sponsor.snowballwealth.com Open in urlscan Pro
35.71.142.77  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response sponsor.snowballwealth.com/	175 KB 18 KB	200ms 62ms	Document text/html	35.71.142.77 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sponsor.snowballwealth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.71.142.77 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a0b1d980e1f2226c6.awsglobalaccelerator.com Software Framer/72d08bf / Resource Hash cf038d42354e8d6488d489ce1ced08202b2bbbedc3068ca95162c755e70799b9 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control public, max-age=0, must-revalidate content-encoding br content-length 18426 content-type text/html date Thu, 14 Dec 2023 22:59:05 GMT etag "d8c5735080516888bdd94653cfa137c5" last-modified Thu, 14 Dec 2023 21:17:25 GMT link <https://framerusercontent.com>; rel="preconnect", <https://framerusercontent.com>; rel="preconnect"; crossorigin="" server Framer/72d08bf server-timing region;desc="us-east-1", cache;desc="cached", ssg-status;desc="optimized", version;desc="72d08bf" strict-transport-security max-age=31536000 vary Accept-Encoding
GET H2	200	js Show response www.googletagmanager.com/gtag/	193 KB 72 KB	232ms 89ms	Script application/javascript	2607:f8b0:4006:820::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-116189896 Requested by Host: sponsor.snowballwealth.com URL: https://sponsor.snowballwealth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b5d75adb33200b159f37a00cce70ec21c99c511fa51a09884d13986db7cfe089 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://sponsor.snowballwealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:59:06 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 72860 x-xss-protection 0 last-modified Thu, 14 Dec 2023 21:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 14 Dec 2023 22:59:06 GMT
GET H2	200	chunk-TT63XNBW.mjs Show response framerusercontent.com/sites/5LFqMUuNy216B4j9NS0QNl/	237 B 992 B	423ms 245ms	Script text/javascript	2600:9000:247b:f000:d:ada1:a280:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://framerusercontent.com/sites/5LFqMUuNy216B4j9NS0QNl/chunk-TT63XNBW.mjs Requested by Host: sponsor.snowballwealth.com URL: https://sponsor.snowballwealth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:247b:f000:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 1c97fd765cfd0fdca8ad87691b3cfe6ec988047c270fa805df232b9ecb897acc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Referer https://sponsor.snowballwealth.com/ Origin https://sponsor.snowballwealth.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 18:45:15 GMT x-amz-version-id IfTbLp8Vovy0rI1P_p8nCjFdNej8xskW x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 bffa19ead06e9ee83bebfec5c8e05aa4.cloudfront.net (CloudFront) x-amz-cf-pop JFK52-P2 age 15232 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 237 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 14 Dec 2023 18:40:51 GMT server CloudFront etag "86073eb3724c1fdefa829b7be1ae5886" access-control-max-age 0 access-control-allow-methods GET content-type text/javascript access-control-allow-origin * x-frame-options deny cache-control public, max-age=31536000, immutable vary Origin accept-ranges bytes x-amz-cf-id m3GhqLKcQ2P0PbLz_83NmpR8v7EQVaGCs_Gy4o9Nr2-Z1TAS5y6-Lg==
GET H2	200	chunk-EUXGNT3W.mjs Show response framerusercontent.com/sites/5LFqMUuNy216B4j9NS0QNl/	510 KB 151 KB	262ms 84ms	Script text/javascript	2600:9000:247b:f000:d:ada1:a280:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://framerusercontent.com/sites/5LFqMUuNy216B4j9NS0QNl/chunk-EUXGNT3W.mjs Requested by Host: sponsor.snowballwealth.com URL: https://sponsor.snowballwealth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:247b:f000:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 278a76368cdd41d73a98b3fd4d6f3c7e5f97d239f1defaaf3695161361ff66ef Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Referer https://sponsor.snowballwealth.com/ Origin https://sponsor.snowballwealth.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 18:45:15 GMT x-amz-version-id Svre1GqoO2jizHw2ySKh_01kceWJGjjD x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br via 1.1 bffa19ead06e9ee83bebfec5c8e05aa4.cloudfront.net (CloudFront) x-amz-cf-pop JFK52-P2 x-amz-server-side-encryption AES256 age 15232 x-cache Hit from cloudfront x-amz-replication-status COMPLETED cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 14 Dec 2023 18:40:51 GMT server CloudFront etag W/"047203dd52e581e92531f18e8dfa7308" access-control-max-age 0 access-control-allow-methods GET content-type text/javascript access-control-allow-origin * x-frame-options deny cache-control public, max-age=31536000, immutable vary Accept-Encoding,Origin x-amz-cf-id cYnZEVHGrSo_5BHVYtJUlsck_WcqKSjQ7SyGjpsRpVaiPrv9lezDXQ==
GET H2	200	chunk-ELYU6EKT.mjs Show response framerusercontent.com/sites/5LFqMUuNy216B4j9NS0QNl/	447 B 1 KB	421ms 244ms	Script text/javascript	2600:9000:247b:f000:d:ada1:a280:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://framerusercontent.com/sites/5LFqMUuNy216B4j9NS0QNl/chunk-ELYU6EKT.mjs Requested by Host: sponsor.snowballwealth.com URL: https://sponsor.snowballwealth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:247b:f000:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 4e0ea1029eab3b7c0bb3183eaa684b29064f2de371720317b8a35519fe26589e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Referer https://sponsor.snowballwealth.com/ Origin https://sponsor.snowballwealth.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 18:45:15 GMT x-amz-version-id K2WdCK_ioZPSH924NkyYQRuatGUBYjnS x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 bffa19ead06e9ee83bebfec5c8e05aa4.cloudfront.net (CloudFront) x-amz-cf-pop JFK52-P2 age 15232 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 447 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 14 Dec 2023 18:40:51 GMT server CloudFront etag "bac0d5b5f6a61029b51079932ccda746" access-control-max-age 0 access-control-allow-methods GET content-type text/javascript access-control-allow-origin * x-frame-options deny cache-control public, max-age=31536000, immutable vary Origin accept-ranges bytes x-amz-cf-id MYbS1MeSLkLKKF1LzgtBnV7xB1fDVJNs8m2qD-lUEjHurXyGIz97hg==
GET H2	200	AclZw8Xc39DIvB9EIViIXnZM_dfqPpAA3m9QkeP1WgQ.JJOFHC3K.mjs Show response framerusercontent.com/sites/5LFqMUuNy216B4j9NS0QNl/	86 KB 12 KB	423ms 246ms	Script text/javascript	2600:9000:247b:f000:d:ada1:a280:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://framerusercontent.com/sites/5LFqMUuNy216B4j9NS0QNl/AclZw8Xc39DIvB9EIViIXnZM_dfqPpAA3m9QkeP1WgQ.JJOFHC3K.mjs Requested by Host: sponsor.snowballwealth.com URL: https://sponsor.snowballwealth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:247b:f000:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash d2cc81f1cff226f77c138bd67916c7f47a9b172829d63c5c954c497fbe19cdf1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Referer https://sponsor.snowballwealth.com/ Origin https://sponsor.snowballwealth.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:32:15 GMT x-amz-version-id Mw9rjAGBc7olu56WEFl291wcXXliM1Ny x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br via 1.1 bffa19ead06e9ee83bebfec5c8e05aa4.cloudfront.net (CloudFront) x-amz-cf-pop JFK52-P2 x-amz-server-side-encryption AES256 age 1612 x-cache Hit from cloudfront x-amz-replication-status COMPLETED cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 14 Dec 2023 21:17:24 GMT server CloudFront etag W/"488c57e32cf739150ba1bdb11450d882" access-control-max-age 0 access-control-allow-methods GET content-type text/javascript access-control-allow-origin * x-frame-options deny cache-control public, max-age=31536000, immutable vary Accept-Encoding,Origin x-amz-cf-id z8wQOz42ANxdAU-KY2hhLqsz1sZT1GT5-unH9QuKInOrtW8PZQVbLQ==
GET H2	200	chunk-J2BPNPTH.mjs Show response framerusercontent.com/sites/5LFqMUuNy216B4j9NS0QNl/	1 KB 1 KB	249ms 72ms	Script text/javascript	2600:9000:247b:f000:d:ada1:a280:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://framerusercontent.com/sites/5LFqMUuNy216B4j9NS0QNl/chunk-J2BPNPTH.mjs Requested by Host: sponsor.snowballwealth.com URL: https://sponsor.snowballwealth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:247b:f000:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 5bb8b1fba1ad4fff7aff419005ffd4c551fab1451be5dd1740dfa5328884ad8a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Referer https://sponsor.snowballwealth.com/ Origin https://sponsor.snowballwealth.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 18:45:15 GMT x-amz-version-id 2mrmPcswGI0rYaBKwkZgK8.zCc0qaQbo x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br via 1.1 bffa19ead06e9ee83bebfec5c8e05aa4.cloudfront.net (CloudFront) x-amz-cf-pop JFK52-P2 x-amz-server-side-encryption AES256 age 15232 x-cache Hit from cloudfront x-amz-replication-status COMPLETED cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 14 Dec 2023 18:40:51 GMT server CloudFront etag W/"db73293a988fed54ef69c32e7eec29fc" access-control-max-age 0 access-control-allow-methods GET content-type text/javascript access-control-allow-origin * x-frame-options deny cache-control public, max-age=31536000, immutable vary Accept-Encoding,Origin x-amz-cf-id 8htFhQ0xWNNRk-SZ9cwGHLo_vFyfX1JvGGu1OcnigLQkrqSbfOce8A==
GET H2	200	chunk-GGFK46G4.mjs Show response framerusercontent.com/sites/5LFqMUuNy216B4j9NS0QNl/	736 B 1 KB	250ms 73ms	Script text/javascript	2600:9000:247b:f000:d:ada1:a280:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://framerusercontent.com/sites/5LFqMUuNy216B4j9NS0QNl/chunk-GGFK46G4.mjs Requested by Host: sponsor.snowballwealth.com URL: https://sponsor.snowballwealth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:247b:f000:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 316c737a8a8fbde360f3b0092c22919f285dd1c99af892191c8309dc41d28fe2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Referer https://sponsor.snowballwealth.com/ Origin https://sponsor.snowballwealth.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 18:45:15 GMT x-amz-version-id JhoqAaZ0nZSD6_37X6NdGA4L6nVLcESz x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 bffa19ead06e9ee83bebfec5c8e05aa4.cloudfront.net (CloudFront) x-amz-cf-pop JFK52-P2 age 15232 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 736 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 14 Dec 2023 18:40:51 GMT server CloudFront etag "61c1d7d2dc1ccd38a1527a8956371c10" access-control-max-age 0 access-control-allow-methods GET content-type text/javascript access-control-allow-origin * x-frame-options deny cache-control public, max-age=31536000, immutable vary Origin accept-ranges bytes x-amz-cf-id ft6tcN0wbyqDpou8IvmxT9tegpyEPmc7fF7mztvpnBgHxjzUNgqEZw==
GET H2	200	script Show response events.framer.com/	15 KB 16 KB	245ms 82ms	Script text/javascript	13.225.63.86 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://events.framer.com/script Requested by Host: sponsor.snowballwealth.com URL: https://sponsor.snowballwealth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.63.86 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-63-86.ewr53.r.cloudfront.net Software / Resource Hash 0a75bfd9c51bb5e02f71c03d3d40303736ebc93448d59099dd36d4151fb9393e Request headers accept-language en-US,en;q=0.9 Referer https://sponsor.snowballwealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:59:06 GMT via 1.1 e5accc89e6f6f7fa6c73134d02aeb428.cloudfront.net (CloudFront) x-amzn-remapped-content-length 15602 x-amz-cf-pop EWR53-C1 x-amzn-trace-id Root=1-657b88ba-34a78eed1d595f267e9d4a26 x-amzn-requestid b0787c7c-bbd5-4a9d-84f9-bc728f2894ff x-cache Miss from cloudfront content-type text/javascript timestamp Thu, 14 Dec 2023 22:58:08 GMT x-amz-apigw-id P9JNMFqroAMEuFA= content-length 15602 x-amz-cf-id jEHbXjmLNqU-cmSZIV9fY0rEVKy00Y5mQEAqvF7GVaqVR3pw1hD5Mw==
GET H2	200	pTnglSrUDoQLHKXdz7dCkXrh4.svg framerusercontent.com/images/	34 KB 35 KB	78ms 78ms	Image image/svg+xml	2600:9000:247b:f000:d:ada1:a280:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://framerusercontent.com/images/pTnglSrUDoQLHKXdz7dCkXrh4.svg Requested by Host: sponsor.snowballwealth.com URL: https://sponsor.snowballwealth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:247b:f000:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 922f5c7d75d80e8fcec99ed8e7487a066e0916cf84b6dd9acc0f38c04dd53e64 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://sponsor.snowballwealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 11 Dec 2023 21:55:42 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff via 1.1 0a9d1f4cf41c66fe38072ba9d4053f7e.cloudfront.net (CloudFront) x-amz-cf-pop JFK52-P2 age 263004 x-amzn-requestid d436613e-3e68-4917-80d1-ca286a99291b x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin server CloudFront x-amzn-trace-id root=1-6577855d-384436c06e65d631078f12be;sampled=1;lineage=f456f256:0 x-frame-options deny vary Accept content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 x-amz-cf-id zjMwbmRoQCIqm-pAJPrIDn3ERRT6TnMWMMIpRBJVxKFwj1cMzyEYeQ==
GET H2	200	yQAR6hgynJoPAoATrpHBanoZvNo.jpg framerusercontent.com/images/	307 KB 308 KB	79ms 78ms	Image image/webp	2600:9000:247b:f000:d:ada1:a280:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://framerusercontent.com/images/yQAR6hgynJoPAoATrpHBanoZvNo.jpg?scale-down-to=2048 Requested by Host: sponsor.snowballwealth.com URL: https://sponsor.snowballwealth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:247b:f000:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash d91dd799623632baae9c875f05d2964f39553e1c2e874aa88f86bacd49f124ad Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://sponsor.snowballwealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 19:06:52 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff via 1.1 0a9d1f4cf41c66fe38072ba9d4053f7e.cloudfront.net (CloudFront) x-amz-cf-pop JFK52-P2 age 13934 x-amzn-requestid 96913cdf-2ecb-4303-a594-5771b127c422 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin server CloudFront x-amzn-trace-id root=1-657b524a-68d0a26e7d87059f706c5c8e;sampled=1;lineage=f456f256:0 x-frame-options deny vary Accept content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-amz-cf-id Sxe67-sdAWsPcAURWH-tU6FZ8Eu76vmABFRSEcoyLkemse4G1ymT1Q==
GET H2	200	default_script0.I6K45CDI.mjs Show response framerusercontent.com/sites/5LFqMUuNy216B4j9NS0QNl/	1 KB 2 KB	395ms 246ms	Script text/javascript	2600:9000:247b:f000:d:ada1:a280:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://framerusercontent.com/sites/5LFqMUuNy216B4j9NS0QNl/default_script0.I6K45CDI.mjs Requested by Host: sponsor.snowballwealth.com URL: https://sponsor.snowballwealth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:247b:f000:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 3fdbfcc2eee0e71ac8f2c1bf36b8676791dd1532c5d2ba1f76c2709865f36abd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Referer https://sponsor.snowballwealth.com/ Origin https://sponsor.snowballwealth.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 22:32:15 GMT x-amz-version-id dZLkc59NZ6zKly16QqKAyWnvMdFgxLxI x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br via 1.1 bffa19ead06e9ee83bebfec5c8e05aa4.cloudfront.net (CloudFront) x-amz-cf-pop JFK52-P2 x-amz-server-side-encryption AES256 age 1612 x-cache Hit from cloudfront x-amz-replication-status COMPLETED cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 14 Dec 2023 21:17:24 GMT server CloudFront etag W/"2919887e6b76e08ff2832bb717e287e5" access-control-max-age 0 access-control-allow-methods GET content-type text/javascript access-control-allow-origin * x-frame-options deny cache-control public, max-age=31536000, immutable vary Accept-Encoding,Origin x-amz-cf-id a8upRZJ8l4wOHlmS4TdlGDMNMWYBhDkefnC7WcPdlHKiHyGopRjwkw==
GET H2	200	Inter-Medium.latin-Y3IVPL46.woff2 app.framerstatic.com/	19 KB 20 KB	311ms 132ms	Font font/woff2	2600:9000:21ea:1200:d:6b42:4ec0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.framerstatic.com/Inter-Medium.latin-Y3IVPL46.woff2 Requested by Host: sponsor.snowballwealth.com URL: https://sponsor.snowballwealth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ea:1200:d:6b42:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash c861d136456a64c9c5619e9fa7c37c80144ea5d8879d88554c1f8abaaae891bf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Referer https://sponsor.snowballwealth.com/ Origin https://sponsor.snowballwealth.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 14 Mar 2023 10:24:11 GMT x-amz-version-id null x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 cae77502d3847ca96378af9649c50cb4.cloudfront.net (CloudFront) x-amz-cf-pop EWR50-C1 age 23805296 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 19904 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Tue, 14 Mar 2023 10:19:13 GMT server CloudFront etag "f366e7b832c6d0e8a2038665895c0762" access-control-max-age 3600 access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * x-frame-options deny cache-control public, max-age=31536000, immutable accept-ranges bytes access-control-allow-headers * x-amz-cf-id Buuk7plVb-_DUb-_eVTD3eOUT0yBvXCgEagHLK8eOpJMvYxA7nF0CA==
GET H2	200	Inter-ExtraBold.latin-OW4UGSRU.woff2 app.framerstatic.com/	20 KB 20 KB	326ms 147ms	Font font/woff2	2600:9000:21ea:1200:d:6b42:4ec0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.framerstatic.com/Inter-ExtraBold.latin-OW4UGSRU.woff2 Requested by Host: sponsor.snowballwealth.com URL: https://sponsor.snowballwealth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ea:1200:d:6b42:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash c2ead6a5abe1bc404cea3f51ec86757a2cf4952c42e61b9a50e479dd18e74f16 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Referer https://sponsor.snowballwealth.com/ Origin https://sponsor.snowballwealth.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 06 Apr 2023 16:56:44 GMT x-amz-version-id null x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 cae77502d3847ca96378af9649c50cb4.cloudfront.net (CloudFront) x-amz-cf-pop EWR50-C1 age 21794543 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 19984 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 06 Apr 2023 15:49:44 GMT server CloudFront etag "6b1155e6921bf0c3bdec4800c259df41" access-control-max-age 3600 access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * x-frame-options deny cache-control public, max-age=31536000, immutable accept-ranges bytes access-control-allow-headers * x-amz-cf-id _d9mJ4X5gqat8c96BxHJhEWYxI1u2ck5agSkmzt4N5HnJwEFF0ErwQ==
GET H2	200	Inter-Bold.latin-UCM45LQF.woff2 app.framerstatic.com/	20 KB 20 KB	254ms 78ms	Font font/woff2	2600:9000:21ea:1200:d:6b42:4ec0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.framerstatic.com/Inter-Bold.latin-UCM45LQF.woff2 Requested by Host: sponsor.snowballwealth.com URL: https://sponsor.snowballwealth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ea:1200:d:6b42:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash e7c0f0baf495ababe3f877837b419d6e3386ea06f7f39e66c34b1d639e55a5d5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Referer https://sponsor.snowballwealth.com/ Origin https://sponsor.snowballwealth.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 14 Mar 2023 10:24:11 GMT x-amz-version-id null x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 cae77502d3847ca96378af9649c50cb4.cloudfront.net (CloudFront) x-amz-cf-pop EWR50-C1 age 23805296 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 20000 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Tue, 14 Mar 2023 10:19:13 GMT server CloudFront etag "463f0c722a07aa2be781488e9fc88aca" access-control-max-age 3600 access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * x-frame-options deny cache-control public, max-age=31536000, immutable accept-ranges bytes access-control-allow-headers * x-amz-cf-id px_E58A1eYCbYoaZ5h8kD8onxaLRbRM2ClBiRKOPLwvlyljMEaRDaA==
GET H2	200	Inter-SemiBold.latin-RDYY2AG2.woff2 app.framerstatic.com/	20 KB 20 KB	343ms 167ms	Font font/woff2	2600:9000:21ea:1200:d:6b42:4ec0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.framerstatic.com/Inter-SemiBold.latin-RDYY2AG2.woff2 Requested by Host: sponsor.snowballwealth.com URL: https://sponsor.snowballwealth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ea:1200:d:6b42:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash fc7298db7d88e095c67673d0dae268cd4fc070571692a6df810e80d8cba03157 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Referer https://sponsor.snowballwealth.com/ Origin https://sponsor.snowballwealth.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 31 Oct 2023 07:55:24 GMT x-amz-version-id null x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 cae77502d3847ca96378af9649c50cb4.cloudfront.net (CloudFront) x-amz-cf-pop EWR50-C1 age 3855823 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 20072 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Mon, 30 Oct 2023 21:50:56 GMT server CloudFront etag "6a7880ce1bd9abb417faf126dccfd935" access-control-max-age 3600 access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * x-frame-options deny cache-control public, max-age=31536000, immutable accept-ranges bytes access-control-allow-headers * x-amz-cf-id ZCXNy8utl_xa1ud-xi8OPrelVOdjtNEATodO5YwqjwvPRBlDzEaTkg==
GET H2	200	Inter-Black.latin-TETRYDF7.woff2 app.framerstatic.com/	19 KB 19 KB	328ms 153ms	Font font/woff2	2600:9000:21ea:1200:d:6b42:4ec0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.framerstatic.com/Inter-Black.latin-TETRYDF7.woff2 Requested by Host: sponsor.snowballwealth.com URL: https://sponsor.snowballwealth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21ea:1200:d:6b42:4ec0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash c9b8ebe92da39f43cd157f1aa073b94f80a78fd33655c00368bdc3ec2d3b55bf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Referer https://sponsor.snowballwealth.com/ Origin https://sponsor.snowballwealth.