rewind.com Open in urlscan Pro
141.193.213.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://email.rewind.io/e3t/Ctc/5D+113/cQCkJ04/VV-sMs38ht2rW8zS8GW4nSG4hW842MfZ4Q7kc9N1vWRt73hpQwV1-WJV7CgXZQVKLLd_3BzVG...
Effective URL:
https://rewind.com/resources/quickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted/?utm_cam...
Submission: On September 19 via api (September 19th 2022, 3:00:28 pm UTC) from IE — Scanned from DE

Summary HTTP 109 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 36 IPs in 4 countries across 32 domains to perform 109 HTTP transactions. The main IP is 141.193.213.11, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is rewind.com. The Cisco Umbrella rank of the primary domain is 414273.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 23rd 2022. Valid for: a year.

This is the only time rewind.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:2c40::c7... 2606:2c40::c73c:671f	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
20	141.193.213.11 141.193.213.11	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	2a00:1450:400... 2a00:1450:400a:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
2	2a02:26f0:210... 2a02:26f0:2100::58dd:c4ca	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:b949	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	18.66.115.169 18.66.115.169	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:210... 2a02:26f0:2100:29d::f09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:d4cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
17	23.36.163.228 23.36.163.228	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.2.147.16 52.2.147.16	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700::68... 2606:4700::6811:efcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:44b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:83ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:eacc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:bd4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:1f85	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.215.194.110 34.215.194.110	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2014	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2aed	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6811:9d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:d7ed	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9ad8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
109	36

2 2606:2c40::c73c:671f (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

email.rewind.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 141.193.213.11 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

rewind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400a:802::200a (Zurich, Switzerland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:2100::58dd:c4ca (Munich, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b949 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.66.115.169 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-115-169.fra56.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:2100:29d::f09 (Munich, Germany)

ASN20940 (AKAMAI-ASN1, NL)

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:d4cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:246 (United States)

ASN13335 (CLOUDFLARENET, US)

snippet.growsumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 23.36.163.228 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-228.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.2.147.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-147-16.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:efcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:83ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9a55 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:eacc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bd4 (United States)

ASN13335 (CLOUDFLARENET, US)

grsm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1f85 (United States)

ASN13335 (CLOUDFLARENET, US)

partnerlinks.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.215.194.110 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-215-194-110.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

gtm-ga-analytics.nn.r.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2aed (United States)

ASN13335 (CLOUDFLARENET, US)

exceptions.hs-embed-reporting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:9d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:d7ed (United States)

ASN13335 (CLOUDFLARENET, US)

f.hubspotusercontent10.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9ad8 (United States)

ASN13335 (CLOUDFLARENET, US)

6865219.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	rewind.com rewind.com — Cisco Umbrella Rank: 414273	1013 KB
17	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 966	412 KB
11	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 4617 forms.hubspot.com — Cisco Umbrella Rank: 3106 app.hubspot.com — Cisco Umbrella Rank: 5559 track.hubspot.com — Cisco Umbrella Rank: 2260	29 KB
7	segment.com cdn.segment.com — Cisco Umbrella Rank: 1475	76 KB
5	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 7081	265 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2989	40 KB
4	cookiebot.com consent.cookiebot.com — Cisco Umbrella Rank: 4622 consentcdn.cookiebot.com — Cisco Umbrella Rank: 5429	84 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	249 KB
2	appspot.com gtm-ga-analytics.nn.r.appspot.com	553 B
2	partnerlinks.io partnerlinks.io — Cisco Umbrella Rank: 15866	257 B
2	grsm.io grsm.io — Cisco Umbrella Rank: 14488	289 B
2	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4128	176 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4853	46 KB
2	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2138	41 KB
2	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4786	41 KB
2	quora.com q.quora.com — Cisco Umbrella Rank: 2954	838 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	53 KB
2	growsumo.com snippet.growsumo.com — Cisco Umbrella Rank: 32106	5 KB
2	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2212	2 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 128	31 KB
2	gstatic.com fonts.gstatic.com	53 KB
2	rewind.io 1 redirects email.rewind.io	4 KB
1	hubspotusercontent-na1.net 6865219.fs1.hubspotusercontent-na1.net	367 KB
1	hubspotusercontent10.net f.hubspotusercontent10.net — Cisco Umbrella Rank: 34876	7 KB
1	hs-embed-reporting.com exceptions.hs-embed-reporting.com — Cisco Umbrella Rank: 254377	379 B
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105	548 B
1	segment.io api.segment.io — Cisco Umbrella Rank: 1011	170 B
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2156	16 KB
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 6297	147 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1075	44 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 392	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	1 KB
109	32

	Domain	Requested by
20	rewind.com	email.rewind.io rewind.com consent.cookiebot.com
17	analytics.tiktok.com	email.rewind.io analytics.tiktok.com consent.cookiebot.com
7	cdn.segment.com	rewind.com cdn.segment.com
5	static.hsappstatic.net	app.hubspot.com static.hsappstatic.net
3	track.hubspot.com
3	forms.hubspot.com	js.hscollectedforms.net js.hsleadflows.net
3	api.hubspot.com	js.usemessages.com static.hsappstatic.net
3	www.google-analytics.com	www.googletagmanager.com consent.cookiebot.com
3	www.googletagmanager.com	rewind.com www.googletagmanager.com
2	app.hubspot.com	js.usemessages.com static.hsappstatic.net
2	gtm-ga-analytics.nn.r.appspot.com	www.googletagmanager.com
2	region1.google-analytics.com	www.googletagmanager.com
2	partnerlinks.io	snippet.growsumo.com
2	grsm.io	snippet.growsumo.com
2	js.hsleadflows.net	js.hs-scripts.com consent.cookiebot.com
2	js.hscollectedforms.net	js.hs-scripts.com consent.cookiebot.com
2	js.hs-analytics.net	js.hs-scripts.com consent.cookiebot.com
2	js.usemessages.com	js.hs-scripts.com consent.cookiebot.com
2	q.quora.com	rewind.com
2	connect.facebook.net	email.rewind.io consent.cookiebot.com
2	snippet.growsumo.com	email.rewind.io
2	js.hs-scripts.com	www.googletagmanager.com consent.cookiebot.com
2	www.googleadservices.com	www.googletagmanager.com consent.cookiebot.com
2	fonts.gstatic.com	fonts.googleapis.com
2	consentcdn.cookiebot.com	consent.cookiebot.com
2	consent.cookiebot.com	rewind.com consent.cookiebot.com
2	email.rewind.io	1 redirects
1	6865219.fs1.hubspotusercontent-na1.net
1	f.hubspotusercontent10.net
1	exceptions.hs-embed-reporting.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	api.segment.io	cdn.segment.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsforms.net	rewind.com
1	www.googleoptimize.com	rewind.com
1	cdn.jsdelivr.net	rewind.com
1	fonts.googleapis.com	rewind.com
109	37

This site contains links to these domains. Also see Links.

Domain
help.rewind.com
calc.rewind.com
app.rewind.com
www.calmwatersbookkeeping.com
saasyaccountingcoach.com
quickbooks.intuit.com
royalwise.com
security.rewind.com
status.rewind.com
www.facebook.com
www.instagram.com
www.linkedin.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
email.rewind.io Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
rewind.com Cloudflare Inc ECC CA-3	`2022-02-23` - `2023-02-22`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-21` - `2023-04-22`	a year	crt.sh
consent.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-04` - `2023-06-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.segment.com Amazon	`2022-01-12` - `2023-02-10`	a year	crt.sh
*.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-15` - `2023-06-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-28` - `2022-09-26`	3 months	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
*.quora.com R3	`2022-08-21` - `2022-11-19`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
*.segment.io Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.appspot.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-10`	a year	crt.sh
hubspotusercontent-na1.net Cloudflare Inc ECC CA-3	`2022-02-24` - `2023-02-23`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://rewind.com/resources/quickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted/?utm_campaign=qbo_ebook_datasecurity&utm_medium=email&_hsmi=220361614&_hsenc=p2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og&utm_source=drip_campaign
Frame ID: 2C71AB4DDC6DA2F0A8342C067FA2A42B
Requests: 99 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: 9038A4B293F128A49BCC21C4A655B086
Requests: 1 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/6865219/threads/utk/3df23cbfb4be47d0bb28ba6e64b987cf?uuid=2b8cc291940248ed99cd0c23a3c48543&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=rewind.com&inApp53=false&messagesUtk=3df23cbfb4be47d0bb28ba6e64b987cf&url=https%3A%2F%2Frewind.com%2Fresources%2Fquickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted%2F%3Futm_campaign%3Dqbo_ebook_datasecurity%26utm_medium%3Demail%26_hsmi%3D220361614%26_hsenc%3Dp2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og%26utm_source%3Ddrip_campaign&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: 5BEE1C03363290D3A0A95FAD2BD64D9D
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

How Kellie Parks Goes Above and Beyond for Clients | Rewind

Page URL History Show full URLs

https://email.rewind.io/e3t/Ctc/5D+113/cQCkJ04/VV-sMs38ht2rW8zS8GW4nSG4hW842MfZ4Q7kc9N1vWRt73hpQwV1-... Page URL
https://email.rewind.io/events/public/v1/encoded/track/tc/5D+113/cQCkJ04/VV-sMs38ht2rW8zS8GW4nSG4hW8... HTTP 307
https://rewind.com/resources/quickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

109
Requests

100 %
HTTPS

83 %
IPv6

32
Domains

37
Subdomains

36
IPs

4
Countries

3206 kB
Transfer

8902 kB
Size

9
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://help.rewind.com/knowledge
Title: Help Center

Search URL Search Domain Scan URL

URL: https://calc.rewind.com/ecommerce-downtime
Title: Downtime Cost Calculator

Search URL Search Domain Scan URL

URL: https://app.rewind.com/users/sign_in?platform=quickbooks
Title: Sign In

Search URL Search Domain Scan URL

URL: https://app.rewind.com/users/sign_up?platform=quickbooks
Title: Start Your Trial

Search URL Search Domain Scan URL

URL: https://www.calmwatersbookkeeping.com/
Title: Calmwaters Bookkeeping

Search URL Search Domain Scan URL

URL: https://saasyaccountingcoach.com/
Title: SaaSy Accounting Coach

Search URL Search Domain Scan URL

URL: https://quickbooks.intuit.com/ca/
Title: QuickBooks Online

Search URL Search Domain Scan URL

URL: https://royalwise.com/backing-up-quickbooks-online/
Title: Chronobooks and Rewind

Search URL Search Domain Scan URL

URL: https://security.rewind.com/
Title: Data & Security

Search URL Search Domain Scan URL

URL: https://status.rewind.com/
Title: Status

Search URL Search Domain Scan URL

URL: https://help.rewind.com/knowledge/product-changelog
Title: Product Changelog

Search URL Search Domain Scan URL

URL: https://www.facebook.com/rewind.backups

Search URL Search Domain Scan URL

URL: https://www.instagram.com/rewind.backups/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/rewind.io/

Search URL Search Domain Scan URL

URL: https://twitter.com/rewind

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCnkocd_3V3y5CSNzaBXJFzw/videos

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://email.rewind.io/e3t/Ctc/5D+113/cQCkJ04/VV-sMs38ht2rW8zS8GW4nSG4hW842MfZ4Q7kc9N1vWRt73hpQwV1-WJV7CgXZQVKLLd_3BzVG8W81gs_l6C3g6bW4sGtJ-5BFGVJVh6bCR6LRhTmVH93626K8dV7W2wNSsv8r6MLRW1s6DTy2bl9B6W5sPWWQ448vpvW1KYFXP2Yms9QW6t3PZR4nl17FW6kCSJs8MnPRQW3TwQcj5rrRZnN7mFf-ntPV5jW2c_HPC1ZvQ6WW2SV5w03n54RVW39FZX-3gxyPWN1H8xfrpN7BnW2PMGx37703XcV9Wt1q2cNvKSW6Z-Kb73pbX-zMmmt--b6gYhW2Hgk0k3sgjBcW7gybLB5-9BtSN8ng2g-k8FhwW8V1SpQ7MrYt7VRgWB859N1zLW2bGVhV82yhqKW2pYkzH6vn7M7Vr-JhG2fwG9nW7hPnCq1q2TN0339l1 Page URL
https://email.rewind.io/events/public/v1/encoded/track/tc/5D+113/cQCkJ04/VV-sMs38ht2rW8zS8GW4nSG4hW842MfZ4Q7kc9N1vWRt73hpQwV1-WJV7CgXZQVKLLd_3BzVG8W81gs_l6C3g6bW4sGtJ-5BFGVJVh6bCR6LRhTmVH93626K8dV7W2wNSsv8r6MLRW1s6DTy2bl9B6W5sPWWQ448vpvW1KYFXP2Yms9QW6t3PZR4nl17FW6kCSJs8MnPRQW3TwQcj5rrRZnN7mFf-ntPV5jW2c_HPC1ZvQ6WW2SV5w03n54RVW39FZX-3gxyPWN1H8xfrpN7BnW2PMGx37703XcV9Wt1q2cNvKSW6Z-Kb73pbX-zMmmt--b6gYhW2Hgk0k3sgjBcW7gybLB5-9BtSN8ng2g-k8FhwW8V1SpQ7MrYt7VRgWB859N1zLW2bGVhV82yhqKW2pYkzH6vn7M7Vr-JhG2fwG9nW7hPnCq1q2TN0339l1?_ud=111dda74-32fd-4b20-a1f6-6a43d86c8a39&_ch=p&_pr2=p&_pl=3&_lg=en-US,en&_dr=p&_ts=p HTTP 307
https://rewind.com/resources/quickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted/?utm_campaign=qbo_ebook_datasecurity&utm_medium=email&_hsmi=220361614&_hsenc=p2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og&utm_source=drip_campaign Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

109 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VV-sMs38ht2rW8zS8GW4nSG4hW842MfZ4Q7kc9N1vWRt73hpQwV1-WJV7CgXZQVKLLd_3BzVG8W81gs_l6C3g6bW4sGtJ-5BFGVJVh6bCR6LRhTmVH93626K8dV7W2wNSsv8r6MLRW1s6DTy2bl9B6W5sPWWQ448vpvW1KYFXP2Yms9QW6t3PZR4nl17FW6kCSJs8...
email.rewind.io/e3t/Ctc/5D+113/cQCkJ04/ 9 KB
3 KB 205ms
171ms Document
text/html 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://email.rewind.io/e3t/Ctc/5D+113/cQCkJ04/VV-sMs38ht2rW8zS8GW4nSG4hW842MfZ4Q7kc9N1vWRt73hpQwV1-WJV7CgXZQVKLLd_3BzVG8W81gs_l6C3g6bW4sGtJ-5BFGVJVh6bCR6LRhTmVH93626K8dV7W2wNSsv8r6MLRW1s6DTy2bl9B6W5sPWWQ448vpvW1KYFXP2Yms9QW6t3PZR4nl17FW6kCSJs8MnPRQW3TwQcj5rrRZnN7mFf-ntPV5jW2c_HPC1ZvQ6WW2SV5w03n54RVW39FZX-3gxyPWN1H8xfrpN7BnW2PMGx37703XcV9Wt1q2cNvKSW6Z-Kb73pbX-zMmmt--b6gYhW2Hgk0k3sgjBcW7gybLB5-9BtSN8ng2g-k8FhwW8V1SpQ7MrYt7VRgWB859N1zLW2bGVhV82yhqKW2pYkzH6vn7M7Vr-JhG2fwG9nW7hPnCq1q2TN0339l1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
cf-cache-status: MISS
cf-ray: 74d330bc49679b33-FRA
content-encoding: br
content-type: text/html;charset=utf-8
date: Mon, 19 Sep 2022 15:00:20 GMT
last-modified: Mon, 19 Sep 2022 15:00:20 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UCZQeDamC%2FfsH%2BuNvkRhx0gPQPZ%2BO40j%2BkknAN%2BEbiaeR7KOlqA%2FeMI9Hp8pk9JaNpcqjRVAG65xThrNtUzi0%2BE9WD183Rvge6lBR3K0ciBUjLefGcj8uADn4%2Bwim8xwURag7Wir0iEuRYzu7w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-hs-https-only: worker
x-hubspot-correlation-id: 716691bc-7bb4-4e8a-b760-e768c8febfbb
x-robots-tag: none

GET
H2

200

Primary Request / Show response
rewind.com/resources/quickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted/
Redirect Chain

https://email.rewind.io/events/public/v1/encoded/track/tc/5D+113/cQCkJ04/VV-sMs38ht2rW8zS8GW4nSG4hW842MfZ4Q7kc9N1vWRt73hpQwV1-WJV7CgXZQVKLLd_3BzVG8W81gs_l6C3g6bW4sGtJ-5BFGVJVh6bCR6LRhTmVH93626K8dV7...
https://rewind.com/resources/quickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted/?utm_campaign=qbo_ebook_datasecurity&utm_medium=email&_hsmi=220361614&_hsenc=p2ANqtz-9MWsN...

99 KB
24 KB

198ms
171ms

Document
text/html

141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://rewind.com/resources/quickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted/?utm_campaign=qbo_ebook_datasecurity&utm_medium=email&_hsmi=220361614&_hsenc=p2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og&utm_source=drip_campaign

Requested by

Host: email.rewind.io
URL: https://email.rewind.io/e3t/Ctc/5D+113/cQCkJ04/VV-sMs38ht2rW8zS8GW4nSG4hW842MfZ4Q7kc9N1vWRt73hpQwV1-WJV7CgXZQVKLLd_3BzVG8W81gs_l6C3g6bW4sGtJ-5BFGVJVh6bCR6LRhTmVH93626K8dV7W2wNSsv8r6MLRW1s6DTy2bl9B6W5sPWWQ448vpvW1KYFXP2Yms9QW6t3PZR4nl17FW6kCSJs8MnPRQW3TwQcj5rrRZnN7mFf-ntPV5jW2c_HPC1ZvQ6WW2SV5w03n54RVW39FZX-3gxyPWN1H8xfrpN7BnW2PMGx37703XcV9Wt1q2cNvKSW6Z-Kb73pbX-zMmmt--b6gYhW2Hgk0k3sgjBcW7gybLB5-9BtSN8ng2g-k8FhwW8V1SpQ7MrYt7VRgWB859N1zLW2bGVhV82yhqKW2pYkzH6vn7M7Vr-JhG2fwG9nW7hPnCq1q2TN0339l1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

e57d37aeb528f9372cf16cfb91d28c2b2d7d92c1dcb7a0533b4f9f5a2c6d8dd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://email.rewind.io/e3t/Ctc/5D+113/cQCkJ04/VV-sMs38ht2rW8zS8GW4nSG4hW842MfZ4Q7kc9N1vWRt73hpQwV1-WJV7CgXZQVKLLd_3BzVG8W81gs_l6C3g6bW4sGtJ-5BFGVJVh6bCR6LRhTmVH93626K8dV7W2wNSsv8r6MLRW1s6DTy2bl9B6W5sPWWQ448vpvW1KYFXP2Yms9QW6t3PZR4nl17FW6kCSJs8MnPRQW3TwQcj5rrRZnN7mFf-ntPV5jW2c_HPC1ZvQ6WW2SV5w03n54RVW39FZX-3gxyPWN1H8xfrpN7BnW2PMGx37703XcV9Wt1q2cNvKSW6Z-Kb73pbX-zMmmt--b6gYhW2Hgk0k3sgjBcW7gybLB5-9BtSN8ng2g-k8FhwW8V1SpQ7MrYt7VRgWB859N1zLW2bGVhV82yhqKW2pYkzH6vn7M7Vr-JhG2fwG9nW7hPnCq1q2TN0339l1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 74d330befde7923b-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 19 Sep 2022 15:00:21 GMT
last-modified: Thu, 27 Jan 2022 18:25:05 GMT
link: <https://rewind.com/wp-json/>; rel="https://api.w.org/" <https://rewind.com/wp-json/wp/v2/resources/65720>; rel="alternate"; type="application/json" <https://rewind.com/?p=65720>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I8V5l4axrKdPf8k9D9gR1epN15iS6YzZCmjY480DJGXuJ4RRiqzJ43M9Guouskk0%2BiaX85x7vA1O7uGG4VvN%2Bti4c4e8%2BBRXXpz0djQU5zE05UcTpsMDG%2FplyPM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 12
x-cache-group: normal
x-cacheable: SHORT
x-frame-options: SAMEORIGIN
x-powered-by: WP Engine

Redirect headers

access-control-allow-credentials: false
cf-cache-status: MISS
cf-ray: 74d330bd9c119b33-FRA
date: Mon, 19 Sep 2022 15:00:20 GMT
link: <https://rewind.com/resources/quickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted/?utm_campaign=qbo_ebook_datasecurity&utm_medium=email&_hsmi=220361614&_hsenc=p2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og&utm_source=drip_campaign>; rel="canonical"
location: https://rewind.com/resources/quickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted/?utm_campaign=qbo_ebook_datasecurity&utm_medium=email&_hsmi=220361614&_hsenc=p2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og&utm_source=drip_campaign
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5oDqeJ9kW2pMJ7h9P52%2BfSqT4u7QxwYHxZQoUoUS%2FkxAZEBwMsDJCcCyruXLttblf%2Bh%2FX6aH6swNA3NojnCFaKC2ZS3cQuVvuMYWTu7LjfCZmQZ68xgbnwk78z%2B1W28Ft7KAaYKsU5LAGDt65w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-hs-https-only: worker
x-hubspot-correlation-id: 92fd5eab-3575-4543-a5e5-1e96fb1f266d
x-robots-tag: none

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 121ms
47ms Stylesheet
text/css 2a00:1450:400a:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Cabin:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700&display=swap

Requested by

Host: rewind.com
URL: https://rewind.com/resources/quickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted/?utm_campaign=qbo_ebook_datasecurity&utm_medium=email&_hsmi=220361614&_hsenc=p2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og&utm_source=drip_campaign

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:802::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5041aac6891e586a66a3bb115ac5cb23a9b0d2ab1d02518433c15758fefe311e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 15:00:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 19 Sep 2022 15:00:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Sep 2022 15:00:21 GMT

GET
H2 200 /
rewind.com/_static/ 556 KB
75 KB 142ms
140ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://rewind.com/_static/??-eJydjEsOwjAMRC9E6tJKZYU4BOIA+VjBInGqOGnV2xNRWMGKhRfP82ZgnZVNXJALzKF6YgFfGxrMHkyl4MCEZB8qkMk6byBlC9hZkQP86OpFzTm5aouSQA4zgBbBIsDpRtf9xanSnv6x05KMK7FrAlmUr4lyx4gCb+lFn25TIWriLrZrcInn4zSNfX8axuEJVONjoA==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

31cdaecf78ec72e78ed516f4491bcbdbe8de6910a3611bb13d7c542f9c48d9b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/resources/quickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted/?utm_campaign=qbo_ebook_datasecurity&utm_medium=email&_hsmi=220361614&_hsenc=p2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og&utm_source=drip_campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-cacheable: YES:31536000.000
x-powered-by: WP Engine
x-cache: HIT: 8505
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache-group: normal
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 12 Sep 2022 18:27:12 GMT
server: cloudflare
x-page-optimize: cached
etag: W/"5f0b8aa488ab879ff5a4d82bbf2025de-gzip"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7UWfBcW1JI2cDZpXcUx4cu8tQKg8n407qnsjEf86WxH76XlMnLRHvs7wJfJnp50A71S0kdUQPUpLxyTnjWwKDXgYaXF8fDN7NGBkarF2pcWMf99y0bpr1xnNts%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: max-age=31536000, must-revalidate
cf-ray: 74d330c01fbb923b-FRA

GET
H2 200 js.cookie.min.js Show response
cdn.jsdelivr.net/npm/js-cookie@3.0.1/dist/ 2 KB
1 KB 44ms
7ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/js-cookie@3.0.1/dist/js.cookie.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d07dcdbb3ddaba0dda7d56d496cbb5d8fbb1bdadc23f812126d3c4c6ab39e158

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rewind.com/
Origin: https://rewind.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 8957689
x-jsd-version: 3.0.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 823
etag: W/"691-nsW9ygnrEUkpEGcvy0hZTQTrY68"
x-served-by: cache-fra19143-FRA
x-jsd-version-type: version
date: Mon, 19 Sep 2022 15:00:21 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 100 KB
31 KB 85ms
16ms Script
application/javascript 2a02:26f0:2100::58dd:c4ca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js?cbid=9c9b5bfa-8df3-43ff-987b-c5060b8dec11
Requested by: Host: rewind.com
URL: https://rewind.com/resources/quickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted/?utm_campaign=qbo_ebook_datasecurity&utm_medium=email&_hsmi=220361614&_hsenc=p2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og&utm_source=drip_campaign
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2100::58dd:c4ca Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ec0e78ba3786d620f16943844c3da6aac1f029dc4ec6fb35456d019508679ff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:21 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 07:31:36 GMT
etag: "aeea9f60c2b6d81:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=793
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
accept-ranges: bytes
content-length: 31207
expires: Mon, 19 Sep 2022 15:13:34 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 118 KB
44 KB 80ms
39ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-5RPMWFN

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3daf6bcfbcdce1e5e571bac80739b37bf9ee6c1244143afb01f14d647b3276f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:21 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44968
x-xss-protection: 0
expires: Mon, 19 Sep 2022 15:00:21 GMT

GET
H3 200 logo-icons.svg
rewind.com/wp-content/themes/rewind-theme/assets/img/logos/ 20 KB
6 KB 53ms
31ms Image
image/svg+xml 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rewind.com/wp-content/themes/rewind-theme/assets/img/logos/logo-icons.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fef5baa2ae6da90060ccc745a0d788f166d1224b40104a66920772c5a083615d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/resources/quickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted/?utm_campaign=qbo_ebook_datasecurity&utm_medium=email&_hsmi=220361614&_hsenc=p2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og&utm_source=drip_campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4830488
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 25 Jul 2022 16:54:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"62decade-4f77"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3OjAYTAqoUVgaUKYUf8yebE9epdfDfxgyHdTvvCPJMtTLz18tz1lUqq6VyAqofOKxjP3SRlgurS%2FUrMZv%2FtgErGhS5JpNmEBIm4k4v1wPE3z%2BuZ1njSqpubKTJw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 74d330c2a83a68fd-FRA

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 585 KB
147 KB 239ms
33ms Script
application/javascript 2606:4700::6811:b949
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b949 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6390dbf4e23a532fa3efad24c99004e967138772cf0d435bbdeca8bc5f60daa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:21 GMT
via: 1.1 bfc4676044fcc4c0c8e705c71ca51fea.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 251
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cache-tag: staticjsapp-FormsNext-web-prod,staticjsapp-prod
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 12 Sep 2022 01:58:44 UTC
server: cloudflare
etag: W/"f889349e82887a8dc0de8f5ff4475404"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n1V6te7BKKMywuCpimIpWjv4hwiIidYrNnx3JPNncxmxIR80wo0bShm28Bio90exlUPcVfTD5Tu%2BhiFypwDcrqTpxz2IIWPRzDEr3RO68nRcRJoFwnnxr2SX%2B0Ki4QNgyi7vIhFvRM2pTkIs"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: n0sO2MPByZbH.n7MGFzmNFa5l5r50miz
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=300
x-hs-cache-status: HIT
x-amz-cf-pop: IAD55-P5
cf-ray: 74d330c22a366967-FRA
x-amz-cf-id: JCAg7VeLaZ5xmqJlZonSkW94HQ4ZUC21Cwn2V03aX8-JMlifra4JmA==
x-hs-target-asset: FormsNext/static-5.530/bundles/project_with_deps.js

GET
H3 200 / Show response
rewind.com/_static/ 46 KB
14 KB 473ms
472ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://rewind.com/_static/??-eJyVjFsKgCAQAC+UbQ8Q+4gOER0gdIkNW8XVun5CJ+h3Zhh4orKBM3KG6MtBLLDfKqbgis1KPDlMALsIZgEOG60f4lDos+1F3J7SwK9VNQkfYlcDsij1sFxzr/U4mM6Y6QV64zhC

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

d737b8b63ef186afc32474289147d811addb77fbdc135b2c6e0da4c2820a274c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/resources/quickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted/?utm_campaign=qbo_ebook_datasecurity&utm_medium=email&_hsmi=220361614&_hsenc=p2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og&utm_source=drip_campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-cacheable: YES:31536000.000
x-powered-by: WP Engine
x-cache: HIT: 13780
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache-group: normal
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 15 Sep 2022 22:28:09 GMT
server: cloudflare
x-page-optimize: cached
etag: W/"bb85a8733ac7ccca07fe5da316fe7617-gzip"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gr8KPEIO93BWZi7X8qdR653QH%2B65bt2Zaae4UDjLwl1ThpzmqWqVy6EXmLCviY7VfhnTHXLRviOoEGResN%2FfoBVDYFKWoLonj6iC4I4zbg%2FTIiaj27ZwnbAJGfw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 74d330c24f6168fd-FRA

GET
H3 200 bootstrap.bundle-babel.min.js Show response
rewind.com/wp-content/themes/rewind-theme/assets/libraries/bootstrap-5.1.3/dist/js/ 89 KB
26 KB 37ms
36ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://rewind.com/wp-content/themes/rewind-theme/assets/libraries/bootstrap-5.1.3/dist/js/bootstrap.bundle-babel.min.js?ver=6.0.2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

83527037bf4da8286f632b3821b99d87f9dd219fb8e8fa6ab8c39d71f1c3ec59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/resources/quickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted/?utm_campaign=qbo_ebook_datasecurity&utm_medium=email&_hsmi=220361614&_hsenc=p2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og&utm_source=drip_campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 981101
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 17 Feb 2022 23:34:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"620edb8e-165e8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ImPIcjfMyShxC2sEc63j2%2FHNShYAeWLHxoOt2WPk0GHygh5Q4fyxz4AifIlJYCbpZqqSbgdW%2FFczt8EEYf%2FnGQwUfA1xaHwiVnfY3ASbyiflh4JJwnMoIIcJoA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 74d330c27fe968fd-FRA

GET
H3 200 / Show response
rewind.com/_static/ 212 KB
57 KB 436ms
436ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://rewind.com/_static/??-eJyVjEEOwjAMBD9EbEEg9IJ4S9pawlXiVLarfJ8KOHDtbUerGexrmJo4iaO/qJKhUmeZw4cwm5EbFh41K++vdV5JQ4IB4g9g3GQuBJUFFjvh4eSkrZTQNv+bB2uLYc278bWe9XFOKV5v9zhc3uf7U28=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

920cf800cf526e26e6b914d8b86c5bc9b0c6f722fc6863fdec0bf01db32c7df9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/resources/quickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted/?utm_campaign=qbo_ebook_datasecurity&utm_medium=email&_hsmi=220361614&_hsenc=p2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og&utm_source=drip_campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-cacheable: YES:31536000.000
x-powered-by: WP Engine
x-cache: HIT: 3599
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache-group: normal
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 17 Sep 2022 23:29:42 GMT
server: cloudflare
x-page-optimize: cached
etag: W/"22db5ba4c6719cdd4bbb22d5e1bdd9c6-gzip"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PjN47aeGbkzCq6%2FJk3wNoLm9X1oz2N4IefaHhAv6zgWDm6pFzxlaz5aPvMzK%2FXL9vk9rYiWN1MHTauciSkCSUBZk2JR5YhLWMJX15Ud64ROW%2BNyXfasa5VzW8yk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 74d330c27fee68fd-FRA

GET
H3 200 wp-emoji-release.min.js Show response
rewind.com/wp-includes/js/ 18 KB
5 KB 52ms
30ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://rewind.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/resources/quickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted/?utm_campaign=qbo_ebook_datasecurity&utm_medium=email&_hsmi=220361614&_hsenc=p2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og&utm_source=drip_campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 981099
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"62551487-48b9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hv5rvJYpfldrDuscxAqD166Sn%2BUhQ7swyA8OwIApWrwRdJYCW9zEK%2FtPPTVTj%2BZlURr%2FPYrfkPQ%2BF%2FikzlBxmuf8%2BQ2TUGDIsCTTt87nClTQfm%2F9e71u7Hh5Ktw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 74d330c2a83c68fd-FRA

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/HYwfyLI2zHbl6xQrCKevlc97PqmCOw53/ 96 KB
27 KB 64ms
11ms Script
text/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/HYwfyLI2zHbl6xQrCKevlc97PqmCOw53/analytics.min.js
Requested by: Host: rewind.com
URL: https://rewind.com/resources/quickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted/?utm_campaign=qbo_ebook_datasecurity&utm_medium=email&_hsmi=220361614&_hsenc=p2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og&utm_source=drip_campaign
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d863cb29f3a032f2bed79f4424940590c5965a653852296ea6b0d4cadebe3b5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: 8eGimCL6eJUAt_UiHhAGho2aI54wYci1
content-encoding: gzip
etag: W/"db297883a4a93f54fbbe34e90de656c6"
age: 83
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Wed, 31 Aug 2022 18:57:34 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 15:00:21 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: qX4gVst6TrgIYEkbVl5rlo6wDv3GeSGfBiowxOflnNhvbv3QXgvk_w==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 410 KB
98 KB 142ms
80ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N35RHTK

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d5f78a2104ce4fb19c06c12e5f15e0eb18f8221a1becc347d9bb9ec59fc14dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:21 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100263
x-xss-protection: 0
expires: Mon, 19 Sep 2022 15:00:21 GMT

GET
H2 200 configuration.js Show response
consentcdn.cookiebot.com/consentconfig/9c9b5bfa-8df3-43ff-987b-c5060b8dec11/rewind.com/ 3 KB
1 KB 81ms
20ms Script
application/x-javascript 2a02:26f0:2100:29d::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/consentconfig/9c9b5bfa-8df3-43ff-987b-c5060b8dec11/rewind.com/configuration.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=9c9b5bfa-8df3-43ff-987b-c5060b8dec11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2100:29d::f09 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: a3bb862065484f32a642807e3a9aa5b9288eb09ea51692aa3bf6dd8d3b31ed29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:21 GMT
content-encoding: gzip
last-modified: Tue, 06 Sep 2022 00:20:13 GMT
server: AkamaiNetStorage
etag: "0a303f5602c9fcb98a59a9c8fe39d9d0:1662423613.263983"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=34291
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 939
expires: Tue, 20 Sep 2022 00:31:52 GMT

GET
H2 200 cc.js Show response
consent.cookiebot.com/9c9b5bfa-8df3-43ff-987b-c5060b8dec11/ 205 KB
52 KB 92ms
71ms Script
application/x-javascript 2a02:26f0:2100::58dd:c4ca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/9c9b5bfa-8df3-43ff-987b-c5060b8dec11/cc.js?renew=false&referer=rewind.com&dnt=false&init=false&georegions=%5B%7B%22r%22%3A%22at%2Cbe%2Cbg%2Chr%2Ccy%2Ccz%2Cdk%2Cee%2Cfi%2Cfr%2Cde%2Cgr%2Chu%2Cie%2Cit%2Clv%2Clt%2Clu%2Cmt%2Cnl%2Cpl%2Cpt%2Cro%2Csk%2Csl%2Ces%2Cse%2Cgb%22%2C%22i%22%3A%2245b02d7a-e1ba-47f8-ada6-2580bbfaab83%22%7D%5D
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=9c9b5bfa-8df3-43ff-987b-c5060b8dec11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2100::58dd:c4ca Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 72cac3894a1f4b4b2aa713cc8cda2cbf2f75867d97a17f266d962fb4eabd1b2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:21 GMT
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 15:00:21 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private, max-age=1200
content-length: 52480
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef

GET
H2 200 u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
fonts.gstatic.com/s/cabin/v26/ 25 KB
26 KB 95ms
14ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Cabin:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rewind.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 02:58:35 GMT
x-content-type-options: nosniff
age: 216106
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26100
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:41:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Sep 2023 02:58:35 GMT

GET
H3 200 arrow-down.svg
rewind.com/wp-content/themes/rewind-theme/assets/img/ 188 B
675 B 31ms
29ms Image
image/svg+xml 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rewind.com/wp-content/themes/rewind-theme/assets/img/arrow-down.svg

Requested by

Host: rewind.com
URL: https://rewind.com/_static/??-eJydjEsOwjAMRC9E6tJKZYU4BOIA+VjBInGqOGnV2xNRWMGKhRfP82ZgnZVNXJALzKF6YgFfGxrMHkyl4MCEZB8qkMk6byBlC9hZkQP86OpFzTm5aouSQA4zgBbBIsDpRtf9xanSnv6x05KMK7FrAlmUr4lyx4gCb+lFn25TIWriLrZrcInn4zSNfX8axuEJVONjoA==

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a2830f8720e8e8edae581bcc9b95a97d97414fa7d6f83faff6f5679fb0a880d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/_static/??-eJydjEsOwjAMRC9E6tJKZYU4BOIA+VjBInGqOGnV2xNRWMGKhRfP82ZgnZVNXJALzKF6YgFfGxrMHkyl4MCEZB8qkMk6byBlC9hZkQP86OpFzTm5aouSQA4zgBbBIsDpRtf9xanSnv6x05KMK7FrAlmUr4lyx4gCb+lFn25TIWriLrZrcInn4zSNfX8axuEJVONjoA==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 199404
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 29 Aug 2022 17:17:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"630cf4a2-bc"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cl2DsM4DZOm5Y1%2BOozMR%2FEQpGoay1Gwyfohb%2BMzqzEi2KC0pWLTQcGPa0csrFiNP0jaW3y3rczNsg3Mx7bfjcS9t6ORMdw0QDabCkBQ4AnoXSOD6lBD7X1cYXec%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 74d330c308ef68fd-FRA

GET
H3 200 bg-hero-pricing.svg
rewind.com/wp-content/themes/rewind-theme/assets/img/backgrounds/ 1 KB
1 KB 49ms
49ms Image
image/svg+xml 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rewind.com/wp-content/themes/rewind-theme/assets/img/backgrounds/bg-hero-pricing.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

28a10037b5fa4dfef9f5e9068e9d33341a67c673a1663795eef6d2ec12b48c90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/_static/??-eJydjEsOwjAMRC9E6tJKZYU4BOIA+VjBInGqOGnV2xNRWMGKhRfP82ZgnZVNXJALzKF6YgFfGxrMHkyl4MCEZB8qkMk6byBlC9hZkQP86OpFzTm5aouSQA4zgBbBIsDpRtf9xanSnv6x05KMK7FrAlmUr4lyx4gCb+lFn25TIWriLrZrcInn4zSNfX8axuEJVONjoA==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 75111
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 29 Aug 2022 17:17:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"630cf4a9-581"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E7p0pvwGRPNDcSz7WPr2%2BOhSZwBI3K%2FE4bt8cLkvjYh%2FCo3%2FCRqVr0HVpBmam2FaKR755gYBAsXlJqvkDwtq8yjGqvgXdU7ev1NlCTqBBvxzYZLzQQIlZplvpbU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 74d330c3190e68fd-FRA

GET
H2 200 u-4g0qWljRw-Pd815fNqc8T_wAFcX-c37OnuHXg.woff2
fonts.gstatic.com/s/cabin/v26/ 27 KB
27 KB 45ms
27ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cabin/v26/u-4g0qWljRw-Pd815fNqc8T_wAFcX-c37OnuHXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Cabin:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fbad22272f358d3e1a9e09a50761bd38b44cd558e3316d562e33804f9536a54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://rewind.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 23:14:16 GMT
x-content-type-options: nosniff
age: 575165
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27584
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:42:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 23:14:16 GMT

GET
H3 200 97395-kellie-parks-webinar.png
rewind.com/wp-content/uploads/2020/11/ 218 KB
218 KB 20ms
20ms Image
image/webp 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rewind.com/wp-content/uploads/2020/11/97395-kellie-parks-webinar.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

35021b02043f9775121eb5d32005a90882c0487cf1f2c26b07b1d5730aee2486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/resources/quickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted/?utm_campaign=qbo_ebook_datasecurity&utm_medium=email&_hsmi=220361614&_hsenc=p2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og&utm_source=drip_campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 397
cf-polished: origFmt=png, origSize=324568
content-disposition: inline; filename="97395-kellie-parks-webinar.webp"
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 222900
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 11 Aug 2021 17:32:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "61140995-4f3d8"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RL7RPN0JZD57M6ZzmaYS9cevhzjrH6LCfv0sBoFTJ9tPjPK34snbx3W9Z3%2FcgxybQWlEsShJg9kUL08QaXVhGGHZP5P3Czz5vOZTd%2F8wWQ9OE%2FnufJvinyxEk7A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 74d330c389bd68fd-FRA
cf-bgj: imgq:100,h2pri

GET
DATA 200
OK truncated
/ 235 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad25bee723c50b7aa157fae2c483b1b76570055cfcc4cd0afc0058e385a10038

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 check.svg
rewind.com/wp-content/themes/rewind-theme/assets/img/icons/ 264 B
734 B 54ms
53ms Image
image/svg+xml 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rewind.com/wp-content/themes/rewind-theme/assets/img/icons/check.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

450ff1eff2f5157dab62462bcdcfe45e1f8273f630334c43d63769a3eea77f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/_static/??-eJydjEsOwjAMRC9E6tJKZYU4BOIA+VjBInGqOGnV2xNRWMGKhRfP82ZgnZVNXJALzKF6YgFfGxrMHkyl4MCEZB8qkMk6byBlC9hZkQP86OpFzTm5aouSQA4zgBbBIsDpRtf9xanSnv6x05KMK7FrAlmUr4lyx4gCb+lFn25TIWriLrZrcInn4zSNfX8axuEJVONjoA==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7330708
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 16 Jun 2022 17:38:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"62ab6a9f-108"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44zub8hLRK1ch3Y9WATlmILxhHe%2Bsf9fDENCAYv6xbHKy3%2FWCBdEtTmT1s%2FB0EhNnVXGi8DJcZFWN%2FJsv1oKLep6jcYhv4TN3GdpTuHjVHmBtNvj5qMnj586mUU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 74d330c3ea8868fd-FRA

GET
H2 200 bc-v4.min.html Show response
consentcdn.cookiebot.com/sdk/ Frame 9038 627 B
692 B 13ms
13ms Document
text/html 2a02:26f0:2100:29d::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=9c9b5bfa-8df3-43ff-987b-c5060b8dec11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2100:29d::f09 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104

Request headers

Referer: https://rewind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=31363099
content-encoding: gzip
content-length: 392
content-type: text/html
date: Mon, 19 Sep 2022 15:00:21 GMT
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires: Sun, 17 Sep 2023 14:58:40 GMT
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
server-timing: cdn-cache; desc=HIT edge; dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,1

GET
H3 200 get-peace-of-mind-1024x822.png
rewind.com/wp-content/uploads/2020/11/ 480 KB
481 KB 40ms
28ms Image
image/webp 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rewind.com/wp-content/uploads/2020/11/get-peace-of-mind-1024x822.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

beb1326213a3a171bf71bf72efb833891e3b634d91a06dfdc4e9a3f60a50bad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/resources/quickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted/?utm_campaign=qbo_ebook_datasecurity&utm_medium=email&_hsmi=220361614&_hsenc=p2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og&utm_source=drip_campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 374078
cf-polished: origFmt=png, origSize=729839
content-disposition: inline; filename="get-peace-of-mind-1024x822.webp"
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 491810
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 12 Aug 2021 15:49:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6115431b-b22ef"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zjMD1oNnA6MNy82sKaCCzuawFi8tUGr74R65mN5zvTLTMlLe1TXTWyORCiTWjQM3odo4uomJx4MNXvPjJu4Q6MjkKQk6pJG7UhiK9gcYE2v9R5T2WCjHurfRa%2BE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 74d330c45b6568fd-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 facebook.svg
rewind.com/wp-content/uploads/2020/11/ 584 B
885 B 140ms
128ms Image
image/svg+xml 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rewind.com/wp-content/uploads/2020/11/facebook.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

40fe64807d7a8f9a567073b7a65410e71c5d1c17cb23321aa19ee2528bfbb7ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/resources/quickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted/?utm_campaign=qbo_ebook_datasecurity&utm_medium=email&_hsmi=220361614&_hsenc=p2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og&utm_source=drip_campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6214142
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 11 Aug 2021 17:35:44 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61140a70-248"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v4Xpvhoi5mFwYeKHd4ctj4mhanhgzyNFTVEyjkBjYmkbytDUr5NcyqW6JLxAKqVS1Oa7pSBhFJtJjPkmv5FNpvoOrIdye6UrkU%2BK%2FHBvcnsqvKOg0H1NyXgISsU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 74d330c45b6968fd-FRA

GET
H3 200 instagram.svg
rewind.com/wp-content/uploads/2020/11/ 3 KB
2 KB 141ms
129ms Image
image/svg+xml 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rewind.com/wp-content/uploads/2020/11/instagram.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

76174076fe8735bdd902df7a689c118317a6ddfc389354bfb037ce3781058924

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/resources/quickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted/?utm_campaign=qbo_ebook_datasecurity&utm_medium=email&_hsmi=220361614&_hsenc=p2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og&utm_source=drip_campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4331205
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 11 Aug 2021 17:33:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"611409ec-c3a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WomrtjbCNUsTdXz2lYoXXzK3kLN8YNRo8pJXQ1LkffM1TCIAmHQ6qgQtTVmnXM%2FV1JCagzQ8Bx43Q%2FRSs4EhoYVALEB19LT5S56%2FduaDHJJU5UIHdowklHA%2BoYs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 74d330c45b6c68fd-FRA

GET
H3 200 linkedin.svg
rewind.com/wp-content/uploads/2020/11/ 921 B
993 B 142ms
130ms Image
image/svg+xml 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rewind.com/wp-content/uploads/2020/11/linkedin.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3b290acc757a7883a43b7d5ef51f1f7accd0f3447584c86ce4267cd4886e6da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/resources/quickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted/?utm_campaign=qbo_ebook_datasecurity&utm_medium=email&_hsmi=220361614&_hsenc=p2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og&utm_source=drip_campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6214142
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 11 Aug 2021 17:36:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61140ab4-399"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O62S03AToIocyLKpEDGUTE1k8WZAzUHDqefxkVMsBhOnEB8eN4UQPHt4mN8UB1h5PW9p4YysJTYRIH2AK1a5YWaIE2xB5w7adA6%2BIvAMMfmVY55deCVquxD4Doo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 74d330c45b7268fd-FRA

GET
H3 200 twitter.svg
rewind.com/wp-content/uploads/2020/11/ 1 KB
1 KB 147ms
136ms Image
image/svg+xml 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rewind.com/wp-content/uploads/2020/11/twitter.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c9daaada7b450562c65d6f9dcb6ddea787748c54dd518b07b93095400cb1aba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/resources/quickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted/?utm_campaign=qbo_ebook_datasecurity&utm_medium=email&_hsmi=220361614&_hsenc=p2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og&utm_source=drip_campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 374077
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 11 Aug 2021 17:36:53 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61140ab5-531"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dE2Pu8%2FJWhBF7IsrF59Y1f6pDCD16kBnnRHW%2BBuE48iu0EIBGMlT6r5MevPKjBFBmYIO59oVplX7hkOenfrC62S5sFnFIKvXL0UF%2FJyv101rv81OOkTJ0F2BAgU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 74d330c45b7668fd-FRA

GET
H3 200 youtube.svg
rewind.com/wp-content/uploads/2020/11/ 949 B
975 B 148ms
136ms Image
image/svg+xml 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rewind.com/wp-content/uploads/2020/11/youtube.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bc28926fcdb56bce48f629f6cdac59fee1822fe54a50c92f20b5c7ee8a85418

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/resources/quickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted/?utm_campaign=qbo_ebook_datasecurity&utm_medium=email&_hsmi=220361614&_hsenc=p2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og&utm_source=drip_campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6185802
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 11 Aug 2021 17:36:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61140a93-3b5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xif1yYx8WkFBrfPB8oP4AKEyYovTt0X2j%2FoX6YOLvevIa2R%2BbRwJ2Xt3%2FIOK3i8dhzTyOJfY01bJyWSepe5DvO9PCYF12ied9n5Bf6B0K1kiQv0RbTuzgRI98VE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 74d330c45b7868fd-FRA

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/HYwfyLI2zHbl6xQrCKevlc97PqmCOw53/ 1 KB
1 KB 90ms
0ms XHR
application/json 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/HYwfyLI2zHbl6xQrCKevlc97PqmCOw53/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HYwfyLI2zHbl6xQrCKevlc97PqmCOw53/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bdb6d144db3b9a08fea080ab9298d1a7612ec896a7a8e2d90ad61caef1aeab97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: khCLnYPzGSMowi1j3TcPc8ZejmLDQyOO
content-encoding: br
etag: W/"f356dfb6c38ef1f2b95f07b933684641"
age: 8371
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Tue, 14 Jun 2022 14:43:18 GMT
server: AmazonS3
date: Mon, 19 Sep 2022 12:58:45 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
cache-control: public, max-age=10800
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: lS3sRlLMZO_B4p6jK_k1JLlOpjD6p-dU2wMciDMKw0-J5Wtz59Xdag==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 120ms
14ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N35RHTK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6264
date: Mon, 19 Sep 2022 13:15:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 19 Sep 2022 15:15:58 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 173ms
70ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N35RHTK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15697
x-xss-protection: 0
server: cafe
etag: 1764007376392519731
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 19 Sep 2022 15:00:22 GMT

GET
H2 200 6865219.js Show response
js.hs-scripts.com/ 2 KB
930 B 92ms
17ms Script
application/javascript 2606:4700::6811:d4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/6865219.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N35RHTK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e457defed249fdd5e14f6f8b613a6b5a383490ad33226eedad1701497e07ee0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:21 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 10
cf-polished: origSize=2518
x-hubspot-correlation-id: 56fb31b9-ce9d-4042-a5bc-0bf0ed2d32cb
last-modified: Mon, 19 Sep 2022 15:00:11 GMT
server: cloudflare
x-trace: 2B577FEA88B226C09FC1A3A54F057F5FD4341BEE05000000000000000000
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://app.rewind.com
expires: Mon, 19 Sep 2022 15:01:21 GMT
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 74d330c54f229016-FRA
cf-bgj: minify

