financeinsights.net Open in urlscan Pro
3.233.32.220 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://financeinsights.net/OpY2TL20PF4wqDwFPD5mktbZLLl?email=cyril.thomas%40eclinicalworks.com
Submission: On June 03 via manual (June 3rd 2024, 5:57:54 pm UTC) from IN — Scanned from DE

Summary HTTP 35 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 14 domains to perform 35 HTTP transactions. The main IP is 3.233.32.220, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is financeinsights.net.
TLS certificate: Issued by Amazon RSA 2048 M03 on November 23rd 2023. Valid for: a year.

This is the only time financeinsights.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	3.233.32.220 3.233.32.220	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2600:9000:237... 2600:9000:237d:a000:14:bf4f:a40:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:237... 2600:9000:237d:b800:5:e4e7:6380:21	16509 (AMAZON-02) (AMAZON-02)
3	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
3	2600:9000:26d... 2600:9000:26da:9000:3:23f5:d040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	136.243.63.184 136.243.63.184	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.173.154.74 18.173.154.74	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0d::9d	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	3.221.96.18 3.221.96.18	14618 (AMAZON-AES) (AMAZON-AES)
35	19

1 3.233.32.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-32-220.compute-1.amazonaws.com

financeinsights.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:237d:a000:14:bf4f:a40:21 (United States)

ASN16509 (AMAZON-02, US)

d281oufm7mm6g9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:b800:5:e4e7:6380:21 (United States)

ASN16509 (AMAZON-02, US)

d3ft0j0pxzxklq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:26da:9000:3:23f5:d040:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.snappykraken.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.63.184 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: xip08.oneall.com

snappykraken.api.oneall.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-74.muc50.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0d::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.221.96.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-96-18.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	cloudfront.net d281oufm7mm6g9.cloudfront.net d3ft0j0pxzxklq.cloudfront.net	1 MB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32 region1.google-analytics.com — Cisco Umbrella Rank: 2533	21 KB
3	gstatic.com fonts.gstatic.com	122 KB
3	snappykraken.com assets.snappykraken.com	8 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	17 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 380 fonts.googleapis.com — Cisco Umbrella Rank: 33	65 KB
2	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 1984 heapanalytics.com — Cisco Umbrella Rank: 1452	38 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	168 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3044	45 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 89	349 B
1	fontawesome.com pro.fontawesome.com — Cisco Umbrella Rank: 5219	16 KB
1	oneall.com snappykraken.api.oneall.com	13 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 310	1 KB
1	financeinsights.net financeinsights.net	16 KB
35	14

	Domain	Requested by
8	d281oufm7mm6g9.cloudfront.net	financeinsights.net d281oufm7mm6g9.cloudfront.net
3	fonts.gstatic.com	fonts.googleapis.com
3	assets.snappykraken.com	financeinsights.net d281oufm7mm6g9.cloudfront.net
3	cdnjs.cloudflare.com	financeinsights.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	financeinsights.net www.googletagmanager.com
2	stackpath.bootstrapcdn.com	financeinsights.net
2	ajax.googleapis.com	financeinsights.net
1	heapanalytics.com	financeinsights.net
1	region1.google-analytics.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn.heapanalytics.com	financeinsights.net
1	pro.fontawesome.com	assets.snappykraken.com
1	fonts.googleapis.com	d281oufm7mm6g9.cloudfront.net
1	snappykraken.api.oneall.com	financeinsights.net
1	cdn.jsdelivr.net	financeinsights.net
1	d3ft0j0pxzxklq.cloudfront.net	financeinsights.net
1	financeinsights.net
35	18

This site contains no links.

Subject Issuer	Validity	Valid
financeinsights.net Amazon RSA 2048 M03	`2023-11-23` - `2024-12-21`	a year	crt.sh
upload.video.google.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-05-25` - `2024-08-23`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
assets.snappykraken.com Amazon RSA 2048 M02	`2024-02-09` - `2025-03-10`	a year	crt.sh
*.api.oneall.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-31` - `2024-07-31`	a year	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M02	`2024-05-29` - `2025-06-26`	a year	crt.sh
*.gstatic.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-13` - `2024-08-05`	3 months	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2023-11-09` - `2024-12-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://financeinsights.net/OpY2TL20PF4wqDwFPD5mktbZLLl?email=cyril.thomas%40eclinicalworks.com
Frame ID: 46990CDB9606D0E582E53D6A21EE21A9
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Retirement Income Teeter-Totter

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

35
Requests

100 %
HTTPS

67 %
IPv6

14
Domains

18
Subdomains

19
IPs

4
Countries

1679 kB
Transfer

2566 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request OpY2TL20PF4wqDwFPD5mktbZLLl Show response
financeinsights.net/ 14 KB
16 KB 848ms
659ms Document
text/html 3.233.32.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://financeinsights.net/OpY2TL20PF4wqDwFPD5mktbZLLl?email=cyril.thomas%40eclinicalworks.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.233.32.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-32-220.compute-1.amazonaws.com
Software: /
Resource Hash: c608b5ea1529f94a87486955ee11a51fc70223328a29d1c32f8fe360c2a49e72