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 16 Mar 2023 13:00:43 GMT x-amz-version-id null x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 cae77502d3847ca96378af9649c50cb4.cloudfront.net (CloudFront) x-amz-cf-pop EWR50-C1 age 23623103 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 19220 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Thu, 16 Mar 2023 12:40:27 GMT server CloudFront etag "c6867e20dcc490c6f443937948147e49" access-control-max-age 3600 access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * x-frame-options deny cache-control public, max-age=31536000, immutable accept-ranges bytes access-control-allow-headers * x-amz-cf-id zGPQajeKbnVkKSMQ5AV_-cTJE8ldkRGBsECMMmL5VvzO26s7RBml5g==
GET H2	200	3bcHAE278daz9vhCm0L7PbtNM4.png framerusercontent.com/images/	10 KB 11 KB	326ms 324ms	Image image/webp	2600:9000:247b:f000:d:ada1:a280:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://framerusercontent.com/images/3bcHAE278daz9vhCm0L7PbtNM4.png?scale-down-to=512 Requested by Host: sponsor.snowballwealth.com URL: https://sponsor.snowballwealth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:247b:f000:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 6d811eb0d714e1b4287cfd7d7e317dd7fc52fd92c65f3c73d2c80db18bbae4b3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://sponsor.snowballwealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 18:59:58 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff via 1.1 0a9d1f4cf41c66fe38072ba9d4053f7e.cloudfront.net (CloudFront) x-amz-cf-pop JFK52-P2 age 14348 x-amzn-requestid f55b2a9f-563c-4e74-ab47-d8465312ccc4 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin server CloudFront x-amzn-trace-id root=1-657b50ae-562a199303c2a90258679f36;sampled=1;lineage=f456f256:0 x-frame-options deny vary Accept content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-amz-cf-id x9bJknQvKDgPVOu-A3uyefTTggN6V9opqZpptccX16Wfn6UxxiyxxQ==
GET H2	200	5l7HiRcZCSq3HCLvnOfgSBnLmI.png framerusercontent.com/images/	5 KB 6 KB	322ms 321ms	Image image/webp	2600:9000:247b:f000:d:ada1:a280:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://framerusercontent.com/images/5l7HiRcZCSq3HCLvnOfgSBnLmI.png?scale-down-to=512 Requested by Host: sponsor.snowballwealth.com URL: https://sponsor.snowballwealth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:247b:f000:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash ce7ef752afc82837e5dbd786c602ec2241ec71eb97033df14bcda59cb45e7220 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://sponsor.snowballwealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 19:00:13 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff via 1.1 0a9d1f4cf41c66fe38072ba9d4053f7e.cloudfront.net (CloudFront) x-amz-cf-pop JFK52-P2 age 14333 x-amzn-requestid aa51d93b-3f94-4c4a-9e12-47e31302ab97 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin server CloudFront x-amzn-trace-id root=1-657b50bd-1aab698869722a44477aa998;sampled=0;lineage=f456f256:0 x-frame-options deny vary Accept content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-amz-cf-id t6t32Bb8A99DJlGH_fqK6795Zk_U1T3KZKiUUFZLyStuAAkCZoTYOQ==
GET H2	200	jntVE14HZrAA1tH2Hb2jDmIKn0.png framerusercontent.com/images/	15 KB 15 KB	336ms 335ms	Image image/webp	2600:9000:247b:f000:d:ada1:a280:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://framerusercontent.com/images/jntVE14HZrAA1tH2Hb2jDmIKn0.png?scale-down-to=512 Requested by Host: sponsor.snowballwealth.com URL: https://sponsor.snowballwealth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:247b:f000:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash a1df31f831e4dcbcf2de90d8d32206768a9d981bc4e356d1657ff4c8442b728e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://sponsor.snowballwealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 14 Dec 2023 19:01:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff via 1.1 0a9d1f4cf41c66fe38072ba9d4053f7e.cloudfront.net (CloudFront) x-amz-cf-pop JFK52-P2 age 14277 x-amzn-requestid 27486632-5908-4fb4-b6bf-9b9bd6864d14 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin server CloudFront x-amzn-trace-id root=1-657b50f5-72bfc5983bb5c8696f6c9c78;sampled=1;lineage=f456f256:0 x-frame-options deny vary Accept content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-amz-cf-id 2pH8dbO02sfOLi6kfNqijiTKSaXvvyOvJug8dgBUk8oFbNKhgfQyGw==