GET
H2 200 growsumo.min.js Show response
snippet.growsumo.com/ 6 KB
3 KB 126ms
25ms Script
application/javascript 2606:4700::6812:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://snippet.growsumo.com/growsumo.min.js
Requested by: Host: email.rewind.io
URL: https://email.rewind.io/e3t/Ctc/5D+113/cQCkJ04/VV-sMs38ht2rW8zS8GW4nSG4hW842MfZ4Q7kc9N1vWRt73hpQwV1-WJV7CgXZQVKLLd_3BzVG8W81gs_l6C3g6bW4sGtJ-5BFGVJVh6bCR6LRhTmVH93626K8dV7W2wNSsv8r6MLRW1s6DTy2bl9B6W5sPWWQ448vpvW1KYFXP2Yms9QW6t3PZR4nl17FW6kCSJs8MnPRQW3TwQcj5rrRZnN7mFf-ntPV5jW2c_HPC1ZvQ6WW2SV5w03n54RVW39FZX-3gxyPWN1H8xfrpN7BnW2PMGx37703XcV9Wt1q2cNvKSW6Z-Kb73pbX-zMmmt--b6gYhW2Hgk0k3sgjBcW7gybLB5-9BtSN8ng2g-k8FhwW8V1SpQ7MrYt7VRgWB859N1zLW2bGVhV82yhqKW2pYkzH6vn7M7Vr-JhG2fwG9nW7hPnCq1q2TN0339l1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0be9c85966eeed0b1af9a530e56d8b0ba5cfe2c46d293f4c77b66ddbe9be3d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74d330c578999253-FRA
date: Mon, 19 Sep 2022 15:00:22 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 14 Sep 2022 17:43:45 GMT
server: cloudflare
age: 51
etag: W/"632212d1-18b1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
content-encoding: br
expires: Mon, 19 Sep 2022 19:00:22 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 293ms
19ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26839
x-xss-protection: 0
pragma: public
x-fb-debug: jIqlyjjXM1//G2Ia7u0AQgjs1BEEXCUV11CYOe/4oMTt360XPO2hl7+uPT4bQTeC6+CjdcqlMEuUpLsDu8XfEA==
x-fb-trip-id: 720026100
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 19 Sep 2022 15:00:22 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 126 KB
38 KB 213ms
138ms Script
application/javascript 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBLVHNRC77U40OTQSTB0&lib=ttq
Requested by: Host: email.rewind.io
URL: https://email.rewind.io/e3t/Ctc/5D+113/cQCkJ04/VV-sMs38ht2rW8zS8GW4nSG4hW842MfZ4Q7kc9N1vWRt73hpQwV1-WJV7CgXZQVKLLd_3BzVG8W81gs_l6C3g6bW4sGtJ-5BFGVJVh6bCR6LRhTmVH93626K8dV7W2wNSsv8r6MLRW1s6DTy2bl9B6W5sPWWQ448vpvW1KYFXP2Yms9QW6t3PZR4nl17FW6kCSJs8MnPRQW3TwQcj5rrRZnN7mFf-ntPV5jW2c_HPC1ZvQ6WW2SV5w03n54RVW39FZX-3gxyPWN1H8xfrpN7BnW2PMGx37703XcV9Wt1q2cNvKSW6Z-Kb73pbX-zMmmt--b6gYhW2Hgk0k3sgjBcW7gybLB5-9BtSN8ng2g-k8FhwW8V1SpQ7MrYt7VRgWB859N1zLW2bGVhV82yhqKW2pYkzH6vn7M7Vr-JhG2fwG9nW7hPnCq1q2TN0339l1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b99178c5da6ff4d7f612c2c76c390f0a6485f16d87214aca7bca276aaebb86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 15:00:22 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20220919150022E3377130149321A7B69A
vary: Accept-Encoding
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 100,23.36.161.200
x-tt-trace-host: 01cd9429aad5108ee097be71236d923404e6e7f8722db1c17a5a3886d8d6dd735c5f784826b324957eff8077e5ec169766d1ed279a73225831f8dd36c207261fde20e9991dc8f2e2237e8cef122731f9ec
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=100
x-akamai-request-id: 52304a4a
expires: Mon, 19 Sep 2022 15:00:22 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 140 KB
40 KB 221ms
146ms Script
application/javascript 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBM5CGJC77UFPP3IGL5G&lib=ttq
Requested by: Host: email.rewind.io
URL: https://email.rewind.io/e3t/Ctc/5D+113/cQCkJ04/VV-sMs38ht2rW8zS8GW4nSG4hW842MfZ4Q7kc9N1vWRt73hpQwV1-WJV7CgXZQVKLLd_3BzVG8W81gs_l6C3g6bW4sGtJ-5BFGVJVh6bCR6LRhTmVH93626K8dV7W2wNSsv8r6MLRW1s6DTy2bl9B6W5sPWWQ448vpvW1KYFXP2Yms9QW6t3PZR4nl17FW6kCSJs8MnPRQW3TwQcj5rrRZnN7mFf-ntPV5jW2c_HPC1ZvQ6WW2SV5w03n54RVW39FZX-3gxyPWN1H8xfrpN7BnW2PMGx37703XcV9Wt1q2cNvKSW6Z-Kb73pbX-zMmmt--b6gYhW2Hgk0k3sgjBcW7gybLB5-9BtSN8ng2g-k8FhwW8V1SpQ7MrYt7VRgWB859N1zLW2bGVhV82yhqKW2pYkzH6vn7M7Vr-JhG2fwG9nW7hPnCq1q2TN0339l1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1cedb5111627fd56484e69f8afea380fa83ecf77bf3cbbbdef86be56b0271b2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-akamai-request-id: 4cf5b2c.52304a6b
date: Mon, 19 Sep 2022 15:00:22 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-7.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-parent-response-time: 105,23.36.161.200
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=17, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 20220919150022B844BB6DF1B2FDDA84FF
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 17,23.220.104.7
x-tt-trace-host: 01cd9429aad5108ee097be71236d923404afbf58bb47626af9320ad6728f6d8267bc4b99f0bd55d660984a333a0bd58cbb1d707907a6364a5b84fc679d71082bfa334724cf7a2541d3f9e8f0c9e888105480e109aab7d5b0f0517f7d8e9d569f9b
expires: Mon, 19 Sep 2022 15:00:22 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 126 KB
37 KB 207ms
137ms Script
application/javascript 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBP6LCJC77U40OTR2F7G&lib=ttq
Requested by: Host: email.rewind.io
URL: https://email.rewind.io/e3t/Ctc/5D+113/cQCkJ04/VV-sMs38ht2rW8zS8GW4nSG4hW842MfZ4Q7kc9N1vWRt73hpQwV1-WJV7CgXZQVKLLd_3BzVG8W81gs_l6C3g6bW4sGtJ-5BFGVJVh6bCR6LRhTmVH93626K8dV7W2wNSsv8r6MLRW1s6DTy2bl9B6W5sPWWQ448vpvW1KYFXP2Yms9QW6t3PZR4nl17FW6kCSJs8MnPRQW3TwQcj5rrRZnN7mFf-ntPV5jW2c_HPC1ZvQ6WW2SV5w03n54RVW39FZX-3gxyPWN1H8xfrpN7BnW2PMGx37703XcV9Wt1q2cNvKSW6Z-Kb73pbX-zMmmt--b6gYhW2Hgk0k3sgjBcW7gybLB5-9BtSN8ng2g-k8FhwW8V1SpQ7MrYt7VRgWB859N1zLW2bGVhV82yhqKW2pYkzH6vn7M7Vr-JhG2fwG9nW7hPnCq1q2TN0339l1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b99178c5da6ff4d7f612c2c76c390f0a6485f16d87214aca7bca276aaebb86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-akamai-request-id: a5bf44d.52304a79
date: Mon, 19 Sep 2022 15:00:22 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-parent-response-time: 92,23.36.161.200
server-timing: cdn-cache; desc=MISS, edge; dur=86, origin; dur=6, inner; dur=4
pragma: no-cache
server: nginx
x-tt-logid: 202209191500224DC1C563B8A91EC43147
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.220.104.8
x-tt-trace-host: 01cd9429aad5108ee097be71236d923404afbf58bb47626af9320ad6728f6d8267de2bc5cffdfefdfb27325a3b48cbec6485a4ba58908b083f2d6ae2de005caa313deb3db384208bd7f92789da3c39c4d46b00a30737792e76e00892750ec15321
expires: Mon, 19 Sep 2022 15:00:22 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
74 KB 90ms
36ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JN2R9DMY13&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N35RHTK

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ac6105c92d4caecc12a7ea6d383989441b930383e6d0518fecc1b7c1fb39a76a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:22 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75737
x-xss-protection: 0
expires: Mon, 19 Sep 2022 15:00:22 GMT

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/b41ad5f0f9024e029c7e768cd0f52245/ 43 B
419 B 469ms
96ms Image
image/gif 52.2.147.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/b41ad5f0f9024e029c7e768cd0f52245/pixel?tag=Generic&i=gtm&u=https%3A%2F%2Frewind.com%2Fresources%2Fquickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted%2F%3Futm_campaign%3Dqbo_ebook_datasecurity%26utm_medium%3Demail%26_hsmi%3D220361614%26_hsenc%3Dp2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og%26utm_source%3Ddrip_campaign

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.2.147.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-2-147-16.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 15:00:22 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,b8d0816e1539c07b7799d63072564793,10.0.0.247,55566,37.58.57.2,,62111097136,1,1663599622.343,0.002,,.,0,0,0.000,0.004,-,0,0,197,201,100,10,35796,,,,,,-,
Content-Type: image/gif

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/b41ad5f0f9024e029c7e768cd0f52245/ 43 B
419 B 466ms
99ms Image
image/gif 52.2.147.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/b41ad5f0f9024e029c7e768cd0f52245/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Frewind.com%2Fresources%2Fquickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted%2F%3Futm_campaign%3Dqbo_ebook_datasecurity%26utm_medium%3Demail%26_hsmi%3D220361614%26_hsenc%3Dp2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og%26utm_source%3Ddrip_campaign

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.2.147.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-2-147-16.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 15:00:22 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,b4b7cab7a74c3e9695820ff27af00694,10.0.0.247,55574,37.58.57.2,,62111097148,1,1663599622.345,0.001,,.,0,0,0.000,0.000,-,0,0,197,219,109,10,35796,,,,,,-,
Content-Type: image/gif

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
77 KB 89ms
43ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-69QTZH866S&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N35RHTK

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d04d3da0f200f9fa991389e4522c8ccd50bcd22ec29f2ceff218bece651c0215

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:22 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78512
x-xss-protection: 0
expires: Mon, 19 Sep 2022 15:00:22 GMT

GET
H2 200 870.bundle.323974846b6d45afb45e.js Show response
cdn.segment.com/analytics-next/bundles/ 17 KB
5 KB 8ms
7ms Script
application/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/870.bundle.323974846b6d45afb45e.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HYwfyLI2zHbl6xQrCKevlc97PqmCOw53/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 85fa85cbca5efaa81351f2e9b1e8e53916644bff91da6ffc762a151247501ebc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 01:38:35 GMT
content-encoding: br
vary: Accept-Encoding
age: 2035308
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Fri, 26 Aug 2022 03:04:21 GMT
server: AmazonS3
etag: W/"d471f2a8b801a51bbc09c91b3f90b749"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: qltndKW7QqDrf8ZSZrei2HuGEvEC2x.O
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: bghRi0gfwxsKeLaNeTYyebwgOV2G-AVA3Umonu20TZCTfzir0lhbQw==

GET
H2 200 ajs-destination.bundle.35a8f6f19959bf2f455f.js Show response
cdn.segment.com/analytics-next/bundles/ 10 KB
4 KB 9ms
9ms Script
application/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.35a8f6f19959bf2f455f.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HYwfyLI2zHbl6xQrCKevlc97PqmCOw53/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9abdea148f6bb2fd5f4d3a947661b46f077584cfc3691deb29fa7cb25d2e00a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 06:12:31 GMT
content-encoding: br
vary: Accept-Encoding
age: 1586871
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Tue, 30 Aug 2022 21:47:48 GMT
server: AmazonS3
etag: W/"e0f89f667fb8d2b50aa8e29a86a4c9b1"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: 1ps0Y.cQfeUJnD6vrqu.rtfMUGfr8v9x
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: MThY5cQPPmM4zN9Mz3EiO8i6cEm3PhcMwcKAnhC4M6NfxP-V7SmzaA==

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 73 KB
21 KB 73ms
21ms Script
application/javascript 2606:4700::6811:efcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6865219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:efcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc3b175c482f1f54f77d4ccad5366704cc4b0daa2a88e653f509fe88a92c53e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:22 GMT
via: 1.1 c4d4830011182f83b2b9a1cf8045a2b2.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 449
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.10632/bundles/project.js&cfRay=74d325d08f098ff8-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Mon, 22 Aug 2022 02:10:32 UTC
server: cloudflare
etag: W/"be054c0d1ce8e9f928e051e15475d755"
vary: Accept-Encoding
x-amz-version-id: 3C1npQH0ys7YIJipkKSW0mB3OJD1A1US
cache-control: max-age=600
x-hs-cache-status: MISS
x-amz-cf-pop: IAD55-P5
cf-ray: 74d330c6cfd8bbd9-FRA
x-amz-cf-id: 4_GKaDQ_emCUfE6tM25cElAX4OCTFE7oDBrdJUTlEOe5bOqupPC_Qg==
x-hs-target-asset: conversations-embed/static-1.10632/bundles/project.js

GET
H2 200 6865219.js Show response
js.hs-analytics.net/analytics/1663599600000/ 65 KB
21 KB 210ms
160ms Script
text/javascript 2606:4700::6811:44b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1663599600000/6865219.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6865219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b99bb947bc19ef0f4b3b4b95018d3a5e9c34bc3d85fe3843a64bcec94947ffa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:22 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: Q7CHR8E5FMC5C0F8
x-amz-server-side-encryption: AES256
cf-ray: 74d330c6bd5f8ff4-FRA
x-amz-id-2: IQx7z2aAqAcVKsfiipam+/5jqwz8k4zyKPoFWqi/lUqS+Zkyp5aapocJriRHMxRIoeEV5o5Z6EY=
last-modified: Tue, 06 Sep 2022 20:54:40 GMT
server: cloudflare
etag: W/"4ce574597c13d89f2bd8fd1d04f0bbbe"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Mon, 19 Sep 2022 15:05:22 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 65 KB
23 KB 79ms
29ms Script
application/javascript 2606:4700::6811:83ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6865219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:83ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5678810bf1c13d60bc4d55a3ca96c163ffc01f865c4e4a64001fc32ffcd367cb

Request headers

Referer: https://rewind.com/
Origin: https://rewind.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:22 GMT
via: 1.1 6cf4081c1099e7ccfdba44532a13bc54.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 22709
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.292/bundles/project.js&cfRay=74d1065d1cbc9bd0-FRA
x-cache: Miss from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 74d330c6cdf69182-FRA
last-modified: Tue, 13 Sep 2022 10:41:10 UTC
server: cloudflare
etag: W/"7a468b833be86c01bc8dfd455308f792"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: 5afLcxIjU5LfvvyyfvxzjsWXufXHSL1t
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD55-P5
content-type: application/javascript; charset=utf-8
x-amz-cf-id: YXJDOh39c_4RJxM0AV4SJWvLvJ2LiBizA2hmLWBcjVFltJpJ-3TgsA==
x-hs-target-asset: collected-forms-embed-js/static-1.292/bundles/project.js

GET
H2 200 6865219.js Show response
js.hs-banner.com/ 62 KB
16 KB 470ms
420ms Script
text/javascript 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/6865219.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6865219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f197e930b4b8bc074e6130dab0db7c376cfea5f92808cf7f3a5c44b48606f3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:22 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: BZNGF3GVKXQ9JQ8F
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: xlasDDRqsfTcyBDDhYXcoQrhME6HTbd9duCcmzm4GHp/vi2Km8clxa8xD2YR5woUyTif2hvGy78=
timing-allow-origin: *
last-modified: Tue, 06 Sep 2022 20:54:38 GMT
server: cloudflare
etag: W/"e933ad6f33223bb433e28f9e92d3c58c"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: rmvl7V9wWr4enH9uVWHO1Ec4EyAC1eMI
access-control-allow-origin: https://app.rewind.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 74d330c6c80b9136-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Mon, 19 Sep 2022 15:05:22 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 548 KB
88 KB 80ms
30ms Script
application/javascript 2606:4700::6811:eacc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6865219.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eacc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf3a88c35bdc16d97403947a9f9188faf13af9a6776529a422286716605d5fee

Request headers

Referer: https://rewind.com/
Origin: https://rewind.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:22 GMT
via: 1.1 0cb8928139de73eb220c70ed65a3d18a.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 15456
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1110/bundle/main/lead-flows-release.js&cfRay=74d1b772ae839006-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 74d330c6cb02bbbf-FRA
last-modified: Tue, 06 Sep 2022 03:53:55 UTC
server: cloudflare
etag: W/"6ec4f161716a8da5c8c95cda1e89dc05"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
x-amz-version-id: Ur8e8LShl3Q9Sr_qgQx0CQrFz7yEnpM5
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD55-P5
content-type: application/javascript; charset=utf-8
x-amz-cf-id: YUpwy5OgCS7Wloe8xyABVcr5RVK4ba7MpKCAF-rfwlYvC81k4E9SLw==
x-hs-target-asset: lead-flows-js/static-1.1110/bundle/main/lead-flows-release.js

GET
H2 200 pk_ncC00F1rGTjPd5mSvuchDbYjON9wb3Am Show response
grsm.io/pr/gpk/ 0
229 B 171ms
123ms XHR
text/plain 2606:4700::6812:bd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://grsm.io/pr/gpk/pk_ncC00F1rGTjPd5mSvuchDbYjON9wb3Am
Requested by: Host: snippet.growsumo.com
URL: https://snippet.growsumo.com/growsumo.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="This is not a P3P policy! See our docs for more info."
access-control-allow-origin: https://rewind.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 74d330c6c8b25c80-FRA
content-type: text/plain; charset=utf-8
content-length: 0

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 102ms
101ms Script
application/javascript 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBP6LCJC77U40OTR2F7G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-akamai-request-id: 69533b01.52304fb5
date: Mon, 19 Sep 2022 15:00:22 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-221-239-61.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-parent-response-time: 93,23.36.161.200
server-timing: cdn-cache; desc=MISS, edge; dur=82, origin; dur=11, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 20220919150022F60D535362207BC9E747
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 11,23.221.239.61
x-tt-trace-host: 01cd9429aad5108ee097be71236d923404afbf58bb47626af9320ad6728f6d8267cfc73e2732eb8a2e2c3a84a96e257dbf990cef97347b82ddbb7b3ad29d779ff44d97b15f9796aba084105fb71256ba9ef1deacf7769189b4bfffcdd3585c0ef6
expires: Mon, 19 Sep 2022 15:00:22 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 58 KB
20 KB 114ms
114ms Script
application/javascript 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=CBLVHNRC77U40OTQSTB0&hostname=rewind.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBP6LCJC77U40OTR2F7G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d39d1b72e04560ab4f1d103af0b7820973caf0a3226a89bbf1b7d82e7dcead55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-akamai-request-id: 78fb8bb1.523050c7
date: Mon, 19 Sep 2022 15:00:22 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-15.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-parent-response-time: 106,23.36.161.200
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=19, inner; dur=16
pragma: no-cache
server: nginx
x-tt-logid: 20220919150022EDCBA53D2D35FCCA97F1
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 19,23.220.104.15
x-tt-trace-host: 01cd9429aad5108ee097be71236d923404afbf58bb47626af9320ad6728f6d8267264f59b8a5114f49c947ddbd54f2f67869d4d69d10f226bb816235ef106bc18e038c9968b3a3c47a47c814d3734e8fed579cdb7fe3fdb26b2308005781a419a5
expires: Mon, 19 Sep 2022 15:00:22 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 58 KB
20 KB 109ms
109ms Script
application/javascript 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=CBM5CGJC77UFPP3IGL5G&hostname=rewind.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBP6LCJC77U40OTR2F7G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7190f8d0ed177455772e4df792d2bddc10df37bc4e0ed13f247cfc9439190c8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 15:00:22 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20220919150022D4408779E0FA2AB2CD57
vary: Accept-Encoding
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 99,23.36.161.200
x-tt-trace-host: 01cd9429aad5108ee097be71236d923404e6e7f8722db1c17a5a3886d8d6dd735c6414f978ffbac7af8e08cacccbe375b8c9ded5ce1367c44755946f2cd0aadea270a3897063831220a4e59f08f16b9d18
server-timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=2, origin; dur=98
x-akamai-request-id: 523050ce
expires: Mon, 19 Sep 2022 15:00:22 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 58 KB
20 KB 111ms
111ms Script
application/javascript 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=CBP6LCJC77U40OTR2F7G&hostname=rewind.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBP6LCJC77U40OTR2F7G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: afe084fa5f65a8f7d14eed7059d69e27dabaa32d1d370f389c298992b2de8c90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-akamai-request-id: 523050d4
date: Mon, 19 Sep 2022 15:00:22 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=99
content-length: 19510
pragma: no-cache
server: nginx
x-tt-logid: 20220919150022E3377130149321A7B6C1
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 99,23.36.161.200
x-tt-trace-host: 01cd9429aad5108ee097be71236d923404e6e7f8722db1c17a5a3886d8d6dd735c5f784826b324957eff8077e5ec169766353adc4d5f6679de15dd0027668b3a868fcc16cc7f2356436d42bb15e85e3fe6
expires: Mon, 19 Sep 2022 15:00:22 GMT

GET
H2 200 pk_ncC00F1rGTjPd5mSvuchDbYjON9wb3Am Show response
partnerlinks.io/pr/gpk/ 0
198 B 185ms
63ms XHR
text/plain 2606:4700::6812:1f85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://partnerlinks.io/pr/gpk/pk_ncC00F1rGTjPd5mSvuchDbYjON9wb3Am
Requested by: Host: snippet.growsumo.com
URL: https://snippet.growsumo.com/growsumo.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:22 GMT
content-type: text/plain; charset=utf-8
server: cloudflare
vary: Accept-Encoding
p3p: CP="This is not a P3P policy! See our docs for more info."
access-control-allow-origin: https://rewind.com
access-control-allow-credentials: true
cf-ray: 74d330c86c058fe6-FRA
content-length: 0

GET
H2 200 schemaFilter.bundle.debb169c1abb431faaa6.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 7ms
7ms Script
application/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HYwfyLI2zHbl6xQrCKevlc97PqmCOw53/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 30 Jul 2022 15:59:56 GMT
content-encoding: br
vary: Accept-Encoding
age: 4402827
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Thu, 28 Jul 2022 21:17:25 GMT
server: AmazonS3
etag: W/"3e448afdfea355c0f19700d04431ce7d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: bdGJW00hoMEULfpND6wyp6DIUgkdrIDO
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: vKC0l6GRJ3XDxN7ebIs19KlKFs5Fx8RPf5IKFdpXVfl2T9UUDFVq5g==

GET
H3 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
3 KB 205ms
195ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=6865219&conversations-embed=static-1.10632&mobile=false&messagesUtk=3df23cbfb4be47d0bb28ba6e64b987cf&traceId=3df23cbfb4be47d0bb28ba6e64b987cf

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3892a67c0c01c1db7702b04f4013f1de390c4ae24989801fd7d4b21c3635b2a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Referer: https://rewind.com/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://rewind.com/resources/quickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted/?utm_campaign=qbo_ebook_datasecurity&utm_medium=email&_hsmi=220361614&_hsenc=p2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og&utm_source=drip_campaign

Response headers

date: Mon, 19 Sep 2022 15:00:22 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: ccd74d35-fee1-4ee4-af32-bb35faf544bd
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1678
server: cloudflare
x-trace: 2B7355B5C4915B1DCA9BD99C4A92F3BC79767EDFCB000000000000000000
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MR5MDc3ZTnDcBxd5mFHapcq4mNUIPPXcsNZVE4EGHPMcFxyiNH4AUlIXwDM3WmU6fOeBFN0t9WyPsNMq9hYx94sUzVpqOVmaBwPeH5HAUy%2FF7NvJWqEfdxx8UQ%2FSEBXjbiuGT6lWgcBUfoOTHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://rewind.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 74d330c98e2a694f-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
1023 B 158ms
127ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=6865219&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be9a98f4de67bcb98e6062b7f323697e9a55a2ae8a4a9a1b4c6ea004487fe3a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://rewind.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:22 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 65ef832d-340a-434e-b408-33e1b5a5f1cc
cf-ray: 74d330c87b799b1c-FRA
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ecpydKN5Refqjx8mgike%2FyIGGX98S83PAiVdIfnsENMttbD30RSKQqRVI1UjhPtDBbz%2BwnFhJOIccWm6tu%2FssnWH0owAFPdPnEo9ZMouNZQocOUg4xUEfKJDORvIC40RGjeE%2FSTEJz12hOPNmxQR"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://rewind.com
access-control-allow-credentials: false
x-robots-tag: none
access-control-allow-headers: *

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 233ms
151ms Preflight
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://rewind.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://rewind.com
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74d330c889be9030-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Mon, 19 Sep 2022 15:00:22 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBEUroFQQ22iJrvoFlbNExHEpCcGm9kvxbYuu9lbr0AB3bU3Np%2FCBn2XVQ5lIunXCyHVIEBPMHNVVOHaFDg%2BQzgFC1QuNJr3PZ3Igg9NX4WC%2FWfcVYieFLwtcInPBdTukJ00C5mWqluaBnVyfg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-hubspot-correlation-id: 5b45a32f-1606-4ca2-8bc5-d2c18e9b3069
x-trace: 2B27658D50208B32F543A968B662D638CEBFD2D0CF000000000000000000

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
547 B 137ms
136ms Ping
application/octet-stream 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBP6LCJC77U40OTR2F7G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rewind.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 15:00:22 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202209191500223867C99DE3116DC70D8D
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 105,23.36.161.200
x-tt-trace-host: 01cd9429aad5108ee097be71236d923404e6e7f8722db1c17a5a3886d8d6dd735c399e23910f869c2eb5f1e79884cf7bc2642a5d18014d20c963730e134ae1b6a2b05fb2eeb2a45dd5d50557b0f79b7c61
server-timing: inner; dur=10, cdn-cache; desc=MISS, edge; dur=1, origin; dur=105
x-akamai-request-id: 52305510
content-length: 0
expires: Mon, 19 Sep 2022 15:00:22 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
548 B 125ms
125ms Ping
application/octet-stream 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBP6LCJC77U40OTR2F7G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rewind.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 15:00:22 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202209191500226D8DC4335742FDADBD3F
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 109,23.36.161.200
x-tt-trace-host: 01cd9429aad5108ee097be71236d923404e6e7f8722db1c17a5a3886d8d6dd735ce6425ad994e936171fd2325500b15c79a4a52823974af35e8baae1e063f8f1478a8fbfaff9ff8ea212bf9c7f09fbd1c4
server-timing: inner; dur=14, cdn-cache; desc=MISS, edge; dur=1, origin; dur=109
x-akamai-request-id: 52305519
content-length: 0
expires: Mon, 19 Sep 2022 15:00:22 GMT

GET
H2 200 visual-tagger.dynamic.js.gz Show response
cdn.segment.com/next-integrations/integrations/visual-tagger/0.3.5/ 45 KB
16 KB 16ms
16ms Script
application/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/visual-tagger/0.3.5/visual-tagger.dynamic.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HYwfyLI2zHbl6xQrCKevlc97PqmCOw53/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 213b92e8b230c5327f5c082e8fee902c2774a99ba8dea84404b122f3b1c1bce8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 14:26:16 GMT
content-encoding: gzip
age: 1038846
x-cache: Hit from cloudfront
content-length: 15523
access-control-allow-origin: *
last-modified: Mon, 08 Aug 2022 17:49:06 GMT
server: AmazonS3
etag: "46f80eb90165b4dcb3e9b4514e043444"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: YIYHAzTMctMt40U88fr0m_cUukJo_9Rt
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: LzZak_EMtER5cBojgpbmvA39BYeskBREbfWuAhodnqnkwdOTqKgQnw==

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
686 B 113ms
112ms Ping
application/octet-stream 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBP6LCJC77U40OTR2F7G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rewind.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 4cee2fc.5230557b
date: Mon, 19 Sep 2022 15:00:22 GMT
x-cache-remote: TCP_MISS from a23-220-104-7.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-parent-response-time: 105,23.36.161.200
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=18, inner; dur=12
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20220919150022EEB101312A1250BF58ED
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 18,23.220.104.7
x-tt-trace-host: 01cd9429aad5108ee097be71236d923404afbf58bb47626af9320ad6728f6d826757e607f59ffdcd11131283f5853540856197c3b2dd710debaed7af5a103ea7c745f95d32012ce67f35740a85cd2e1a0b12e769e6431dfc27ece047e7baf6f1d0
expires: Mon, 19 Sep 2022 15:00:22 GMT

GET
H2 200 commons.54701049fd6fb8497e9e.js.gz Show response
cdn.segment.com/next-integrations/integrations/vendor/ 73 KB
22 KB 10ms
9ms Script
application/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.54701049fd6fb8497e9e.js.gz
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HYwfyLI2zHbl6xQrCKevlc97PqmCOw53/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e79b59c22ca684f9de8a73d41964f0c80ee9ca68713f35c33ad4fccf8cf64ffa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 12:27:11 GMT
content-encoding: gzip
age: 700392
x-cache: Hit from cloudfront
content-length: 22174
access-control-allow-origin: *
last-modified: Wed, 07 Sep 2022 16:00:53 GMT
server: AmazonS3
etag: "7741fd16ad2418cd17ab981f8207b106"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: R2df6m5bWpTPlsiS_YedfUdpNutqbr9x
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,immutable
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: iuiZ7O_nPV8zOYkoUCVx51S4cAiuOiMO-Nt_eVSCh5SpMXXeAa5AqQ==

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
170 B 520ms
170ms Fetch
application/json 34.215.194.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/HYwfyLI2zHbl6xQrCKevlc97PqmCOw53/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.215.194.110 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-215-194-110.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://rewind.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://rewind.com
date: Mon, 19 Sep 2022 15:00:23 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H3 200 / Show response
rewind.com/_static/ 46 KB
14 KB 139ms
138ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://rewind.com/_static/??-eJyVjFsKgCAQAC+UbQ8Q+4gOER0gdIkNW8XVun5CJ+h3Zhh4orKBM3KG6MtBLLDfKqbgis1KPDlMALsIZgEOG60f4lDos+1F3J7SwK9VNQkfYlcDsij1sFxzr/U4mM6Y6QV64zhC

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=9c9b5bfa-8df3-43ff-987b-c5060b8dec11

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

d737b8b63ef186afc32474289147d811addb77fbdc135b2c6e0da4c2820a274c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/resources/quickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted/?utm_campaign=qbo_ebook_datasecurity&utm_medium=email&_hsmi=220361614&_hsenc=p2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og&utm_source=drip_campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-cacheable: YES:31536000.000
x-powered-by: WP Engine
x-cache: HIT: 13781
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache-group: normal
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 15 Sep 2022 22:28:09 GMT
server: cloudflare
x-page-optimize: cached
etag: W/"bb85a8733ac7ccca07fe5da316fe7617-gzip"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QtNRVXrfMQDnx4%2FMW4tnCe0NW4TeZgnVqmQJEOrHe4GwtibkFTLty%2F6crcdO3DgMD2OaVCW6NegVUeIdMYQuwR%2F2oRnlmAlP%2BtY%2BLIUwOJqq%2B%2Fq%2Bm77h7pVzcjg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 74d330c99c6c68fd-FRA

POST
H2 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
548 B 83ms
47ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=G100&rnd=375329730.1663599623&url=https%3A%2F%2Frewind.com%2Fresources%2Fquickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted%2F&gtm=2wg9e0N35RHTK

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N35RHTK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 15:00:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
334 B 54ms
20ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JN2R9DMY13&gtm=2oe9e0&_p=136671648&gcs=G100&cid=1709252413.1663599623&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1663599622&sct=1&seg=0&dl=https%3A%2F%2Frewind.com%2Fresources%2Fquickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted%2F%3Futm_campaign%3Dqbo_ebook_datasecurity%26utm_medium%3Demail%26_hsmi%3D220361614%26_hsenc%3Dp2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og%26utm_source%3Ddrip_campaign&dt=How%20Kellie%20Parks%20Goes%20Above%20and%20Beyond%20for%20Clients%20%7C%20Rewind&en=page_view&_fv=1&_ss=1&ep.content_group=Resources%20Content
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JN2R9DMY13&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 15:00:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rewind.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect Show response
gtm-ga-analytics.nn.r.appspot.com/g/ 65 B
443 B 304ms
238ms XHR
text/plain 2a00:1450:4001:812::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gtm-ga-analytics.nn.r.appspot.com/g/collect?v=2&tid=G-69QTZH866S&gtm=2oe9e0&_p=136671648&gcs=G100&gcd=G100&adr=1&us_privacy=1---&gdid=dMWZhNz&cid=1709252413.1663599623&ul=en-us&sr=1600x1200&_fplc=0&_uc=DE&_rnd=375329730.1663599623&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1663599622&sct=1&seg=0&dl=https%3A%2F%2Frewind.com%2Fresources%2Fquickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted%2F%3Futm_campaign%3Dqbo_ebook_datasecurity%26utm_medium%3Demail%26_hsmi%3D220361614%26_hsenc%3Dp2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og%26utm_source%3Ddrip_campaign&dt=How%20Kellie%20Parks%20Goes%20Above%20and%20Beyond%20for%20Clients%20%7C%20Rewind&en=page_view&_fv=1&_ss=1&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-69QTZH866S&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Google Frontend
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://rewind.com
x-cloud-trace-context: 2999794b4c3effe70c3a0f06f3bcb783
cache-control: no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 44ms
14ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=136671648&t=pageview&_s=1&dl=https%3A%2F%2Frewind.com%2Fresources%2Fquickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted%2F%3Futm_campaign%3Dqbo_ebook_datasecurity%26utm_medium%3Demail%26_hsmi%3D220361614%26_hsenc%3Dp2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og%26utm_source%3Ddrip_campaign&ul=en-us&de=UTF-8&dt=How%20Kellie%20Parks%20Goes%20Above%20and%20Beyond%20for%20Clients%20%7C%20Rewind&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGAACAABF~&cid=1709252413.1663599623&tid=UA-64286734-1&_gid=573363438.1663599623&gtm=2wg9e0N35RHTK&gcs=G100&z=851723513

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 10:06:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17632
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bootstrap.bundle-babel.min.js Show response
rewind.com/wp-content/themes/rewind-theme/assets/libraries/bootstrap-5.1.3/dist/js/ 89 KB
26 KB 34ms
33ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://rewind.com/wp-content/themes/rewind-theme/assets/libraries/bootstrap-5.1.3/dist/js/bootstrap.bundle-babel.min.js?ver=6.0.2

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=9c9b5bfa-8df3-43ff-987b-c5060b8dec11

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

83527037bf4da8286f632b3821b99d87f9dd219fb8e8fa6ab8c39d71f1c3ec59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/resources/quickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted/?utm_campaign=qbo_ebook_datasecurity&utm_medium=email&_hsmi=220361614&_hsenc=p2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og&utm_source=drip_campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 981102
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 17 Feb 2022 23:34:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"620edb8e-165e8"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LAk%2FGMIVpS9yM9k2%2BPlt5Qu23ONtIgJX5xTGhXWt8JiWW%2BIRRtS%2F29cxF%2FJWRdj%2FDz0di8JPsLOylOHcTH64qyi5jZIjdqvRBA%2BYdp2zbVvPY%2Be9E%2F%2FzHTk87d0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 74d330ca8e1068fd-FRA

GET
H3 200 / Show response
rewind.com/_static/ 212 KB
57 KB 146ms
145ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://rewind.com/_static/??-eJyVjEEOwjAMBD9EbEEg9IJ4S9pawlXiVLarfJ8KOHDtbUerGexrmJo4iaO/qJKhUmeZw4cwm5EbFh41K++vdV5JQ4IB4g9g3GQuBJUFFjvh4eSkrZTQNv+bB2uLYc278bWe9XFOKV5v9zhc3uf7U28=

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=9c9b5bfa-8df3-43ff-987b-c5060b8dec11

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

920cf800cf526e26e6b914d8b86c5bc9b0c6f722fc6863fdec0bf01db32c7df9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/resources/quickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted/?utm_campaign=qbo_ebook_datasecurity&utm_medium=email&_hsmi=220361614&_hsenc=p2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og&utm_source=drip_campaign
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-cacheable: YES:31536000.000
x-powered-by: WP Engine
x-cache: HIT: 3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cache-group: normal
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 17 Sep 2022 23:29:42 GMT
server: cloudflare
x-page-optimize: cached
etag: W/"22db5ba4c6719cdd4bbb22d5e1bdd9c6-gzip"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qDWoHSJAMSI%2B7TdY12NWmRfxonnMlZvNNH7j%2F0KFau11h6Dn2cY1JX8z%2BfK0WlR7dTGm%2F2iEQzScICqtswN%2B3rHGT7e2W%2FMpGE4auLfgGtA0ADmrg6WXZLCNn0w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000, must-revalidate
cf-ray: 74d330cadeb268fd-FRA

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=9c9b5bfa-8df3-43ff-987b-c5060b8dec11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6265
date: Mon, 19 Sep 2022 13:15:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 19 Sep 2022 15:15:58 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 147ms
114ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=9c9b5bfa-8df3-43ff-987b-c5060b8dec11

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15697
x-xss-protection: 0
server: cafe
etag: 1764007376392519731
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 19 Sep 2022 15:00:23 GMT

GET
H3 200 collect Show response
gtm-ga-analytics.nn.r.appspot.com/g/ 65 B
110 B 297ms
269ms XHR
text/plain 2a00:1450:4001:812::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gtm-ga-analytics.nn.r.appspot.com/g/collect?v=2&tid=G-69QTZH866S&gtm=2oe9e0&_p=136671648&gcs=G100&gcd=G100&adr=1&us_privacy=1---&gdid=dMWZhNz&cid=1709252413.1663599623&ul=en-us&sr=1600x1200&_fplc=0&_uc=DE&_rnd=375329730.1663599623&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=2&sid=1663599622&sct=1&seg=0&dl=https%3A%2F%2Frewind.com%2Fresources%2Fquickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted%2F%3Futm_campaign%3Dqbo_ebook_datasecurity%26utm_medium%3Demail%26_hsmi%3D220361614%26_hsenc%3Dp2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og%26utm_source%3Ddrip_campaign&dt=How%20Kellie%20Parks%20Goes%20Above%20and%20Beyond%20for%20Clients%20%7C%20Rewind&en=gtm.dom&ep.event_id=03251bb1-295a-4b08-bedf-b6b8a0cefbd0_1663599621504.6&ep.event_name=PageView&_et=4&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-69QTZH866S&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Google Frontend
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://rewind.com
x-cloud-trace-context: a07d7875f3941e640c7e58b50d4b3884
cache-control: no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90

GET
H2 200 6865219.js Show response
js.hs-scripts.com/ 2 KB
627 B 15ms
15ms Script
application/javascript 2606:4700::6811:d4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/6865219.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=9c9b5bfa-8df3-43ff-987b-c5060b8dec11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e457defed249fdd5e14f6f8b613a6b5a383490ad33226eedad1701497e07ee0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:23 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 12
cf-polished: origSize=2518
x-hubspot-correlation-id: 56fb31b9-ce9d-4042-a5bc-0bf0ed2d32cb
last-modified: Mon, 19 Sep 2022 15:00:11 GMT
server: cloudflare
x-trace: 2B577FEA88B226C09FC1A3A54F057F5FD4341BEE05000000000000000000
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://app.rewind.com
expires: Mon, 19 Sep 2022 15:01:23 GMT
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 74d330cdecc99016-FRA
cf-bgj: minify

GET
H2 200 growsumo.min.js Show response
snippet.growsumo.com/ 6 KB
2 KB 37ms
37ms Script
application/javascript 2606:4700::6812:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://snippet.growsumo.com/growsumo.min.js
Requested by: Host: email.rewind.io
URL: https://email.rewind.io/e3t/Ctc/5D+113/cQCkJ04/VV-sMs38ht2rW8zS8GW4nSG4hW842MfZ4Q7kc9N1vWRt73hpQwV1-WJV7CgXZQVKLLd_3BzVG8W81gs_l6C3g6bW4sGtJ-5BFGVJVh6bCR6LRhTmVH93626K8dV7W2wNSsv8r6MLRW1s6DTy2bl9B6W5sPWWQ448vpvW1KYFXP2Yms9QW6t3PZR4nl17FW6kCSJs8MnPRQW3TwQcj5rrRZnN7mFf-ntPV5jW2c_HPC1ZvQ6WW2SV5w03n54RVW39FZX-3gxyPWN1H8xfrpN7BnW2PMGx37703XcV9Wt1q2cNvKSW6Z-Kb73pbX-zMmmt--b6gYhW2Hgk0k3sgjBcW7gybLB5-9BtSN8ng2g-k8FhwW8V1SpQ7MrYt7VRgWB859N1zLW2bGVhV82yhqKW2pYkzH6vn7M7Vr-JhG2fwG9nW7hPnCq1q2TN0339l1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0be9c85966eeed0b1af9a530e56d8b0ba5cfe2c46d293f4c77b66ddbe9be3d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74d330ce0ef39253-FRA
date: Mon, 19 Sep 2022 15:00:23 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 14 Sep 2022 17:43:45 GMT
server: cloudflare
age: 52
etag: W/"632212d1-18b1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
content-encoding: br
expires: Mon, 19 Sep 2022 19:00:23 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
26 KB 39ms
18ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=9c9b5bfa-8df3-43ff-987b-c5060b8dec11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26839
x-xss-protection: 0
pragma: public
x-fb-debug: jIqlyjjXM1//G2Ia7u0AQgjs1BEEXCUV11CYOe/4oMTt360XPO2hl7+uPT4bQTeC6+CjdcqlMEuUpLsDu8XfEA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 19 Sep 2022 15:00:23 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pk_ncC00F1rGTjPd5mSvuchDbYjON9wb3Am Show response
grsm.io/pr/gpk/ 0
60 B 126ms
125ms XHR
text/plain 2606:4700::6812:bd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://grsm.io/pr/gpk/pk_ncC00F1rGTjPd5mSvuchDbYjON9wb3Am
Requested by: Host: snippet.growsumo.com
URL: https://snippet.growsumo.com/growsumo.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bd4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="This is not a P3P policy! See our docs for more info."
access-control-allow-origin: https://rewind.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
cf-ray: 74d330ce4fcc5c80-FRA
content-type: text/plain; charset=utf-8
content-length: 0

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 126 KB
38 KB 105ms
105ms Script
application/javascript 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBLVHNRC77U40OTQSTB0&lib=ttq
Requested by: Host: email.rewind.io
URL: https://email.rewind.io/e3t/Ctc/5D+113/cQCkJ04/VV-sMs38ht2rW8zS8GW4nSG4hW842MfZ4Q7kc9N1vWRt73hpQwV1-WJV7CgXZQVKLLd_3BzVG8W81gs_l6C3g6bW4sGtJ-5BFGVJVh6bCR6LRhTmVH93626K8dV7W2wNSsv8r6MLRW1s6DTy2bl9B6W5sPWWQ448vpvW1KYFXP2Yms9QW6t3PZR4nl17FW6kCSJs8MnPRQW3TwQcj5rrRZnN7mFf-ntPV5jW2c_HPC1ZvQ6WW2SV5w03n54RVW39FZX-3gxyPWN1H8xfrpN7BnW2PMGx37703XcV9Wt1q2cNvKSW6Z-Kb73pbX-zMmmt--b6gYhW2Hgk0k3sgjBcW7gybLB5-9BtSN8ng2g-k8FhwW8V1SpQ7MrYt7VRgWB859N1zLW2bGVhV82yhqKW2pYkzH6vn7M7Vr-JhG2fwG9nW7hPnCq1q2TN0339l1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b99178c5da6ff4d7f612c2c76c390f0a6485f16d87214aca7bca276aaebb86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-akamai-request-id: 695352c5.5230668a
date: Mon, 19 Sep 2022 15:00:23 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-221-239-61.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-parent-response-time: 97,23.36.161.200
server-timing: cdn-cache; desc=MISS, edge; dur=83, origin; dur=15, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 202209191500231A0D24863C9B93DE0489
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 15,23.221.239.61
x-tt-trace-host: 01cd9429aad5108ee097be71236d923404afbf58bb47626af9320ad6728f6d8267cfc73e2732eb8a2e2c3a84a96e257dbf4b5ae75b9386aa05255a6a03b98a5fd7514da83ccd35a9da02ad51319822027f0aebf05448b0efd76312a4f2ba1b4c32
expires: Mon, 19 Sep 2022 15:00:23 GMT

GET
H2 200 pk_ncC00F1rGTjPd5mSvuchDbYjON9wb3Am Show response
partnerlinks.io/pr/gpk/ 0
59 B 23ms
22ms XHR
text/plain 2606:4700::6812:1f85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://partnerlinks.io/pr/gpk/pk_ncC00F1rGTjPd5mSvuchDbYjON9wb3Am
Requested by: Host: snippet.growsumo.com
URL: https://snippet.growsumo.com/growsumo.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:23 GMT
content-type: text/plain; charset=utf-8
server: cloudflare
vary: Accept-Encoding
p3p: CP="This is not a P3P policy! See our docs for more info."
access-control-allow-origin: https://rewind.com
access-control-allow-credentials: true
cf-ray: 74d330cf1f228fe6-FRA
content-length: 0

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 140 KB
40 KB 100ms
100ms Script
application/javascript 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBM5CGJC77UFPP3IGL5G&lib=ttq
Requested by: Host: email.rewind.io
URL: https://email.rewind.io/e3t/Ctc/5D+113/cQCkJ04/VV-sMs38ht2rW8zS8GW4nSG4hW842MfZ4Q7kc9N1vWRt73hpQwV1-WJV7CgXZQVKLLd_3BzVG8W81gs_l6C3g6bW4sGtJ-5BFGVJVh6bCR6LRhTmVH93626K8dV7W2wNSsv8r6MLRW1s6DTy2bl9B6W5sPWWQ448vpvW1KYFXP2Yms9QW6t3PZR4nl17FW6kCSJs8MnPRQW3TwQcj5rrRZnN7mFf-ntPV5jW2c_HPC1ZvQ6WW2SV5w03n54RVW39FZX-3gxyPWN1H8xfrpN7BnW2PMGx37703XcV9Wt1q2cNvKSW6Z-Kb73pbX-zMmmt--b6gYhW2Hgk0k3sgjBcW7gybLB5-9BtSN8ng2g-k8FhwW8V1SpQ7MrYt7VRgWB859N1zLW2bGVhV82yhqKW2pYkzH6vn7M7Vr-JhG2fwG9nW7hPnCq1q2TN0339l1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1cedb5111627fd56484e69f8afea380fa83ecf77bf3cbbbdef86be56b0271b2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 15:00:23 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202209191500232D4541B3F8E1B0C4561D
vary: Accept-Encoding
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 91,23.36.161.200
x-tt-trace-host: 01cd9429aad5108ee097be71236d923404e6e7f8722db1c17a5a3886d8d6dd735cc37b7a3507a35708e024cbcc2b073061f10e992d4e0ca444277714149630911a28fb476a7678759679f08727eaedf5fe
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=91
x-akamai-request-id: 5230691e
expires: Mon, 19 Sep 2022 15:00:23 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 126 KB
37 KB 132ms
131ms Script
application/javascript 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBP6LCJC77U40OTR2F7G&lib=ttq
Requested by: Host: email.rewind.io
URL: https://email.rewind.io/e3t/Ctc/5D+113/cQCkJ04/VV-sMs38ht2rW8zS8GW4nSG4hW842MfZ4Q7kc9N1vWRt73hpQwV1-WJV7CgXZQVKLLd_3BzVG8W81gs_l6C3g6bW4sGtJ-5BFGVJVh6bCR6LRhTmVH93626K8dV7W2wNSsv8r6MLRW1s6DTy2bl9B6W5sPWWQ448vpvW1KYFXP2Yms9QW6t3PZR4nl17FW6kCSJs8MnPRQW3TwQcj5rrRZnN7mFf-ntPV5jW2c_HPC1ZvQ6WW2SV5w03n54RVW39FZX-3gxyPWN1H8xfrpN7BnW2PMGx37703XcV9Wt1q2cNvKSW6Z-Kb73pbX-zMmmt--b6gYhW2Hgk0k3sgjBcW7gybLB5-9BtSN8ng2g-k8FhwW8V1SpQ7MrYt7VRgWB859N1zLW2bGVhV82yhqKW2pYkzH6vn7M7Vr-JhG2fwG9nW7hPnCq1q2TN0339l1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b99178c5da6ff4d7f612c2c76c390f0a6485f16d87214aca7bca276aaebb86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-akamai-request-id: 52306b8e
date: Mon, 19 Sep 2022 15:00:23 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=2, origin; dur=111
content-length: 37634
pragma: no-cache
server: nginx
x-tt-logid: 20220919150023EA332C1739C2DEC44337
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 112,23.36.161.200
x-tt-trace-host: 01cd9429aad5108ee097be71236d923404e6e7f8722db1c17a5a3886d8d6dd735ccf4e5bbda2d62c60d567b342f79b1961af65203de6292967353295d7ec413f743ce3dc4184864ffa9f09c38ce137b342
expires: Mon, 19 Sep 2022 15:00:23 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 73 KB
20 KB 23ms
23ms Script
application/javascript 2606:4700::6811:efcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=9c9b5bfa-8df3-43ff-987b-c5060b8dec11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:efcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc3b175c482f1f54f77d4ccad5366704cc4b0daa2a88e653f509fe88a92c53e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:23 GMT
via: 1.1 c4d4830011182f83b2b9a1cf8045a2b2.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 450
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.10632/bundles/project.js&cfRay=74d325d08f098ff8-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Mon, 22 Aug 2022 02:10:32 UTC
server: cloudflare
etag: W/"be054c0d1ce8e9f928e051e15475d755"
vary: Accept-Encoding
x-amz-version-id: 3C1npQH0ys7YIJipkKSW0mB3OJD1A1US
cache-control: max-age=600
x-hs-cache-status: MISS
x-amz-cf-pop: IAD55-P5
cf-ray: 74d330d14cacbbd9-FRA
x-amz-cf-id: 4_GKaDQ_emCUfE6tM25cElAX4OCTFE7oDBrdJUTlEOe5bOqupPC_Qg==
x-hs-target-asset: conversations-embed/static-1.10632/bundles/project.js

GET
H2 200 6865219.js Show response
js.hs-analytics.net/analytics/1663599600000/ 65 KB
20 KB 18ms
17ms Script
text/javascript 2606:4700::6811:44b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1663599600000/6865219.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=9c9b5bfa-8df3-43ff-987b-c5060b8dec11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b99bb947bc19ef0f4b3b4b95018d3a5e9c34bc3d85fe3843a64bcec94947ffa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:23 GMT
content-encoding: br
cf-cache-status: HIT
age: 1
x-amz-server-side-encryption: AES256
x-amz-request-id: Q7CHR8E5FMC5C0F8
x-amz-id-2: IQx7z2aAqAcVKsfiipam+/5jqwz8k4zyKPoFWqi/lUqS+Zkyp5aapocJriRHMxRIoeEV5o5Z6EY=
last-modified: Tue, 06 Sep 2022 20:54:40 GMT
server: cloudflare
etag: W/"4ce574597c13d89f2bd8fd1d04f0bbbe"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
x-amz-version-id: null
cf-ray: 74d330d17f098ff4-FRA
expires: Mon, 19 Sep 2022 15:05:22 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 65 KB
23 KB 18ms
18ms Script
application/javascript 2606:4700::6811:83ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=9c9b5bfa-8df3-43ff-987b-c5060b8dec11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:83ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5678810bf1c13d60bc4d55a3ca96c163ffc01f865c4e4a64001fc32ffcd367cb

Request headers

Referer: https://rewind.com/
Origin: https://rewind.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:23 GMT
via: 1.1 6cf4081c1099e7ccfdba44532a13bc54.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 22710
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.292/bundles/project.js&cfRay=74d1065d1cbc9bd0-FRA
x-cache: Miss from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 74d330d19ba39182-FRA
last-modified: Tue, 13 Sep 2022 10:41:10 UTC
server: cloudflare
etag: W/"7a468b833be86c01bc8dfd455308f792"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: 5afLcxIjU5LfvvyyfvxzjsWXufXHSL1t
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD55-P5
content-type: application/javascript; charset=utf-8
x-amz-cf-id: YXJDOh39c_4RJxM0AV4SJWvLvJ2LiBizA2hmLWBcjVFltJpJ-3TgsA==
x-hs-target-asset: collected-forms-embed-js/static-1.292/bundles/project.js

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 548 KB
87 KB 44ms
43ms Script
application/javascript 2606:4700::6811:eacc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=9c9b5bfa-8df3-43ff-987b-c5060b8dec11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eacc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf3a88c35bdc16d97403947a9f9188faf13af9a6776529a422286716605d5fee

Request headers

Referer: https://rewind.com/
Origin: https://rewind.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:24 GMT
via: 1.1 0cb8928139de73eb220c70ed65a3d18a.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 15457
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1110/bundle/main/lead-flows-release.js&cfRay=74d1b772ae839006-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 74d330d1c89ebbbf-FRA
last-modified: Tue, 06 Sep 2022 03:53:55 UTC
server: cloudflare
etag: W/"6ec4f161716a8da5c8c95cda1e89dc05"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
x-amz-version-id: Ur8e8LShl3Q9Sr_qgQx0CQrFz7yEnpM5
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD55-P5
content-type: application/javascript; charset=utf-8
x-amz-cf-id: YUpwy5OgCS7Wloe8xyABVcr5RVK4ba7MpKCAF-rfwlYvC81k4E9SLw==
x-hs-target-asset: lead-flows-js/static-1.1110/bundle/main/lead-flows-release.js

GET
H3 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
932 B 143ms
143ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=6865219&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be9a98f4de67bcb98e6062b7f323697e9a55a2ae8a4a9a1b4c6ea004487fe3a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://rewind.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:24 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 748beacf-b564-4cc8-aa78-41ad3571624a
cf-ray: 74d330d1ddc7694f-FRA
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qnIpN6ihbSzwMA1V0Wv7BETcS3bPlQwf7oxwpbW9EG8foN7UdF0Iyo0yDUAYPKyKQxBJb0PKDt4JQdGvpMlJsDeTmdz5kwHJfCFfGGaj5b7nl89D3ESNCYHBkqENntA8f7XxJAF%2B6XDMUDd0E7yp"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://rewind.com
access-control-allow-credentials: false
x-robots-tag: none
access-control-allow-headers: *

GET
H2 200 error.gif
exceptions.hs-embed-reporting.com/outpost/lead-flows-js/ 35 B
379 B 502ms
474ms Image
image/gif 2606:4700:4400::6812:2aed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exceptions.hs-embed-reporting.com/outpost/lead-flows-js/error.gif?report=%7B%22culprit%22%3A%22Error%22%2C%22message%22%3A%22Multiple%20lead%20flow%20scripts%20are%20trying%20to%20run%20on%20the%20current%20page.%20Only%20the%20first%20one%20will%20be%20executed.%20The%20rest%20are%20ignored.%20Read%20more%20at%20http%3A%2F%2Fhubs.ly%2FH03mDPb0%22%2C%22level%22%3A%22error%22%2C%22exception%22%3A%5B%7B%22type%22%3A%22Error%22%2C%22value%22%3A%22Error%3A%20Multiple%20lead%20flow%20scripts%20are%20trying%20to%20run%20on%20the%20current%20page.%20Only%20the%20first%20one%20will%20be%20executed.%20The%20rest%20are%20ignored.%20Read%20more%20at%20http%3A%2F%2Fhubs.ly%2FH03mDPb0%5Cn%20%20%20%20at%20https%3A%2F%2Fjs.hsleadflows.net%2Fleadflows.js%3A1%3A544703%5Cn%20%20%20%20at%20https%3A%2F%2Fjs.hsleadflows.net%2Fleadflows.js%3A1%3A544923%22%2C%22url%22%3A%22https%3A%2F%2Fjs.hsleadflows.net%2Fleadflows.js%22%7D%5D%2C%22request%22%3A%7B%22url%22%3A%22https%3A%2F%2Frewind.com%2Fresources%2Fquickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted%2F%22%2C%22queryString%22%3A%22utm_campaign%3Dqbo_ebook_datasecurity%26utm_medium%3Demail%26_hsmi%3D220361614%26_hsenc%3Dp2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og%26utm_source%3Ddrip_campaign%22%2C%22cookies%22%3A%22utk%3Dnull%3B%22%7D%2C%22environment%22%3A%22PROD%22%2C%22tags%22%3A%7B%22portalId%22%3A6865219%2C%22bundle%22%3A%22lead-flows%22%7D%2C%22user%22%3A%7B%7D%2C%22extra%22%3A%7B%7D%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2aed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:24 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Sep 2022 15:00:24 GMT
server: cloudflare
x-hubspot-correlation-id: 85c70c0f-a3c1-4224-8d3f-0ad9308d3851
x-trace: 2B22B7A8C3CB42BFB18A02F41491F954D3F6BF36E5000000000000000000
x-robots-tag: none
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 74d330d26f5a9956-FRA
content-length: 35
expires: Mon, 19 Sep 2022 19:00:24 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 112ms
112ms Script
application/javascript 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=9c9b5bfa-8df3-43ff-987b-c5060b8dec11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-akamai-request-id: 4cf9792.52307162
date: Mon, 19 Sep 2022 15:00:24 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-220-104-7.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-parent-response-time: 102,23.36.161.200
server-timing: cdn-cache; desc=MISS, edge; dur=98, origin; dur=7, inner; dur=3
content-length: 30834
pragma: no-cache
server: nginx
x-tt-logid: 20220919150024EEF5094E0893F5B491BC
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.220.104.7
x-tt-trace-host: 01cd9429aad5108ee097be71236d923404afbf58bb47626af9320ad6728f6d826757e607f59ffdcd11131283f5853540856197c3b2dd710debaed7af5a103ea7c76eda04162171d5b759b291d64bb5a862c733ba2546b759fc585bb36cd2a8a04a
expires: Mon, 19 Sep 2022 15:00:24 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 58 KB
20 KB 115ms
115ms Script
application/javascript 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=CBLVHNRC77U40OTQSTB0&hostname=rewind.com
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=9c9b5bfa-8df3-43ff-987b-c5060b8dec11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d39d1b72e04560ab4f1d103af0b7820973caf0a3226a89bbf1b7d82e7dcead55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-akamai-request-id: 52307392
date: Mon, 19 Sep 2022 15:00:24 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
server-timing: inner; dur=1, cdn-cache; desc=MISS, edge; dur=3, origin; dur=104
content-length: 19432
pragma: no-cache
server: nginx
x-tt-logid: 20220919150024AA12CEE557403DB3B4FF
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 105,23.36.161.200
x-tt-trace-host: 01cd9429aad5108ee097be71236d923404e6e7f8722db1c17a5a3886d8d6dd735ce32494bccb1348f0346799da4997ccb023b2de1a9e34db792e1b5a30db50ddce3c8f3f01178dc33fc8a4776be4be35e2
expires: Mon, 19 Sep 2022 15:00:24 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 58 KB
20 KB 110ms
109ms Script
application/javascript 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=CBM5CGJC77UFPP3IGL5G&hostname=rewind.com
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=9c9b5bfa-8df3-43ff-987b-c5060b8dec11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7190f8d0ed177455772e4df792d2bddc10df37bc4e0ed13f247cfc9439190c8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 15:00:24 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 202209191500242321311B86201EBC8F46
vary: Accept-Encoding
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 101,23.36.161.200
x-tt-trace-host: 01cd9429aad5108ee097be71236d923404e6e7f8722db1c17a5a3886d8d6dd735cd5dff838363325daade4a0be50a02a2c64ed2a051bb173871bb2764f812178fad748d3ee22bad89b98f90a5b357403cb
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=101
x-akamai-request-id: 523075c2
expires: Mon, 19 Sep 2022 15:00:24 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 58 KB
20 KB 105ms
104ms Script
application/javascript 23.36.163.228
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=CBP6LCJC77U40OTR2F7G&hostname=rewind.com
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=9c9b5bfa-8df3-43ff-987b-c5060b8dec11
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.228 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-228.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: afe084fa5f65a8f7d14eed7059d69e27dabaa32d1d370f389c298992b2de8c90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-akamai-request-id: 7258821.5230783f
date: Mon, 19 Sep 2022 15:00:24 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-221-239-6.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-200.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-parent-response-time: 96,23.36.161.200
server-timing: cdn-cache; desc=MISS, edge; dur=82, origin; dur=14, inner; dur=3
content-length: 19528
pragma: no-cache
server: nginx
x-tt-logid: 202209191500246DF025EC07A6F9ADE74A
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 14,23.221.239.6
x-tt-trace-host: 01cd9429aad5108ee097be71236d923404afbf58bb47626af9320ad6728f6d8267aa51d2e60775109efe179a52a23bb77eecdefd513e9d4feeedf52e0a5c951c3f7454bb3fecd43e46eeab5f20ef303160e2cc1be5e1239586ef869c5105546847
expires: Mon, 19 Sep 2022 15:00:24 GMT

GET
H2 200 3df23cbfb4be47d0bb28ba6e64b987cf Show response
app.hubspot.com/conversations-visitor/6865219/threads/utk/ Frame 5BEE 49 KB
18 KB 255ms
223ms Document
text/html 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/6865219/threads/utk/3df23cbfb4be47d0bb28ba6e64b987cf?uuid=2b8cc291940248ed99cd0c23a3c48543&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=rewind.com&inApp53=false&messagesUtk=3df23cbfb4be47d0bb28ba6e64b987cf&url=https%3A%2F%2Frewind.com%2Fresources%2Fquickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted%2F%3Futm_campaign%3Dqbo_ebook_datasecurity%26utm_medium%3Demail%26_hsmi%3D220361614%26_hsenc%3Dp2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og%26utm_source%3Ddrip_campaign&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

818bb8dd7789e61530b541504fde932dac3deaef14d12e2af0e7cde78bf3bf1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://rewind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
age: 852
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 74d330dbca419a18-FRA
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-visitor-ui/static-1.13130/html/index.html&cfRay=74d330dbca419a18&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F6865219%2Fthreads%2Futk%2F3df23cbfb4be47d0bb28ba6e64b987cf%3Fuuid%3D2b8cc291940248ed99cd0c23a3c48543%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3Dnull%26domain%3Drewind.com%26inApp53%3Dfalse%26messagesUtk%3D3df23cbfb4be47d0bb28ba6e64b987cf%26url%3Dhttps%253A%252F%252Frewind.com%252Fresources%252Fquickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted%252F%253Futm_campaign%253Dqbo_ebook_datasecurity%2526utm_medium%253Demail%2526_hsmi%253D220361614%2526_hsenc%253Dp2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og%2526utm_source%253Ddrip_campaign%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3Dnull%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Frewind.com%2F&cfenv=prod&pdt=2022-09-19&csp=ro
content-type: text/html; charset=utf-8
date: Mon, 19 Sep 2022 15:00:25 GMT
etag: W/"569db62d32e82f9b7b1f7ca690d6ebfb"
last-modified: Thu, 25 Aug 2022 01:43:09 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports?cfRay=74d330dbca419a18&resource=conversations-visitor-ui/static-1.13130/html/index.html"}]}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 c4d4830011182f83b2b9a1cf8045a2b2.cloudfront.net (CloudFront)
x-amz-cf-id: vaci0W1CNBYpPaKC9YRAK9B7MqIAWJNf3lYDauMNuNbmUrW-AN8aOQ==
x-amz-cf-pop: IAD55-P5
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: 4kKrSl80YetGU3R_qbAmDKxmjmuSYEVe
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.13130/html/index.html
x-hs-worker-debug-mode: false

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
553 B 156ms
138ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=492729889&v=1.1&a=6865219&rcu=https%3A%2F%2Frewind.com%2Fresources%2Fquickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted%2F&pu=https%3A%2F%2Frewind.com%2Fresources%2Fquickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted%2F%3Futm_campaign%3Dqbo_ebook_datasecurity%26utm_medium%3Demail%26_hsmi%3D220361614%26_hsenc%3Dp2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og%26utm_source%3Ddrip_campaign&t=How+Kellie+Parks+Goes+Above+and+Beyond+for+Clients+%7C+Rewind&cts=1663599625534&vi=fc8eab8054a9600a5e039fe3f4cb0b35&nc=true&u=202288142.fc8eab8054a9600a5e039fe3f4cb0b35.1663599625528.1663599625528.1663599625528.1&b=202288142.1.1663599625529&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:25 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 04308467-bff2-4e68-9ecd-3717958a0694
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
x-robots-tag: none
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8KhiI9CSZeEf4emkZbOgQqxXNRo2Wngo6sqXIzvBgjBX76vHBn2OLwjFiObUWDKcRaRmxQchKQjxyhoYRIrrL8Wv9we61P1jGO1XlDbEeSrZU8OLHKLHnn4QRLvi3FgTTz9Zg%2BvNYOcaPqbj1pPK"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 74d330dbbef390b2-FRA

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
893 B 155ms
137ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=492729889&v=1.1&a=6865219&rcu=https%3A%2F%2Frewind.com%2Fresources%2Fquickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted%2F&pu=https%3A%2F%2Frewind.com%2Fresources%2Fquickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted%2F%3Futm_campaign%3Dqbo_ebook_datasecurity%26utm_medium%3Demail%26_hsmi%3D220361614%26_hsenc%3Dp2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og%26utm_source%3Ddrip_campaign&t=How+Kellie+Parks+Goes+Above+and+Beyond+for+Clients+%7C+Rewind&cts=1663599625537&vi=fc8eab8054a9600a5e039fe3f4cb0b35&nc=true&u=202288142.fc8eab8054a9600a5e039fe3f4cb0b35.1663599625528.1663599625528.1663599625528.1&b=202288142.1.1663599625529&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:25 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 9fd35b1e-d03c-4542-b4d7-4f1efe377ec8
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
x-robots-tag: none
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2JMWRP9%2Bj8DBdcVSUvqNEfdDyp55bes%2F3IIbBscurIP%2Fnwy3xvz8rX9o05XLZ%2FLphAKWBETMd1CZB8jPeuAqJpKpJSw1egSZNaT9qLtaXzi4fFItHXxtJI%2FQwBSPK3ZO14s8b6QVJ0IvJoAQx%2Bb5"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 74d330dbbef690b2-FRA

GET
H3 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 2 KB
2 KB 143ms
142ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=6865219&utk=fc8eab8054a9600a5e039fe3f4cb0b35&__hstc=202288142.fc8eab8054a9600a5e039fe3f4cb0b35.1663599625528.1663599625528.1663599625528.1&__hssc=202288142.1.1663599625529&currentUrl=https%3A%2F%2Frewind.com%2Fresources%2Fquickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted%2F%3Futm_campaign%3Dqbo_ebook_datasecurity%26utm_medium%3Demail%26_hsmi%3D220361614%26_hsenc%3Dp2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og%26utm_source%3Ddrip_campaign

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df16c3f73192f31f33e05af39f63a370e531fa06279ae7f0c10c5fd003bbaa5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:25 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: d97d48f2-0149-4c17-b217-d283507a6d72
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-robots-tag: none
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BthdZAL1Xy20tCLlbQpoklbjETe7MCDdCPEJB8muA29IUHsEh7zTLkfTJFCXla5GYEnphjyzLB7G2POCVRwbnbpgjaClGDMx%2FongL5u89goNRbdJyAF5tLKi7jzzVZSjq9TIY5s2plDrVtzIpN%2B0"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://rewind.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 74d330dba807694f-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

GET
H3 200 __ptq.gif
track.hubspot.com/ 45 B
673 B 160ms
150ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=16&fi=2ff77bf8-3ee4-400c-aefc-1367387fc314&lfi=3806684&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=492729889&v=1.1&a=6865219&rcu=https%3A%2F%2Frewind.com%2Fresources%2Fquickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted%2F&pu=https%3A%2F%2Frewind.com%2Fresources%2Fquickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted%2F%3Futm_campaign%3Dqbo_ebook_datasecurity%26utm_medium%3Demail%26_hsmi%3D220361614%26_hsenc%3Dp2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og%26utm_source%3Ddrip_campaign&t=How+Kellie+Parks+Goes+Above+and+Beyond+for+Clients+%7C+Rewind&cts=1663599625692&vi=fc8eab8054a9600a5e039fe3f4cb0b35&nc=true&u=202288142.fc8eab8054a9600a5e039fe3f4cb0b35.1663599625528.1663599625528.1663599625528.1&b=202288142.1.1663599625529&cc=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:25 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: cea4e23e-eb5a-4c52-8cf1-f3139a9bdf86
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
x-robots-tag: none
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GaJ%2BSQapK%2F%2BrbXF0DrVMU83I5cevGu1bmClldDXXL%2FwzIrr59RBCM4U6Q0afrh1UToR6xN09MZu9I7JeBT%2FQMj5X7mb1Iv4VUoJPOv0R9PVsOHU79JwdcB8dJAaM2nvBB6nLXvV4NaoiesFiOnZA"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 74d330dcab669a39-FRA

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.228/ Frame 5BEE 44 KB
17 KB 72ms
42ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.228/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/6865219/threads/utk/3df23cbfb4be47d0bb28ba6e64b987cf?uuid=2b8cc291940248ed99cd0c23a3c48543&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=rewind.com&inApp53=false&messagesUtk=3df23cbfb4be47d0bb28ba6e64b987cf&url=https%3A%2F%2Frewind.com%2Fresources%2Fquickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted%2F%3Futm_campaign%3Dqbo_ebook_datasecurity%26utm_medium%3Demail%26_hsmi%3D220361614%26_hsenc%3Dp2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og%26utm_source%3Ddrip_campaign&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1590f52adb0ff3eb1a5d0c1a0ef0c1f60d8451c3510fc44bd316919e5daf705f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:25 GMT
via: 1.1 eaa1b95207b7e17a6ad05a7c45014762.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 419061
x-amz-server-side-encryption: AES256
cf-ray: 74d330dd6c4168fe-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 17 Aug 2022 17:59:37 GMT
server: cloudflare
etag: W/"a89d377892af6ffd98853ca900af1878"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=91TtwXYGFtS0VD28eZvulg0ruEvgrO%2ByEdzBwKQ2WNIUYWlSvTGJvge7TQvuKDpoWZc1QDsAsQWmJlQQEPlvwqRmqAuDrhkYdatfMFgGaVpckXni02h1UeXrOVStndlQTyj0Ya%2BDkLDDI6KM2irLJ3if1vE%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: YgJkZg_L_.XRhLttFb7qTxNzd.lQeUxX
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: MUC50-C1
content-type: application/javascript
x-amz-cf-id: kaEi35aKydKir2eLnGS_Sp4xZqUxZ1uzSIQSf_FGH2cdgDveon9Wcw==
expires: Tue, 19 Sep 2023 15:00:25 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.11843/sass/ Frame 5BEE 20 KB
4 KB 45ms
16ms Stylesheet
text/css 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.11843/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:25 GMT
via: 1.1 8080d8bfc581f6befaaa7736f6d0003e.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 610892
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: text/css
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 15 Nov 2021 19:50:41 GMT
server: cloudflare
etag: W/"370a89ea102d7b437eb549729472631f"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XBv4cDl1I9dFKIdfKFhaBY1qY94HSZKGI12Z2%2B90j%2B6hS5gO8gjEzqrZmGHufopj3%2BwcG%2FG2ntvMwZDDyEaUoiFKMkdlgJAAc23zUBrvv7PwlMJMAAbUF6YPRY07xN0l7t%2B3vHSAMrvdLdKloCi0mXZQA0%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: LgyvJN0nZOCplqIYlCYJJ1cibXdW_3K_
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-P2
cf-ray: 74d330dd6a0b9bb3-FRA
x-amz-cf-id: UFAkO5mgnelmLAjpvakSLqjc_1ZCPFv9UweKLbPGmedKhGn3WhuIYw==
expires: Tue, 19 Sep 2023 15:00:25 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.312/ Frame 5BEE 295 KB
94 KB 86ms
57ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.312/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

338be55e09986b74b0abf67ba0d09e117698bc411529b3da8f0783a349461bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:25 GMT
via: 1.1 64d18a7c557f9140c04169b7191025f8.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1115500
x-amz-server-side-encryption: AES256
cf-ray: 74d330dd6c4568fe-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 05 Aug 2022 01:31:38 GMT
server: cloudflare
etag: W/"24368d9bf0991b15f75e817302381e9e"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUoo4lvUI%2BY1Cfbez3hsCl4bEd2FPm1YqyVP8r5uEFsVw7n4JD9tpZ3P44%2Bu%2BS1hMpcOCXgsFidMs9urHza%2BZr58A2CSjiIiWeZ686VfiN8E4XnqcWJcZPvVvxlF%2B23zYaGSJ6WM4GilhoeR4SPMcmk8wNA%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: tGv9d32FqDJZMi1TXjkihXz8ATz_W19h
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: TXL50-P4
content-type: application/javascript
x-amz-cf-id: ctXWiHT0jPBalaMWYmLrf3VGzKqNSqUOWKIaUCzEMUTPuTS1KfUFyQ==
expires: Tue, 19 Sep 2023 15:00:25 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.13130/bundles/ Frame 5BEE 508 KB
149 KB 86ms
57ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.13130/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f9c20e7e3fa6dc6a21aaa3e9b025d2b734d4def2dd4fdbbb37cea01f1848075

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:25 GMT
via: 1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2164630
x-amz-server-side-encryption: AES256
cf-ray: 74d330dd6c4a68fe-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 25 Aug 2022 12:59:17 GMT
server: cloudflare
etag: W/"66c6b56f51446aa179536d50b93dc18f"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJMPf19XN5zIWTEAMN4vEsfiebBGmGU6ZyHyZTPxbnReAXj2x9uF%2BgFWN5lsejtBsJGUxCEVxxV3bWREBiTJd%2Br23ZOe25j0eVWOwSQfsy6nFL9sUEcecGgysIP1D8vl%2FymmYDMG4MeZIMbx8%2BcBhGfxblE%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: uc.gK9keAAPPtvGHllm.3hPsq_zi_tUb
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: MUC50-P2
content-type: application/javascript
x-amz-cf-id: xse_92dSDO65ewm47NehFS4IZtk0Ay6vvu6uel5X3gehkKu1wiBobw==
expires: Tue, 19 Sep 2023 15:00:25 GMT

GET
H3 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.13109/ Frame 5BEE 776 B
1 KB 36ms
25ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.13109/i18n-data-data-locales-en-us.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.13130/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d2c44d306bebe99b644ddf549cf9e1b903b74a23722a2160df230678e772362

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:26 GMT
via: 1.1 d1059a03249ee23f5bc6527edaec7ed2.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2164629
x-amz-server-side-encryption: AES256
cf-ray: 74d330de7bb89250-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 23 Aug 2022 20:37:16 GMT
server: cloudflare
etag: W/"fbd6597e721657bf1cc5c96c50504af1"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7afTq7Z2x5Et2SWXG4xra7oFTp5XpU6UvbkwgTQilLuYPS19iGmEMFQZyxuTttlDBBaAIBP%2FCxRCniE6v3UEJh6PW76C27qsgiFJjg5Tfv0JpqHzmjDmZpz49BHHwwo59dQ5z%2BSps5jPieBouoF0hX4zr5Y%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: sl3a7FgaUJ.HMt1RBBDHTXfo_ppY5Div
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: BUD50-C1
content-type: application/javascript
x-amz-cf-id: jGswfWwO-hmkEXzlOQzX7cKo0Pn2NfFRzMNs8BMgQ0Bw9FSYUlcqow==
expires: Tue, 19 Sep 2023 15:00:26 GMT

GET
H2 200 2b)%20Onboarding%20Clients%20(1).png
f.hubspotusercontent10.net/hub/6865219/hubfs/Graphics%20and%20Images/Webpage%20and%20Email%20Graphics/ Frame 5BEE 6 KB
7 KB 64ms
23ms Image
image/webp 2606:4700::6810:d7ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://f.hubspotusercontent10.net/hub/6865219/hubfs/Graphics%20and%20Images/Webpage%20and%20Email%20Graphics/2b)%20Onboarding%20Clients%20(1).png?width=108&height=108

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:d7ed , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

178ad109b2915167c42594cb509b0bee49d3f65e8761fba18bbb2de56bab556c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:26 GMT
via: 1.1 d0f195624e615b103c40900f88cfd922.cloudfront.net (CloudFront)
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 285469
cf-polished: origFmt=png, origSize=9314
edge-cache-tag: F-28387368692,FD-33721100976,P-6865219,FLS-ALL
cache-tag: F-28387368692,FD-33721100976,P-6865219,FLS-ALL
x-amz-storage-class: INTELLIGENT_TIERING
content-disposition: inline; filename="2b)%20Onboarding%20Clients%20(1).webp"
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
content-length: 5922
x-amz-server-side-encryption: AES256
last-modified: Fri, 02 Sep 2022 23:40:17 GMT
server: cloudflare
x-cache: RefreshHit from cloudfront
etag: "297bd3219cae8d61713ccdf4efa79ce6"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cf-bgj: imgq:85,h2pri
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-cf-pop: IAD89-P1
accept-ranges: bytes
cf-ray: 74d330df7e0c68e9-FRA
x-amz-cf-id: 12A9xVz1Q9oU7Un0OLJglP0XkBkDcMi1qdzIY6_niTiOTlzx2UMm6A==
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15

POST
H3 204 rhumb
app.hubspot.com/api/cartographer/v1/ Frame 5BEE 0
1 KB 157ms
156ms Ping
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.13130

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.13130/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/conversations-visitor/6865219/threads/utk/3df23cbfb4be47d0bb28ba6e64b987cf?uuid=2b8cc291940248ed99cd0c23a3c48543&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=rewind.com&inApp53=false&messagesUtk=3df23cbfb4be47d0bb28ba6e64b987cf&url=https%3A%2F%2Frewind.com%2Fresources%2Fquickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted%2F%3Futm_campaign%3Dqbo_ebook_datasecurity%26utm_medium%3Demail%26_hsmi%3D220361614%26_hsenc%3Dp2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og%26utm_source%3Ddrip_campaign&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 19 Sep 2022 15:00:26 GMT
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 5dee885b-f59e-454f-9f28-7699f6cba272
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
server: cloudflare
access-control-max-age: 604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99%2BN%2BtB3HBrQ9PMjbkc7JFIyUe%2B0T3qdqqKl7NmA50lPRy9LfHW%2BTprPZ1fxB9o%2Bd%2FFfjS%2FFDaiUR7EPPvsH736P%2FlZaLGhut0wodR%2FjMqGjdWFtJ4%2BkyL6PvecxiKOFxAvyHKaOyxFT7iYmlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet
access-control-allow-credentials: true
cf-ray: 74d330df4ffe9a39-FRA
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer

GET
H3 200 welcomeMessages Show response
api.hubspot.com/livechat-public/v1/bots/public/bot/1352369/ Frame 5BEE 993 B
1 KB 177ms
170ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/bots/public/bot/1352369/welcomeMessages?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.13130&conversations-visitor-ui=static-1.13130&traceId=3df23cbfb4be47d0bb28ba6e64b987cf&sessionId=AMOaWbLXnCrbG5BjZvFhIuxAs6eVO1OUS2q6OAkInMT6ULppyHTDkRZev6Mi9MkAJ93qs1HL-X-x4xWVLKjkrMOmhdKCZYbPyIvTuPc_-jL3VNakDqx3Rmd-z1pGgVItL8Cjc9lXJRwRhpSrvVXk-FIBwgoEt2Qcka2DwPgwBgwL5ZugcxDWalw

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/head-dlb/static-1.228/bundle.production.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4fa4926c6264955490f43a15949809dcbecd11a7bc8936c616c17022a13a062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://app.hubspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 15:00:26 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: b4c6c05e-ae9f-4020-9833-bcda69e1f7c5
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
server: cloudflare
x-trace: 2B2418F3FA34C3956415FCA94851EB85459527B58F000000000000000000
access-control-max-age: 604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98OL8RO0zk0WqUug2OGaTJcGclo3j1HfY3gP0jyQA12iJy6E9i6%2BTeC5hjNKESUKawrPuD5Nt5fBS6aZHEh980NL%2FY8gTX4d83hB9I50MUasV7dWrVrHUwO5S0UD5uxIuXUZFkH6XcnucdVCxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet
access-control-allow-credentials: true
cf-ray: 74d330df683a9a39-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 Screen%20Shot%202022-08-31%20at%203.02.25%20PM.png
6865219.fs1.hubspotusercontent-na1.net/hubfs/6865219/ 365 KB
367 KB 72ms
37ms Image
image/png 2606:4700:4400::ac40:9ad8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6865219.fs1.hubspotusercontent-na1.net/hubfs/6865219/Screen%20Shot%202022-08-31%20at%203.02.25%20PM.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9a60d14dc3a96db68c919842991b0473f1ce356daaa384c445638a391076d41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-83581774610,P-6865219,FLS-ALL
age: 321668
x-amz-server-side-encryption: AES256
edge-cache-tag: F-83581774610,P-6865219,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.enforceAclForReadsProd 15
x-amz-request-id: 37N4PXH3CY53AZER
etag: "ca04f355fd6270def3a207176da4b69c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.enforceAclForReadsProd 15
x-amz-meta-created-unix-time-millis: 1661972604411
date: Mon, 19 Sep 2022 15:00:26 GMT
via: 1.1 8a18c9375ff4553eb348eedbe6d74372.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: TXL50-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-83581774610,P-6865219,FLS-ALL
x-amz-meta-index-tag: none
content-length: 373942
x-amz-id-2: yvhcOMCu2QItPnrVZ41GLlCpbSIo6FM4Sax+Y1JAaqL2/5RziM0Gz1S/sGiEGRRxHDdz1b0CMpA=
last-modified: Wed, 31 Aug 2022 19:03:25 GMT
server: cloudflare
x-amz-version-id: t7F1G0Blzl4gtcATMN6.8sU5r4_9SUcF
accept-ranges: bytes
cf-ray: 74d330e308319b3d-FRA
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-cf-id: FHRiYlzGT5RVn83V95noJWvdCkybiSXEvIWt1ja-9QXIjOKnJruWBQ==

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 52ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JN2R9DMY13&gtm=2oe9e0&_p=136671648&gcs=G100&cid=1709252413.1663599623&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=2&sid=1663599622&sct=1&seg=0&dl=https%3A%2F%2Frewind.com%2Fresources%2Fquickbooks-pro-advisor-saves-8-hours-of-work-after-sales-receipts-are-deleted%2F%3Futm_campaign%3Dqbo_ebook_datasecurity%26utm_medium%3Demail%26_hsmi%3D220361614%26_hsenc%3Dp2ANqtz-9MWsNMRXVMIn6XZ42jnq4_21XC0Tuka98oqq_ful1ibYXj3ENml1_dWkXbRKQK6cYtAkOFxHMaz3LCoa08FWOZki77og%26utm_source%3Ddrip_campaign&dt=How%20Kellie%20Parks%20Goes%20Above%20and%20Beyond%20for%20Clients%20%7C%20Rewind&en=set_user_icp&ep.content_group=Resources%20Content&_et=4&up.user_icp=Accounting%20ICP
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JN2R9DMY13&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rewind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 15:00:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rewind.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.email.rewind.io/	1970-01-20 06:06:41	Name: __cf_bm Value: mQpn3S6rDT8i0uyG_YMLkFFqR1qfhwlSv_ofhiyazVs-1663599620-0-AUPVs4jg+2yyJlsZQ5Wn29YCGtmczIdKoxHUpuIa1c42IGnB/TitKHTM0DaHR5wN6X3nnyy6wUNLb6l2Px8DwLE=
.email.rewind.io/	1969-12-31 23:59:59	Name: __cfruid Value: bc104f3f68fd7cc0911d9098000e634c92aef324-1663599620
.tiktok.com/	1970-01-20 15:28:15	Name: _ttp Value: 2EzXwCRCj0qREVQ3fCsAQWFG6rG
.rewind.com/	1970-01-20 15:28:15	Name: _tt_enable_cookie Value: 1
.rewind.com/	1970-01-20 15:28:15	Name: _ttp Value: b5456023-c229-4fde-babe-c0f951614690
.rewind.com/	1970-01-20 14:52:15	Name: ajs_anonymous_id Value: 89ab4f77-38ac-4196-927a-a6b560f9bb90
.rewind.com/	1970-01-20 10:25:51	Name: hubspotutk Value: fc8eab8054a9600a5e039fe3f4cb0b35
.hubspot.com/	1970-01-20 06:06:41	Name: __cf_bm Value: 3Ho46buXMqmL7km.POaT_nr5bRnTKeA0hjecbFm2DOU-1663599625-0-AVc2MsKT/qP/Qx+DdnjiNEQ63ZULVnVkSrzOADzg1awx7iTwFrV8buaH7sTbMNmlCupBVRwfijaUvo+vUkLCS9w=
.rewind.com/	1970-01-20 10:25:51	Name: messagesUtk Value: 3df23cbfb4be47d0bb28ba6e64b987cf

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://js.usemessages.com/conversations-embed.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://app.hubspot.com') does not match the recipient window's origin ('https://rewind.com').
security	error	URL: https://js.usemessages.com/conversations-embed.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://app.hubspot.com') does not match the recipient window's origin ('https://rewind.com').
security	error	URL: https://js.usemessages.com/conversations-embed.js Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://app.hubspot.com') does not match the recipient window's origin ('https://rewind.com').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6865219.fs1.hubspotusercontent-na1.net
analytics.tiktok.com
api.hubspot.com
api.segment.io
app.hubspot.com
cdn.jsdelivr.net
cdn.segment.com
connect.facebook.net
consent.cookiebot.com
consentcdn.cookiebot.com
email.rewind.io
exceptions.hs-embed-reporting.com
f.hubspotusercontent10.net
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
grsm.io
gtm-ga-analytics.nn.r.appspot.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
js.hsforms.net
js.hsleadflows.net
js.usemessages.com
pagead2.googlesyndication.com
partnerlinks.io
q.quora.com
region1.google-analytics.com
rewind.com
snippet.growsumo.com
static.hsappstatic.net
track.hubspot.com
www.google-analytics.com
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
141.193.213.11
172.217.18.2
18.66.115.169
2001:4860:4802:34::36
23.36.163.228
2606:2c40::c73c:671f
2606:4700:4400::6812:2aed
2606:4700:4400::ac40:9a55
2606:4700:4400::ac40:9ad8
2606:4700::6810:d7ed
2606:4700::6811:44b0
2606:4700::6811:83ab
2606:4700::6811:9d2
2606:4700::6811:b949
2606:4700::6811:d4cc
2606:4700::6811:eacc
2606:4700::6811:efcc
2606:4700::6812:1f85
2606:4700::6812:246
2606:4700::6812:bd4
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:806::200e
2a00:1450:4001:808::2008
2a00:1450:4001:812::2014
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:830::200e
2a00:1450:400a:802::200a
2a02:26f0:2100:29d::f09
2a02:26f0:2100::58dd:c4ca
2a03:2880:f007:8:face:b00c:0:1
2a04:4e42:200::485
34.215.194.110
52.2.147.16
0be9c85966eeed0b1af9a530e56d8b0ba5cfe2c46d293f4c77b66ddbe9be3d5e
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1590f52adb0ff3eb1a5d0c1a0ef0c1f60d8451c3510fc44bd316919e5daf705f
178ad109b2915167c42594cb509b0bee49d3f65e8761fba18bbb2de56bab556c
1cedb5111627fd56484e69f8afea380fa83ecf77bf3cbbbdef86be56b0271b2f
213b92e8b230c5327f5c082e8fee902c2774a99ba8dea84404b122f3b1c1bce8
28a10037b5fa4dfef9f5e9068e9d33341a67c673a1663795eef6d2ec12b48c90
2bc28926fcdb56bce48f629f6cdac59fee1822fe54a50c92f20b5c7ee8a85418
2d2c44d306bebe99b644ddf549cf9e1b903b74a23722a2160df230678e772362
31cdaecf78ec72e78ed516f4491bcbdbe8de6910a3611bb13d7c542f9c48d9b1
338be55e09986b74b0abf67ba0d09e117698bc411529b3da8f0783a349461bdf
35021b02043f9775121eb5d32005a90882c0487cf1f2c26b07b1d5730aee2486
3892a67c0c01c1db7702b04f4013f1de390c4ae24989801fd7d4b21c3635b2a3
3daf6bcfbcdce1e5e571bac80739b37bf9ee6c1244143afb01f14d647b3276f9
40fe64807d7a8f9a567073b7a65410e71c5d1c17cb23321aa19ee2528bfbb7ce
450ff1eff2f5157dab62462bcdcfe45e1f8273f630334c43d63769a3eea77f2b
5041aac6891e586a66a3bb115ac5cb23a9b0d2ab1d02518433c15758fefe311e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5678810bf1c13d60bc4d55a3ca96c163ffc01f865c4e4a64001fc32ffcd367cb
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5e457defed249fdd5e14f6f8b613a6b5a383490ad33226eedad1701497e07ee0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c9daaada7b450562c65d6f9dcb6ddea787748c54dd518b07b93095400cb1aba
7190f8d0ed177455772e4df792d2bddc10df37bc4e0ed13f247cfc9439190c8f
72cac3894a1f4b4b2aa713cc8cda2cbf2f75867d97a17f266d962fb4eabd1b2b
738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104
76174076fe8735bdd902df7a689c118317a6ddfc389354bfb037ce3781058924
76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d
7a2830f8720e8e8edae581bcc9b95a97d97414fa7d6f83faff6f5679fb0a880d
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
818bb8dd7789e61530b541504fde932dac3deaef14d12e2af0e7cde78bf3bf1e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83527037bf4da8286f632b3821b99d87f9dd219fb8e8fa6ab8c39d71f1c3ec59
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
85fa85cbca5efaa81351f2e9b1e8e53916644bff91da6ffc762a151247501ebc
8fbad22272f358d3e1a9e09a50761bd38b44cd558e3316d562e33804f9536a54
920cf800cf526e26e6b914d8b86c5bc9b0c6f722fc6863fdec0bf01db32c7df9
979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec
9abdea148f6bb2fd5f4d3a947661b46f077584cfc3691deb29fa7cb25d2e00a6
9f197e930b4b8bc074e6130dab0db7c376cfea5f92808cf7f3a5c44b48606f3b
9f9c20e7e3fa6dc6a21aaa3e9b025d2b734d4def2dd4fdbbb37cea01f1848075
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3bb862065484f32a642807e3a9aa5b9288eb09ea51692aa3bf6dd8d3b31ed29
ac6105c92d4caecc12a7ea6d383989441b930383e6d0518fecc1b7c1fb39a76a
ad25bee723c50b7aa157fae2c483b1b76570055cfcc4cd0afc0058e385a10038
afe084fa5f65a8f7d14eed7059d69e27dabaa32d1d370f389c298992b2de8c90
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b99bb947bc19ef0f4b3b4b95018d3a5e9c34bc3d85fe3843a64bcec94947ffa5
bc3b175c482f1f54f77d4ccad5366704cc4b0daa2a88e653f509fe88a92c53e4
bdb6d144db3b9a08fea080ab9298d1a7612ec896a7a8e2d90ad61caef1aeab97
be9a98f4de67bcb98e6062b7f323697e9a55a2ae8a4a9a1b4c6ea004487fe3a0
beb1326213a3a171bf71bf72efb833891e3b634d91a06dfdc4e9a3f60a50bad4
bf3a88c35bdc16d97403947a9f9188faf13af9a6776529a422286716605d5fee
c3b290acc757a7883a43b7d5ef51f1f7accd0f3447584c86ce4267cd4886e6da
c4fa4926c6264955490f43a15949809dcbecd11a7bc8936c616c17022a13a062
d04d3da0f200f9fa991389e4522c8ccd50bcd22ec29f2ceff218bece651c0215
d07dcdbb3ddaba0dda7d56d496cbb5d8fbb1bdadc23f812126d3c4c6ab39e158
d39d1b72e04560ab4f1d103af0b7820973caf0a3226a89bbf1b7d82e7dcead55
d5f78a2104ce4fb19c06c12e5f15e0eb18f8221a1becc347d9bb9ec59fc14dde
d6390dbf4e23a532fa3efad24c99004e967138772cf0d435bbdeca8bc5f60daa
d737b8b63ef186afc32474289147d811addb77fbdc135b2c6e0da4c2820a274c
d863cb29f3a032f2bed79f4424940590c5965a653852296ea6b0d4cadebe3b5e
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
df16c3f73192f31f33e05af39f63a370e531fa06279ae7f0c10c5fd003bbaa5f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b99178c5da6ff4d7f612c2c76c390f0a6485f16d87214aca7bca276aaebb86
e57d37aeb528f9372cf16cfb91d28c2b2d7d92c1dcb7a0533b4f9f5a2c6d8dd4
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e79b59c22ca684f9de8a73d41964f0c80ee9ca68713f35c33ad4fccf8cf64ffa
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42
ec0e78ba3786d620f16943844c3da6aac1f029dc4ec6fb35456d019508679ff1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9a60d14dc3a96db68c919842991b0473f1ce356daaa384c445638a391076d41
fef5baa2ae6da90060ccc745a0d788f166d1224b40104a66920772c5a083615d

rewind.com Open in urlscan Pro 141.193.213.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

109 Requests

100 %HTTPS

83 %IPv6

32 Domains

37 Subdomains

36 IPs

4 Countries

3206 kBTransfer

8902 kBSize

9 Cookies

16 Outgoing links

Page URL History

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

rewind.com Open in urlscan Pro
141.193.213.11 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

100 %
HTTPS

83 %
IPv6

32
Domains

37
Subdomains

36
IPs

4
Countries

3206 kB
Transfer

8902 kB
Size

9
Cookies

109 HTTP transactions
1 data transactions