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

apigw-requestid: YzWUdi0qoAMEaTg=
cache-control: no-cache, private
content-length: 14694
content-type: text/html; charset=UTF-8
date: Mon, 03 Jun 2024 17:57:48 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 85 KB
30 KB 36ms
8ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Requested by

Host: financeinsights.net
URL: https://financeinsights.net/OpY2TL20PF4wqDwFPD5mktbZLLl?email=cyril.thomas%40eclinicalworks.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://financeinsights.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 18:42:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30244
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Jun 2025 18:42:46 GMT

GET
H3 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 152 KB
27 KB 33ms
18ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: financeinsights.net
URL: https://financeinsights.net/OpY2TL20PF4wqDwFPD5mktbZLLl?email=cyril.thomas%40eclinicalworks.com

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://financeinsights.net/
Origin: https://financeinsights.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 17:57:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1055
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 16510
cdn-cachedat: 03/18/2024 12:46:56
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"a15c2ac3234aa8f6064ef9c1f7383c37"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: fae70d9389fcfe71cb40f1b1bbfec948
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 88e19154afc665bc-FRA
cdn-requestpullsuccess: True

GET
H2 200 styles.css
d281oufm7mm6g9.cloudfront.net/campaigns/_SK8_LGs/8.19.2_Retirement_Income_Teeter_Totter/assets/css/ 8 KB
8 KB 484ms
442ms Stylesheet
text/css 2600:9000:237d:a000:14:bf4f:a40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d281oufm7mm6g9.cloudfront.net/campaigns/_SK8_LGs/8.19.2_Retirement_Income_Teeter_Totter/assets/css/styles.css
Requested by: Host: financeinsights.net
URL: https://financeinsights.net/OpY2TL20PF4wqDwFPD5mktbZLLl?email=cyril.thomas%40eclinicalworks.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:a000:14:bf4f:a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17fff603297ee0129b1aa0cbd1285951420f6066fb2a82fa27ed23ef7a58d6e1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://financeinsights.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 17:57:50 GMT
x-amz-version-id: TdOSRQnYy4ZnAL0O0kKuBkXXp7.iYmQK
via: 1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
last-modified: Tue, 31 Aug 2021 16:28:30 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
etag: "72fc76ba5adbfc054dd3ce3aa59b5ed1"
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 8093
x-amz-cf-id: 4EsezTE-KJ_NXeqvDm-ljksg3H8ZXo4P674nuLuFD0707D6JTmGRaA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 205 KB
74 KB 89ms
47ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-78645440-6

Requested by

Host: financeinsights.net
URL: https://financeinsights.net/OpY2TL20PF4wqDwFPD5mktbZLLl?email=cyril.thomas%40eclinicalworks.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f3822e3f415ab97cae6a4af2b833fa2c9da9d32cf05a44b8ea39579cd12a4bf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://financeinsights.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 17:57:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75553
x-xss-protection: 0
last-modified: Mon, 03 Jun 2024 16:10:38 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 Jun 2024 17:57:49 GMT

GET
H2 200 img_pdf_v4.png
d281oufm7mm6g9.cloudfront.net/campaigns/_SK8_LGs/8.19.2_Retirement_Income_Teeter_Totter/assets/img/ 215 KB
216 KB 466ms
425ms Image
image/png 2600:9000:237d:a000:14:bf4f:a40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d281oufm7mm6g9.cloudfront.net/campaigns/_SK8_LGs/8.19.2_Retirement_Income_Teeter_Totter/assets/img/img_pdf_v4.png
Requested by: Host: financeinsights.net
URL: https://financeinsights.net/OpY2TL20PF4wqDwFPD5mktbZLLl?email=cyril.thomas%40eclinicalworks.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:a000:14:bf4f:a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf028d8bda23054f92ba47de3cecce4ad3d9f21a977783376408d2fafe50db16

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://financeinsights.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: qNJWoW4Z6Ie14GAC31oCurDs1JNtaQhg
date: Mon, 03 Jun 2024 17:57:50 GMT
via: 1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
last-modified: Wed, 18 Aug 2021 12:11:32 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
etag: "86b1b36ce89bd3201f28e383336b58a8"
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 220632
x-amz-cf-id: RrjwFTjqEvZsS70ZZm7qCriL2D920rT53ishosIAex0FFgicQEOTJA==

GET
H2 200 img_pdf.png
d281oufm7mm6g9.cloudfront.net/campaigns/_SK8_LGs/8.19.2_Retirement_Income_Teeter_Totter/assets/img/ 215 KB
216 KB 454ms
413ms Image
image/png 2600:9000:237d:a000:14:bf4f:a40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d281oufm7mm6g9.cloudfront.net/campaigns/_SK8_LGs/8.19.2_Retirement_Income_Teeter_Totter/assets/img/img_pdf.png
Requested by: Host: financeinsights.net
URL: https://financeinsights.net/OpY2TL20PF4wqDwFPD5mktbZLLl?email=cyril.thomas%40eclinicalworks.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:a000:14:bf4f:a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf028d8bda23054f92ba47de3cecce4ad3d9f21a977783376408d2fafe50db16

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://financeinsights.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: FPwz1fjM47g0l6ibwDWih8AusQtJd1WR
date: Mon, 03 Jun 2024 17:57:50 GMT
via: 1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
last-modified: Thu, 02 Sep 2021 18:24:09 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
etag: "86b1b36ce89bd3201f28e383336b58a8"
x-cache: RefreshHit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 220632
x-amz-cf-id: xFQganQctWX4f0tq6viT2klapcbYsOFVyGbOHkGznwwC8LMR5tAC_A==

GET
H2 200 dd68aaf8-5d13-45d1-9ffa-3cbca7a635e4.png
d3ft0j0pxzxklq.cloudfront.net/media/109147/ 16 KB
17 KB 66ms
25ms Image
image/png 2600:9000:237d:b800:5:e4e7:6380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3ft0j0pxzxklq.cloudfront.net/media/109147/dd68aaf8-5d13-45d1-9ffa-3cbca7a635e4.png
Requested by: Host: financeinsights.net
URL: https://financeinsights.net/OpY2TL20PF4wqDwFPD5mktbZLLl?email=cyril.thomas%40eclinicalworks.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:b800:5:e4e7:6380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ddec016743a04ced74b7d17dce246b7521b4feb757cc418f3678859eb8f5873d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://financeinsights.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 04:31:21 GMT
x-amz-version-id: SasjG3vwqvTk1IXaBrmsm_C4_7L9MqAG
via: 1.1 ef6c1b0d6b04f2b7f81eb00fa448b890.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 221188
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 16530
last-modified: Fri, 01 Sep 2023 14:10:11 GMT
server: AmazonS3
etag: "e1dd65a744657c9b0b3725691f282022"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
x-amz-cf-id: 8CPTDYdVh2Zxq8SQegFyc_FUH80RUlYeAPG5YaoiRaLd6r4h40zzRg==

GET
H2 200 img_pdf_v2.png
d281oufm7mm6g9.cloudfront.net/campaigns/_SK8_LGs/8.19.2_Retirement_Income_Teeter_Totter/assets/img/ 235 KB
236 KB 498ms
498ms Image
image/png 2600:9000:237d:a000:14:bf4f:a40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d281oufm7mm6g9.cloudfront.net/campaigns/_SK8_LGs/8.19.2_Retirement_Income_Teeter_Totter/assets/img/img_pdf_v2.png
Requested by: Host: financeinsights.net
URL: https://financeinsights.net/OpY2TL20PF4wqDwFPD5mktbZLLl?email=cyril.thomas%40eclinicalworks.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:a000:14:bf4f:a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcd2d2eaee25c4e3c1196555f7c3afc03ed2734e87aaf4b88ddabd528a705c50

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://financeinsights.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 17:57:50 GMT
x-amz-version-id: o1emGAR0GPLiWqEOkxLnIp7PwzEzDnfp
via: 1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jul 2021 03:42:16 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
etag: "51308350269297126f53458b328dad15"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 240946
x-amz-cf-id: wrLdJ_-J8oADu9utr8EKgrgWmCoXjQ-2HQW9HOnHNlNFQQUc8f6c5w==

GET
H2 200 img_pdf_v3.png
d281oufm7mm6g9.cloudfront.net/campaigns/_SK8_LGs/8.19.2_Retirement_Income_Teeter_Totter/assets/img/ 358 KB
358 KB 489ms
489ms Image
image/png 2600:9000:237d:a000:14:bf4f:a40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d281oufm7mm6g9.cloudfront.net/campaigns/_SK8_LGs/8.19.2_Retirement_Income_Teeter_Totter/assets/img/img_pdf_v3.png
Requested by: Host: financeinsights.net
URL: https://financeinsights.net/OpY2TL20PF4wqDwFPD5mktbZLLl?email=cyril.thomas%40eclinicalworks.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:a000:14:bf4f:a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e5f294d5084e0b3c070214d885285a7dd3fd1db720513250c1d4997498c9e605

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://financeinsights.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 17:57:50 GMT
x-amz-version-id: 4Qak.zy_BTWYQSxR3cDBANwvtsThyALI
via: 1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jul 2021 03:42:16 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
etag: "0fefd21324cb7e30d39736ba0f8d6bca"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 366165
x-amz-cf-id: AsY-w_NM7qx_c2yjEaoDQbKre3_QaClMsGXJhlwHfudndukM8GKIhA==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
33 KB 13ms
8ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: financeinsights.net
URL: https://financeinsights.net/OpY2TL20PF4wqDwFPD5mktbZLLl?email=cyril.thomas%40eclinicalworks.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://financeinsights.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 13:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 May 2025 13:46:45 GMT

GET
H3 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 21 KB
7 KB 37ms
18ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

Requested by

Host: financeinsights.net
URL: https://financeinsights.net/OpY2TL20PF4wqDwFPD5mktbZLLl?email=cyril.thomas%40eclinicalworks.com

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://financeinsights.net/
Origin: https://financeinsights.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 17:57:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1032418
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6646
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-520c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vgdhGWXqVxYXhVJJ9AP6WPnLQEQgth37GteeyaBMQ6nEpFjW27Yt1wZj9uMOTMwBaOgeW5A3e619Un9GIn3gz0MKhLaM2NA%2BXrGDju1lwX8BUMd3nSRtwu%2FoMoFrH5%2BJASvuoeuJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88e191588e039f22-FRA
expires: Sat, 24 May 2025 17:57:49 GMT

GET
H3 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 57 KB
18 KB 21ms
19ms Script
application/javascript 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Host: financeinsights.net
URL: https://financeinsights.net/OpY2TL20PF4wqDwFPD5mktbZLLl?email=cyril.thomas%40eclinicalworks.com

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://financeinsights.net/
Origin: https://financeinsights.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 17:57:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1068
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 7078792
cdn-cachedat: 01/17/2024 22:37:26
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"e1d98d47689e00f8ecbc5d9f61bdb42e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 3c5f1234b86c79ea8667143e8e0cb9e9
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 88e191587c9f65bc-FRA
cdn-requestpullsuccess: True

GET
H3 200 jquery.validate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.17.0/ 23 KB
7 KB 38ms
19ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.17.0/jquery.validate.min.js

Requested by

Host: financeinsights.net
URL: https://financeinsights.net/OpY2TL20PF4wqDwFPD5mktbZLLl?email=cyril.thomas%40eclinicalworks.com

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://financeinsights.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 17:57:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 934261
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6677
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-5add"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6113vLVrCWaoP6tJSimSSCt%2F98jHEu%2B%2BAVThEjR1L93h38WNZ2dSBrhp3ATgugBKF5wPUPkVzFPl7H%2Bp9sYM0HckZY5eFfeF6hQx6i5pafnO%2FaTGf9w0cVh%2B4u1oTEq7wPEkJi%2FC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88e191588a029950-FRA
expires: Sat, 24 May 2025 17:57:49 GMT

GET
H2 200 jquery-validate.bootstrap-tooltip.min.js Show response
cdn.jsdelivr.net/npm/jquery-validation-bootstrap-tooltip@0.10.2/ 2 KB
1 KB 49ms
8ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery-validation-bootstrap-tooltip@0.10.2/jquery-validate.bootstrap-tooltip.min.js

Requested by

Host: financeinsights.net
URL: https://financeinsights.net/OpY2TL20PF4wqDwFPD5mktbZLLl?email=cyril.thomas%40eclinicalworks.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

238e6b2b43f55da7a4f5a6fb80697db124469ed4da566e3dfdea1bea645629a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://financeinsights.net/
Origin: https://financeinsights.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Jun 2024 17:57:49 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2399848
x-jsd-version: 0.10.2
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 823
x-served-by: cache-fra-etou8220055-FRA
x-jsd-version-type: version
etag: W/"7fa-PUn3BEkefzDDl8bIjqTdjyzY1Gs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 forms.min.js Show response
assets.snappykraken.com/global/js/ 6 KB
3 KB 25ms
21ms Script
application/javascript 2600:9000:26da:9000:3:23f5:d040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.snappykraken.com/global/js/forms.min.js
Requested by: Host: financeinsights.net
URL: https://financeinsights.net/OpY2TL20PF4wqDwFPD5mktbZLLl?email=cyril.thomas%40eclinicalworks.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:9000:3:23f5:d040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b50f81edf6a754d02ebb32e2ad873610364b9839569471a15551968044a5db02

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://financeinsights.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: XzliPXsrse79foQBjBKevPJFZ6nWf3IK
content-encoding: br
via: 1.1 b25ea630a0bc5820a6901f77047718fe.cloudfront.net (CloudFront)
date: Mon, 03 Jun 2024 04:55:02 GMT
last-modified: Wed, 01 Mar 2023 21:18:57 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 46968
x-amz-server-side-encryption: AES256
etag: W/"85cf8861de84df64d8c8a235e006cbfe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: D7-CGRcUlxUU35QZ-DoPBhWFD9hgYtlp4-wEuAYjWT3gy91LrvB_IQ==

GET
H3 200 jquery.waypoints.min.js Show response
cdnjs.cloudflare.com/ajax/libs/waypoints/4.0.1/ 9 KB
3 KB 44ms
26ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/waypoints/4.0.1/jquery.waypoints.min.js

Requested by

Host: financeinsights.net
URL: https://financeinsights.net/OpY2TL20PF4wqDwFPD5mktbZLLl?email=cyril.thomas%40eclinicalworks.com

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c39ce2883aad8a36c4194dc053127b29efa1677cc12db45e805760c5d9f14d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://financeinsights.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 17:57:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 419043
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2417
last-modified: Mon, 04 May 2020 16:17:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb0402f-2281"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EloXchORF4rWc%2BnbvmBOzkAdwFL26hJtNkIlm6%2BmCzP1%2FEzmKfsHXDZRMgm3mQUYaYdEzDkDybdojlP4cl0jsOteq0veOAwhcTh7Mo2znNAXf4KZnpF7%2FrPqu5WBP22BRNE49mqw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 88e191588a039950-FRA
expires: Sat, 24 May 2025 17:57:49 GMT

GET
H2 200 exit-intent.min.js Show response
assets.snappykraken.com/global/js/ 1 KB
1 KB 23ms
19ms Script
application/javascript 2600:9000:26da:9000:3:23f5:d040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.snappykraken.com/global/js/exit-intent.min.js
Requested by: Host: financeinsights.net
URL: https://financeinsights.net/OpY2TL20PF4wqDwFPD5mktbZLLl?email=cyril.thomas%40eclinicalworks.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:9000:3:23f5:d040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a599faacc241e28e254d0aa850f6fe979b50b36c411d4f335379cf40069c5a6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://financeinsights.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: N5IsTKdkUITlDZeVNOY4ETgiu6ZNCxDn
content-encoding: gzip
via: 1.1 b25ea630a0bc5820a6901f77047718fe.cloudfront.net (CloudFront)
date: Mon, 03 Jun 2024 04:55:02 GMT
last-modified: Tue, 07 Feb 2023 14:14:32 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 46968
x-amz-server-side-encryption: AES256
etag: W/"7cd19e39545564deea163df7b5c7c5a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: rPMDXrB4aNgtSQOTmJToL3E8xc_ta1obuK1g8O0ZlWSzOiMNdgps9Q==

GET
H2 200 scripts.js Show response
d281oufm7mm6g9.cloudfront.net/campaigns/_SK8_LGs/8.19.2_Retirement_Income_Teeter_Totter/assets/js/ 4 KB
4 KB 471ms
468ms Script
text/javascript 2600:9000:237d:a000:14:bf4f:a40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d281oufm7mm6g9.cloudfront.net/campaigns/_SK8_LGs/8.19.2_Retirement_Income_Teeter_Totter/assets/js/scripts.js
Requested by: Host: financeinsights.net
URL: https://financeinsights.net/OpY2TL20PF4wqDwFPD5mktbZLLl?email=cyril.thomas%40eclinicalworks.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:a000:14:bf4f:a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f9535b23824ad41f50eee16665b13a04b402f0b5616ce4d18a2504fa2543176

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://financeinsights.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 17:57:50 GMT
x-amz-version-id: daOV_hJMi9_Rm0zIl0yN2UB2mmFCfwdY
via: 1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jul 2021 03:42:23 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
etag: "c510c411e011bb45d4b0aefe08c4e884"
x-cache: Miss from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 4078
x-amz-cf-id: hveYbSxFEPrxpufBxbtm32Fv1262J7ekxmOJMtrq8tzYY3JACNnAzQ==

GET
H/1.1 200
OK library.js Show response
snappykraken.api.oneall.com/socialize/ 46 KB
13 KB 146ms
10ms Script
text/javascript 136.243.63.184
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://snappykraken.api.oneall.com/socialize/library.js
Requested by: Host: financeinsights.net
URL: https://financeinsights.net/OpY2TL20PF4wqDwFPD5mktbZLLl?email=cyril.thomas%40eclinicalworks.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.63.184 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: xip08.oneall.com
Software: nginx /
Resource Hash: d5cfc192a0dd69af304646f1cda808118958cd90dfab2c454d3431fe16f35ba9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://financeinsights.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: private
Date: Mon, 03 Jun 2024 17:57:49 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Mar 2017 01:55:56 GMT
Server: nginx
X-Forwarded-Target: xvictor.oneall.com
Vary: Accept-Encoding
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Content-Type: text/javascript; charset=UTF-8
Cache-Control: max-age=14400, private
Connection: keep-alive
Content-Length: 12449
X-Cached: HIT
Expires: Mon, 03 Jun 2024 21:57:27 GMT

GET
H2 200 utilities.css
assets.snappykraken.com/global/css/ 56 KB
4 KB 49ms
17ms Stylesheet
text/css 2600:9000:26da:9000:3:23f5:d040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.snappykraken.com/global/css/utilities.css
Requested by: Host: d281oufm7mm6g9.cloudfront.net
URL: https://d281oufm7mm6g9.cloudfront.net/campaigns/_SK8_LGs/8.19.2_Retirement_Income_Teeter_Totter/assets/css/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:9000:3:23f5:d040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 49c16a4ae787303bbeda923e76639f749418a8573076403cf205729c18237900

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://d281oufm7mm6g9.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 04:23:05 GMT
x-amz-version-id: U.e60LpyBj9uRZiwARhbkMk4pvlSsI9O
content-encoding: br
last-modified: Tue, 07 Feb 2023 14:14:37 GMT
server: AmazonS3
via: 1.1 b25ea630a0bc5820a6901f77047718fe.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
etag: W/"6dc9caa9fb4ca49e7349cca46daa5aec"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
age: 48885
x-amz-cf-id: mHIFXfujA6EPvG5Ma8h3A30twf3wSzPJpD6mcu4yPSV8GxMkzy6KPw==

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
1 KB 39ms
17ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&family=Roboto+Condensed:ital,wght@0,400;0,700;1,300;1,400&display=swap

Requested by

Host: d281oufm7mm6g9.cloudfront.net
URL: https://d281oufm7mm6g9.cloudfront.net/campaigns/_SK8_LGs/8.19.2_Retirement_Income_Teeter_Totter/assets/css/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44f2939203f0ad22132d084d2c447de39280876606ba24d1f83807c203622ebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://d281oufm7mm6g9.cloudfront.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jun 2024 17:57:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jun 2024 17:57:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jun 2024 17:57:49 GMT

GET
H2 200 all.css
pro.fontawesome.com/releases/v5.7.1/css/ 77 KB
16 KB 68ms
32ms Stylesheet
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.7.1/css/all.css
Requested by: Host: assets.snappykraken.com
URL: https://assets.snappykraken.com/global/css/utilities.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9db1b06a7cfcabc0a842a496f6af2ab20c2e9aa6482210313b3c1588f4a066a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://assets.snappykraken.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 17:57:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 28 Jun 2021 17:35:05 GMT
server: cloudflare
x-amz-request-id: VETG73GY58V10VXW
age: 7089224
etag: W/"8f17a5dd66766d27715ec7925ed120fe"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556926
cf-ray: 88e1915829ed90ee-FRA
x-amz-id-2: GGpdkagfC59q19kQdXaC0HBXDaZ8IwotHT1MzDHC96Q/qbq7QMrW9/bjohlJm2XVcDy+V5Ml0sC729IPpX9YIA==

GET
H2 200 heap-642619154.js Show response
cdn.heapanalytics.com/js/ 117 KB
37 KB 156ms
114ms Script
application/javascript 18.173.154.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-642619154.js

Requested by

Host: financeinsights.net
URL: https://financeinsights.net/OpY2TL20PF4wqDwFPD5mktbZLLl?email=cyril.thomas%40eclinicalworks.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-74.muc50.r.cloudfront.net

Software

nginx / Express

Resource Hash

d01cdc05b3c5361cbb8574447820a570befb18eac5f4fde9dbfb0daf3edeb6ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://financeinsights.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 17:56:43 GMT
content-encoding: br
via: 1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: MUC50-P3
age: 66
x-powered-by: Express
etag: W/"1d207-pFvYT8t9wv8ET+vR91BBSUcaJfQ"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: BIBvZc_9hnb3cgYsIxjW4UM8daA5xApvaadFHoAjNbFZl4910kbqoA==

GET
H2 200 ico_check.png
d281oufm7mm6g9.cloudfront.net/campaigns/_SK8_LGs/8.19.2_Retirement_Income_Teeter_Totter/assets/img/ 1 KB
2 KB 423ms
421ms Image
image/png 2600:9000:237d:a000:14:bf4f:a40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d281oufm7mm6g9.cloudfront.net/campaigns/_SK8_LGs/8.19.2_Retirement_Income_Teeter_Totter/assets/img/ico_check.png
Requested by: Host: d281oufm7mm6g9.cloudfront.net
URL: https://d281oufm7mm6g9.cloudfront.net/campaigns/_SK8_LGs/8.19.2_Retirement_Income_Teeter_Totter/assets/css/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:a000:14:bf4f:a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0625ce56e73e22fd75f951d825baa4df3ad2d45fdf83ca4a8ed963d00abc4d84

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://d281oufm7mm6g9.cloudfront.net/campaigns/_SK8_LGs/8.19.2_Retirement_Income_Teeter_Totter/assets/css/styles.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 17:57:50 GMT
x-amz-version-id: PbfmLIMpaWhVkAFBA6fKgLuBfh3kaG8T
via: 1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jul 2021 03:42:16 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
etag: "1a28d068de7e5a27766314a2e177f338"
x-cache: Miss from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1475
x-amz-cf-id: jyxUPGt_iWEflEw7xkP8uzRSrdlYvUnvQXl-W_S58s1g9QMCnAsWGw==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 45ms
15ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&family=Roboto+Condensed:ital,wght@0,400;0,700;1,300;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://financeinsights.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 08:44:47 GMT
x-content-type-options: nosniff
age: 205982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Jun 2025 08:44:47 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 50 KB
51 KB 38ms
8ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&family=Roboto+Condensed:ital,wght@0,400;0,700;1,300;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://financeinsights.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 08:18:12 GMT
x-content-type-options: nosniff
age: 553177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51404
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 May 2025 08:18:12 GMT

GET
H2 200 ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 56 KB
56 KB 52ms
22ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&family=Roboto+Condensed:ital,wght@0,400;0,700;1,300;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e0d02c04fe3bb456ed7318a162a6248bd481b6f8e955fecda064d7c0ad3d792

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://financeinsights.net
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 19:18:11 GMT
x-content-type-options: nosniff
age: 254378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56996
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:53:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 May 2025 19:18:11 GMT

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 272 KB
94 KB 41ms
41ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QWS0TWZWVV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-78645440-6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d923f9f110732b231575d15612f7c0f1f9658df63578f9079eace3be5aa4e54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://financeinsights.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 17:57:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96431
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 03 Jun 2024 17:57:49 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-78645440-6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://financeinsights.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 03 Jun 2024 16:29:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5321
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 03 Jun 2024 18:29:08 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
210 B 19ms
18ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=536835014&t=pageview&_s=1&dl=https%3A%2F%2Ffinanceinsights.net%2FOpY2TL20PF4wqDwFPD5mktbZLLl%3Femail%3Dcyril.thomas%2540eclinicalworks.com&ul=de-de&de=UTF-8&dt=The%20Retirement%20Income%20Teeter-Totter&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=635765771&gjid=741233708&cid=1259839351.1717437470&tid=UA-78645440-6&_gid=934256707.1717437470&_r=1&gtm=457e45t0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=2245727

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://financeinsights.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Jun 2024 17:57:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://financeinsights.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
349 B 67ms
27ms XHR
text/plain 2a00:1450:400c:c0d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-78645440-6&cid=1259839351.1717437470&jid=635765771&gjid=741233708&_gid=934256707.1717437470&npa=1&_u=YEBAAUAAAAAAACAAI~&z=1050864750

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://financeinsights.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 03 Jun 2024 17:57:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://financeinsights.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 49ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-QWS0TWZWVV&gtm=45je45t0v9136726501za200&_p=1717437469506&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1259839351.1717437470&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1717437469&sct=1&seg=0&dl=https%3A%2F%2Ffinanceinsights.net%2FOpY2TL20PF4wqDwFPD5mktbZLLl%3Femail%3Dcyril.thomas%2540eclinicalworks.com&dt=The%20Retirement%20Income%20Teeter-Totter&en=page_view&_fv=1&_ss=1&tfd=1736
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QWS0TWZWVV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://financeinsights.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 03 Jun 2024 17:57:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://financeinsights.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 h
heapanalytics.com/ 37 B
261 B 303ms
100ms Image
image/gif 3.221.96.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=642619154&u=3852180270812432&v=1484182384552777&s=931228446879241&b=web&tv=4.0&z=0&h=%2FOpY2TL20PF4wqDwFPD5mktbZLLl&q=%3Femail%3Dcyril.thomas%2540eclinicalworks.com&d=financeinsights.net&t=The%20Retirement%20Income%20Teeter-Totter&ts=1717437469994&ubv=125.0.6422.112&upv=10.0.0&sch=1200&scw=1600&st=1717437469999

Requested by

Host: financeinsights.net
URL: https://financeinsights.net/OpY2TL20PF4wqDwFPD5mktbZLLl?email=cyril.thomas%40eclinicalworks.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.221.96.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-221-96-18.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://financeinsights.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 03 Jun 2024 17:57:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 favicon.ico
d281oufm7mm6g9.cloudfront.net/financeinsights/ 91 KB
91 KB 20ms
19ms Other
image/vnd.microsoft.icon 2600:9000:237d:a000:14:bf4f:a40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d281oufm7mm6g9.cloudfront.net/financeinsights/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:a000:14:bf4f:a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8cea0d1f0e3ddc0dd891b8e7d4ee7c072201e1d1b576378bcff12df46318af98

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://financeinsights.net/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 02:32:29 GMT
x-amz-version-id: null
via: 1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
last-modified: Fri, 29 May 2020 14:35:10 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 55522
etag: "b8da8c7e353a20a4e3d2897796addc3d"
x-cache: Hit from cloudfront
content-type: image/vnd.microsoft.icon
accept-ranges: bytes
content-length: 93062
x-amz-cf-id: vTmJY_vCVtGJYtBHrDSt3CtIi2ocQLA4SIi9mJ4XNisLLzNB-vQLFw==

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
financeinsights.net/	1970-01-20 21:04:04	Name: XSRF-TOKEN Value: eyJpdiI6IlM4enVXanpHV1lIZVh2NC9pNTNNbmc9PSIsInZhbHVlIjoiSlgrL0o2Z2ZKZUNNWmNSNGx2M2ovS3RoSjJHTjBQODh6OFQ0SlhqaVNqVTBoTHZYMjhhaHNULzlRc3FsQjAvSnljb1paeCtYRHpzUFU5bkR1aWFNbGhOK3o4aXBkc3padXRFMkVGb3E4MTg0RE5LQk1WS0NSdUhwK09vUFNUY0siLCJtYWMiOiJiMDM2NzNlNjQyZjRmOGFhNzM1NjA3OTgwMmMyOWM4YmQ5ZDY0ZDAzYWM4MThkY2ZhNTliNTM1OGM4YWI3NWYyIiwidGFnIjoiIn0%3D
financeinsights.net/	1970-01-20 21:04:04	Name: financeinsightsnet_session Value: eyJpdiI6IkZxRWp1dFRteWErazlYYncwbHNrdEE9PSIsInZhbHVlIjoiWG1VdnNzdVJjRmJDV29hREtGeGJnbWtkTXhKTnJEZjZBN29hMS84dWVmMXJqWXNUOTdFWlZOWUVVOUdPQmR6b05aOUtZcW8ya3V6TXhJSmdEbE5RYk82RVJsTmJUcTRTYkxDaDlnWE0vbDlJblNxeFNMYzE2WFBQdW9xQzd5eXQiLCJtYWMiOiIzMWU2ZjhmMWIzYjczZGIwYTZhYzk4NzE5NmU0YTU5ZDdkODc0OWIyNDQwZGJjYjZlNTNkYjMyZDdlYjg5ODU1IiwidGFnIjoiIn0%3D
financeinsights.net/	1970-01-21 06:39:57	Name: sk_email Value: eyJpdiI6Im55R0lwNnNLcmc1R1BGaVRtVFAwa2c9PSIsInZhbHVlIjoiSmZVRVlzRDFBaS9mdTYwemNuWkt4WlhoSlpydHFSVUNVV25iSldxY0xwMWxJQWZacGkwcGNiU1V5cFp3aFZWcUJFUW5UWDdlOHJxQ1lsSXFJaHdwdmdwQWZYRmttcE1aekVCeEU1WStKeTg9IiwibWFjIjoiODk2NTZiYzYxMTVjZjY3MGMzZDMxNjE4Njg5YTgzODI3YzZhODk0ZjZjYmFkNzFlNTk5MDE2ZTlmODBkMjQ0NiIsInRhZyI6IiJ9
.financeinsights.net/	1970-01-20 21:05:23	Name: _gid Value: GA1.2.934256707.1717437470
.financeinsights.net/	1970-01-20 21:03:57	Name: _gat_gtag_UA_78645440_6 Value: 1
.financeinsights.net/	1970-01-21 06:39:57	Name: _ga_QWS0TWZWVV Value: GS1.1.1717437469.1.0.1717437469.0.0.0
.financeinsights.net/	1970-01-21 06:39:57	Name: _ga Value: GA1.1.1259839351.1717437470
.financeinsights.net/	1970-01-21 06:31:55	Name: _hp2_id.642619154 Value: %7B%22userId%22%3A%223852180270812432%22%2C%22pageviewId%22%3A%221484182384552777%22%2C%22sessionId%22%3A%22931228446879241%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.financeinsights.net/	1970-01-20 21:03:59	Name: _hp2_ses_props.642619154 Value: %7B%22ts%22%3A1717437469994%2C%22d%22%3A%22financeinsights.net%22%2C%22h%22%3A%22%2FOpY2TL20PF4wqDwFPD5mktbZLLl%22%2C%22q%22%3A%22%3Femail%3Dcyril.thomas%2540eclinicalworks.com%22%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.snappykraken.com
cdn.heapanalytics.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
d281oufm7mm6g9.cloudfront.net
d3ft0j0pxzxklq.cloudfront.net
financeinsights.net
fonts.googleapis.com
fonts.gstatic.com
heapanalytics.com
pro.fontawesome.com
region1.google-analytics.com
snappykraken.api.oneall.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
104.17.24.14
104.18.10.207
136.243.63.184
18.173.154.74
2001:4860:4802:34::36
2600:9000:237d:a000:14:bf4f:a40:21
2600:9000:237d:b800:5:e4e7:6380:21
2600:9000:26da:9000:3:23f5:d040:93a1
2606:4700:4400::ac40:93bc
2a00:1450:4001:803::200e
2a00:1450:4001:810::2008
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:82f::200a
2a00:1450:400c:c0d::9d
2a04:4e42:600::485
3.221.96.18
3.233.32.220
0625ce56e73e22fd75f951d825baa4df3ad2d45fdf83ca4a8ed963d00abc4d84
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50
17fff603297ee0129b1aa0cbd1285951420f6066fb2a82fa27ed23ef7a58d6e1
1d923f9f110732b231575d15612f7c0f1f9658df63578f9079eace3be5aa4e54
238e6b2b43f55da7a4f5a6fb80697db124469ed4da566e3dfdea1bea645629a4
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
44f2939203f0ad22132d084d2c447de39280876606ba24d1f83807c203622ebb
49c16a4ae787303bbeda923e76639f749418a8573076403cf205729c18237900
4a599faacc241e28e254d0aa850f6fe979b50b36c411d4f335379cf40069c5a6
4e0d02c04fe3bb456ed7318a162a6248bd481b6f8e955fecda064d7c0ad3d792
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
7f9535b23824ad41f50eee16665b13a04b402f0b5616ce4d18a2504fa2543176
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8c39ce2883aad8a36c4194dc053127b29efa1677cc12db45e805760c5d9f14d1
8cea0d1f0e3ddc0dd891b8e7d4ee7c072201e1d1b576378bcff12df46318af98
b50f81edf6a754d02ebb32e2ad873610364b9839569471a15551968044a5db02
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcd2d2eaee25c4e3c1196555f7c3afc03ed2734e87aaf4b88ddabd528a705c50
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
bf028d8bda23054f92ba47de3cecce4ad3d9f21a977783376408d2fafe50db16
c608b5ea1529f94a87486955ee11a51fc70223328a29d1c32f8fe360c2a49e72
d01cdc05b3c5361cbb8574447820a570befb18eac5f4fde9dbfb0daf3edeb6ad
d5cfc192a0dd69af304646f1cda808118958cd90dfab2c454d3431fe16f35ba9
ddec016743a04ced74b7d17dce246b7521b4feb757cc418f3678859eb8f5873d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f294d5084e0b3c070214d885285a7dd3fd1db720513250c1d4997498c9e605
f3822e3f415ab97cae6a4af2b833fa2c9da9d32cf05a44b8ea39579cd12a4bf4
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f9db1b06a7cfcabc0a842a496f6af2ab20c2e9aa6482210313b3c1588f4a066a

financeinsights.net Open in urlscan Pro 3.233.32.220 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

35 Requests

100 %HTTPS

67 %IPv6

14 Domains

18 Subdomains

19 IPs

4 Countries

1679 kBTransfer

2566 kBSize

9 Cookies

0 Outgoing links

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

financeinsights.net Open in urlscan Pro
3.233.32.220 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

100 %
HTTPS

67 %
IPv6

14
Domains

18
Subdomains

19
IPs

4
Countries

1679 kB
Transfer

2566 kB
Size

9
Cookies

35 HTTP transactions
4 data transactions