GET H2	200	gvhDuSH6fnxim5DYOY4k91tCjqk.png framerusercontent.com/images/	19 KB 19 KB	330ms 329ms	Image image/webp	2600:9000:247b:f000:d:ada1:a280:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://framerusercontent.com/images/gvhDuSH6fnxim5DYOY4k91tCjqk.png?scale-down-to=512 Requested by Host: sponsor.snowballwealth.com URL: https://sponsor.snowballwealth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:247b:f000:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 8a0876ce2d95db5a655587860697d33c17d9f8377c1101cd20c1d4b3079b42c0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://sponsor.snowballwealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 13 Dec 2023 01:20:39 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff via 1.1 0a9d1f4cf41c66fe38072ba9d4053f7e.cloudfront.net (CloudFront) x-amz-cf-pop JFK52-P2 age 164307 x-amzn-requestid c147801d-75ab-46fb-a761-4c9ad9ed021c x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin server CloudFront x-amzn-trace-id root=1-657906e7-15c29a056c9e7ef81c6ebdee;sampled=1;lineage=f456f256:0 x-frame-options deny vary Accept content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-amz-cf-id j0SIMVdbENMC_DxPLkHlbgRFrM1VsKP9bui9PR0_XNj2YYTRuHdGBw==
GET H2	200	7wOLFOqDlL4z1kuk3ddBhkOJg0.jpg framerusercontent.com/images/	46 KB 47 KB	342ms 341ms	Image image/webp	2600:9000:247b:f000:d:ada1:a280:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://framerusercontent.com/images/7wOLFOqDlL4z1kuk3ddBhkOJg0.jpg?scale-down-to=512 Requested by Host: sponsor.snowballwealth.com URL: https://sponsor.snowballwealth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:247b:f000:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash e7f6a10c4d882d38dc697ebb9dc1c3b510949b4dbafc828f95bd365399db36a2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://sponsor.snowballwealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 10 Dec 2023 01:17:30 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff via 1.1 0a9d1f4cf41c66fe38072ba9d4053f7e.cloudfront.net (CloudFront) x-amz-cf-pop JFK52-P2 age 423696 x-amzn-requestid 1f800a91-d439-4593-87ab-d60726e22494 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin server CloudFront x-amzn-trace-id root=1-657511a9-6a026d727c11ab5e4fa9f802;sampled=1;lineage=f456f256:0 x-frame-options deny vary Accept content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-amz-cf-id iVYF1GHBaQWm-JZqR3g7bxuydh7ggkQmJNlF61HDFToV7t6gAlkVNg==
GET H2	200	H0axIbj2Sm0j0NvlnPaEaKYGR0.jpg framerusercontent.com/images/	17 KB 18 KB	336ms 335ms	Image image/webp	2600:9000:247b:f000:d:ada1:a280:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://framerusercontent.com/images/H0axIbj2Sm0j0NvlnPaEaKYGR0.jpg?scale-down-to=512 Requested by Host: sponsor.snowballwealth.com URL: https://sponsor.snowballwealth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:247b:f000:d:ada1:a280:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 48584cb657027d9dc32dcab4f0bec7f6425a4e5d23b48edbc13ab0d749a67a95 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://sponsor.snowballwealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 12 Dec 2023 20:16:29 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff via 1.1 0a9d1f4cf41c66fe38072ba9d4053f7e.cloudfront.net (CloudFront) x-amz-cf-pop JFK52-P2 age 182557 x-amzn-requestid bc2c53ba-507b-48f1-b719-60b1066d99df x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin server CloudFront x-amzn-trace-id root=1-6578bf9b-08596f4e6ccb938e17b57277;sampled=1;lineage=f456f256:0 x-frame-options deny vary Accept content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 x-amz-cf-id MKw2b-n0MjeX3-xOwK1ty2pk_d9Y2rqzDqWswlGSIUPvqVc89MPsHA==
OPTIONS H2	200	anonymous events.framer.com/	0 0	214ms 87ms	Preflight application/json	13.225.63.86 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://events.framer.com/anonymous Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.63.86 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-63-86.ewr53.r.cloudfront.net Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://sponsor.snowballwealth.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers access-control-allow-headers Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token access-control-allow-methods OPTIONS,POST access-control-allow-origin * content-length 0 content-type application/json date Thu, 14 Dec 2023 22:59:06 GMT via 1.1 64269b4eda1211bca4d40d7ab2177910.cloudfront.net (CloudFront) x-amz-apigw-id P9JNOFWFoAMEAjA= x-amz-cf-id gANZRzijfBKCl8vnYD04_mWrQdfvqr-iHj7esgkKVyOcsvsQ85xGpg== x-amz-cf-pop EWR53-C1 x-amzn-requestid cd618e94-a849-4436-b33c-6ea4e0209f3b x-cache Miss from cloudfront
POST H2	200	anonymous events.framer.com/	0 0	168ms 167ms	Fetch application/json	13.225.63.86 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://events.framer.com/anonymous Requested by Host: events.framer.com URL: https://events.framer.com/script Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.63.86 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-63-86.ewr53.r.cloudfront.net Software / Resource Hash Request headers Referer https://sponsor.snowballwealth.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type application/json Response headers date Thu, 14 Dec 2023 22:59:06 GMT via 1.1 64269b4eda1211bca4d40d7ab2177910.cloudfront.net (CloudFront) x-amz-cf-pop EWR53-C1 x-amzn-trace-id Root=1-657b88ba-2577e4506ee042ed59bb2377;Sampled=0;lineage=c457ad49:0 x-amzn-requestid 48050cb0-0374-4b71-a111-a0fa12e79a28 x-cache Miss from cloudfront content-type application/json access-control-allow-origin * x-amz-apigw-id P9JNPHDtIAMEcfQ= content-length 0 x-amz-cf-id 1DNlAjaC8Iy_jGcyK9wrhUUBLokeYwoRX05pgDwKgVI1_PS1i6LNqA==
POST H2	204	collect www.google-analytics.com/g/	0 261 B	223ms 81ms	Ping text/plain	2607:f8b0:4006:816::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-116189896&gtm=45je3bt0&_p=1702594746308&gcd=11l1l1l1l1&dma=0&cid=667996465.1702594747&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702594746&sct=1&seg=0&dl=https%3A%2F%2Fsponsor.snowballwealth.com%2F&dt=Snowball%20Wealth%20for%20Schools&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=643 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-116189896 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://sponsor.snowballwealth.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Thu, 14 Dec 2023 22:59:06 GMT server Golfe2 content-type text/plain access-control-allow-origin https://sponsor.snowballwealth.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| gtag object| dataLayer object| animator boolean| HandoffAppearAnimations function| __send_framer_event object| google_tag_manager object| google_tag_data object| gaGlobal function| __framer_importFromPackage object| process

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.snowballwealth.com/	1970-01-21 02:32:34	Name: _ga_116189896 Value: GS1.1.1702594746.1.0.1702594746.0.0.0
			.snowballwealth.com/	1970-01-21 02:32:34	Name: _ga Value: GA1.1.667996465.1702594747

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.framerstatic.com
events.framer.com
framerusercontent.com
sponsor.snowballwealth.com
www.google-analytics.com
www.googletagmanager.com
13.225.63.86
2600:9000:21ea:1200:d:6b42:4ec0:93a1
2600:9000:247b:f000:d:ada1:a280:93a1
2607:f8b0:4006:816::200e
2607:f8b0:4006:820::2008
35.71.142.77
0a75bfd9c51bb5e02f71c03d3d40303736ebc93448d59099dd36d4151fb9393e
1c97fd765cfd0fdca8ad87691b3cfe6ec988047c270fa805df232b9ecb897acc
278a76368cdd41d73a98b3fd4d6f3c7e5f97d239f1defaaf3695161361ff66ef
316c737a8a8fbde360f3b0092c22919f285dd1c99af892191c8309dc41d28fe2
3fdbfcc2eee0e71ac8f2c1bf36b8676791dd1532c5d2ba1f76c2709865f36abd
48584cb657027d9dc32dcab4f0bec7f6425a4e5d23b48edbc13ab0d749a67a95
4e0ea1029eab3b7c0bb3183eaa684b29064f2de371720317b8a35519fe26589e
5bb8b1fba1ad4fff7aff419005ffd4c551fab1451be5dd1740dfa5328884ad8a
6d811eb0d714e1b4287cfd7d7e317dd7fc52fd92c65f3c73d2c80db18bbae4b3
8a0876ce2d95db5a655587860697d33c17d9f8377c1101cd20c1d4b3079b42c0
922f5c7d75d80e8fcec99ed8e7487a066e0916cf84b6dd9acc0f38c04dd53e64
a1df31f831e4dcbcf2de90d8d32206768a9d981bc4e356d1657ff4c8442b728e
b5d75adb33200b159f37a00cce70ec21c99c511fa51a09884d13986db7cfe089
c2ead6a5abe1bc404cea3f51ec86757a2cf4952c42e61b9a50e479dd18e74f16
c861d136456a64c9c5619e9fa7c37c80144ea5d8879d88554c1f8abaaae891bf
c9b8ebe92da39f43cd157f1aa073b94f80a78fd33655c00368bdc3ec2d3b55bf
ce7ef752afc82837e5dbd786c602ec2241ec71eb97033df14bcda59cb45e7220
cf038d42354e8d6488d489ce1ced08202b2bbbedc3068ca95162c755e70799b9
d2cc81f1cff226f77c138bd67916c7f47a9b172829d63c5c954c497fbe19cdf1
d91dd799623632baae9c875f05d2964f39553e1c2e874aa88f86bacd49f124ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7c0f0baf495ababe3f877837b419d6e3386ea06f7f39e66c34b1d639e55a5d5
e7f6a10c4d882d38dc697ebb9dc1c3b510949b4dbafc828f95bd365399db36a2
fc7298db7d88e095c67673d0dae268cd4fc070571692a6df810e80d8cba03157