603ea14
52bf038a2ac7ccfd8b3e5ee51e145bb524c9199acd296768224ca6847a459769
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
6df0519902f978ceaea90b59d00bc58f2af638868b24491c69c9fb777b0fc001
6e9b8fbde36cbc9ccd961c14a3809cc6ea76e0a2816f611394b5314ac9b11b24
72c1b84f83b3f46dbe858907079343ef87ca7e28e4c897c5dacd1a924235879e
7c73b8dbf32ff1bedade324cf3273412b42d3d9056aca9ce993eefcd925143f4
8e7d3faa05d0dfdaf76f72f83d23ea96c0083a1ee187ee0bcdd63495380e1556
942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52
9f7b53ce79530d72e4ef24ba01ab78b518b3b84257b7ac8517ac2d6c88797477
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7ab547bdf0056f3d3e66e0c34de84bd08739855b60580af65dbd6413a81c10e
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda