urlscan.io logo urlscan.io
SecurityTrails logo

financeinsights.net Open in urlscan Pro
34.230.104.39  Public Scan

Go To Rescan Add Verdict Report
URL: https://financeinsights.net/4OpKs0lL1SOegwwHNYBaATk6EXX?email=maria.ocasio%40jfs.ohio.gov
Submission: On March 25 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 4 countries across 17 domains to perform 30 HTTP transactions. The main IP is 34.230.104.39, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is financeinsights.net.
TLS certificate: Issued by Amazon RSA 2048 M03 on November 23rd 2023. Valid for: a year.
This is the only time financeinsights.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 34.230.104.39 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 151.101.66.159 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:235... 16509 (AMAZON-02)
1 2600:9000:267... 16509 (AMAZON-02)
2 104.17.25.14 13335 (CLOUDFLAR...)
1 104.18.11.207 13335 (CLOUDFLAR...)
1 104.16.88.20 13335 (CLOUDFLAR...)
2 2600:9000:214... 16509 (AMAZON-02)
1 52.216.221.33 16509 (AMAZON-02)
1 136.243.63.184 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 13.32.27.35 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.209.34.114 14618 (AMAZON-AES)
1 2600:9000:272... 16509 (AMAZON-02)
30 23
1    34.230.104.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-104-39.compute-1.amazonaws.com
financeinsights.net
2    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
2    151.101.66.159 (United States)

ASN54113 (FASTLY, US)
ae-templates.flywheelsites.com
2    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:235a:e200:4:ba97:7a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
proofs.advisorsexcel.com
1    2600:9000:2670:8e00:5:e4e7:6380:21 (United States)

ASN16509 (AMAZON-02, US)
d3ft0j0pxzxklq.cloudfront.net
2    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2600:9000:214f:3200:3:23f5:d040:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.snappykraken.com
1    52.216.221.33 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
snappykraken-assets.s3.amazonaws.com
1    136.243.63.184 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: xip08.oneall.com
snappykraken.api.oneall.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)
pro.fontawesome.com
1    13.32.27.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-35.fra56.r.cloudfront.net
cdn.heapanalytics.com
3    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    54.209.34.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-34-114.compute-1.amazonaws.com
heapanalytics.com
1    2600:9000:2724:dc00:14:bf4f:a40:21 (United States)

ASN16509 (AMAZON-02, US)
d281oufm7mm6g9.cloudfront.net
Apex Domain
Subdomains		 Transfer
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
region1.google-analytics.com — Cisco Umbrella Rank: 1803
21 KB
3 gstatic.com
fonts.gstatic.com
122 KB
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 728
fonts.googleapis.com — Cisco Umbrella Rank: 112
65 KB
2 heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 3510
heapanalytics.com — Cisco Umbrella Rank: 3092
37 KB
2 snappykraken.com
assets.snappykraken.com
5 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 389
10 KB
2 cloudfront.net
d3ft0j0pxzxklq.cloudfront.net
d281oufm7mm6g9.cloudfront.net
178 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 108
160 KB
2 flywheelsites.com
ae-templates.flywheelsites.com
4 KB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 4208
41 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 203
348 B
1 fontawesome.com
pro.fontawesome.com — Cisco Umbrella Rank: 12250
16 KB
1 oneall.com
snappykraken.api.oneall.com
13 KB
1 amazonaws.com
snappykraken-assets.s3.amazonaws.com
5 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 449
1 KB
1 advisorsexcel.com
proofs.advisorsexcel.com
687 KB
1 financeinsights.net
financeinsights.net
16 KB
30 17
Domain Requested by
3 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 assets.snappykraken.com financeinsights.net
ae-templates.flywheelsites.com
2 cdnjs.cloudflare.com financeinsights.net
2 www.googletagmanager.com financeinsights.net
www.googletagmanager.com
2 ae-templates.flywheelsites.com financeinsights.net
ae-templates.flywheelsites.com
2 stackpath.bootstrapcdn.com financeinsights.net
2 ajax.googleapis.com financeinsights.net
1 d281oufm7mm6g9.cloudfront.net
1 heapanalytics.com financeinsights.net
1 stats.g.doubleclick.net www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
1 cdn.heapanalytics.com financeinsights.net
1 pro.fontawesome.com assets.snappykraken.com
1 fonts.googleapis.com ae-templates.flywheelsites.com
1 snappykraken.api.oneall.com financeinsights.net
1 snappykraken-assets.s3.amazonaws.com financeinsights.net
1 cdn.jsdelivr.net financeinsights.net
1 d3ft0j0pxzxklq.cloudfront.net financeinsights.net
1 proofs.advisorsexcel.com financeinsights.net
1 financeinsights.net
30 21

This site contains no links.

Subject Issuer Validity Valid
financeinsights.net
Amazon RSA 2048 M03		 2023-11-23 -
2024-12-21		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-01-28 -
2024-04-27		 3 months crt.sh
*.flywheelsites.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-07 -
2024-12-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
proofs.advisorsexcel.com
Amazon RSA 2048 M03		 2023-10-22 -
2024-11-19		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
assets.snappykraken.com
Amazon RSA 2048 M02		 2024-02-09 -
2025-03-10		 a year crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-03		 9 months crt.sh
*.api.oneall.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-31 -
2024-07-31		 a year crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-04 -
2025-01-03		 a year crt.sh
cdn.heapanalytics.com
Amazon RSA 2048 M01		 2023-06-29 -
2024-07-27		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
heapanalytics.com
Amazon RSA 2048 M02		 2023-11-09 -
2024-12-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://financeinsights.net/4OpKs0lL1SOegwwHNYBaATk6EXX?email=maria.ocasio%40jfs.ohio.gov
Frame ID: 97866B6BF04DD4B95BE4857182411889
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ballots, Bills and Bull Markets – Oh My!

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • heap-\d+\.js
Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

30
Requests

100 %
HTTPS

59 %
IPv6

17
Domains

21
Subdomains

23
IPs

4
Countries

1380 kB
Transfer

2240 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 4OpKs0lL1SOegwwHNYBaATk6EXX
financeinsights.net/ 		15 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://financeinsights.net/4OpKs0lL1SOegwwHNYBaATk6EXX?email=maria.ocasio%40jfs.ohio.gov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.230.104.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-104-39.compute-1.amazonaws.com
Software
/
Resource Hash
9fc8ef0d209ed9cbb2272629b5bb9d5cc13290dd0b75d5dc4e62291748781ffc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

apigw-requestid
VMitojVUIAMEVyw=
cache-control
no-cache, private
content-length
15645
content-type
text/html; charset=UTF-8
date
Mon, 25 Mar 2024 17:16:58 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: financeinsights.net
URL: https://financeinsights.net/4OpKs0lL1SOegwwHNYBaATk6EXX?email=maria.ocasio%40jfs.ohio.gov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://financeinsights.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 23 Mar 2024 08:13:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
205398
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 23 Mar 2025 08:13:40 GMT
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 		152 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
Requested by
Host: financeinsights.net
URL: https://financeinsights.net/4OpKs0lL1SOegwwHNYBaATk6EXX?email=maria.ocasio%40jfs.ohio.gov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://financeinsights.net/
Origin
https://financeinsights.net
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 17:16:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
1070
age
11330
cdn-cachedat
12/12/2023 01:20:55
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"a15c2ac3234aa8f6064ef9c1f7383c37"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
5a47729ce1c29e39c3c967f9ff695262
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
86a08d438e433603-FRA
cdn-requestpullsuccess
True
sk-styles.css
ae-templates.flywheelsites.com/sk-templates/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ae-templates.flywheelsites.com/sk-templates/sk-styles.css
Requested by
Host: financeinsights.net
URL: https://financeinsights.net/4OpKs0lL1SOegwwHNYBaATk6EXX?email=maria.ocasio%40jfs.ohio.gov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
e06a885219da7bd646a1b5292cc7cff932f677a0c0efb3de797c167f7ce6f8ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://financeinsights.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fw-static
YES
date
Mon, 25 Mar 2024 17:16:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
MISS, HIT
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-fra-etou8220111-FRA, cache-fra-etou8220095-FRA
x-fw-type
VISIT
content-length
2393
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Dec 2021 16:45:40 GMT
server
Flywheel/5.1.0
x-timer
S1711387019.803307,VS0,VE2
etag
W/"61c4a7b4-2194"
x-fw-hash
vdmsw8mby2
x-fw-version
5.0.0
content-type
text/css
vary
Accept-Encoding, Authorization
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0, 1
js
www.googletagmanager.com/gtag/ 		196 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-78645440-6
Requested by
Host: financeinsights.net
URL: https://financeinsights.net/4OpKs0lL1SOegwwHNYBaATk6EXX?email=maria.ocasio%40jfs.ohio.gov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
71d85395f5e77e2ddf227d1f61c56063e1d0e3c017362d5e50209408cfcb83b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://financeinsights.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 17:16:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72733
x-xss-protection
0
last-modified
Mon, 25 Mar 2024 16:13:18 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 25 Mar 2024 17:16:59 GMT
election-whitepaper-option-2.png
proofs.advisorsexcel.com/2024/snappy/election/ 		686 KB
687 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://proofs.advisorsexcel.com/2024/snappy/election/election-whitepaper-option-2.png
Requested by
Host: financeinsights.net
URL: https://financeinsights.net/4OpKs0lL1SOegwwHNYBaATk6EXX?email=maria.ocasio%40jfs.ohio.gov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:e200:4:ba97:7a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4031899e06042dd2207c6904a4e1bfb02fa795cab4e06979eee7eec8f5538707

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://financeinsights.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 17:17:00 GMT
via
1.1 3677df2c828d68a6a84555cd8a40cf50.cloudfront.net (CloudFront)
last-modified
Mon, 12 Feb 2024 15:26:14 GMT
server
AmazonS3
x-amz-meta-user-agent-id
codeanywherecdn@s-095f83d870084e579
x-amz-cf-pop
FRA60-P9
etag
"666284aafa1228391cb7c44e35e5e2cb"
x-amz-meta-user-agent
AWSTransfer
x-amz-server-side-encryption
AES256
content-type
image/png
x-cache
Miss from cloudfront
accept-ranges
bytes
content-length
702112
x-amz-cf-id
KmqBfDmxdN1Aqtw8W3dRJovxzUgiEs2VZBH-J5HY_jbnmNsTtByS1Q==
b9ec881d-bfda-4653-9d84-efec4e1423c2.jpeg
d3ft0j0pxzxklq.cloudfront.net/media/67003/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3ft0j0pxzxklq.cloudfront.net/media/67003/b9ec881d-bfda-4653-9d84-efec4e1423c2.jpeg
Requested by
Host: financeinsights.net
URL: https://financeinsights.net/4OpKs0lL1SOegwwHNYBaATk6EXX?email=maria.ocasio%40jfs.ohio.gov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2670:8e00:5:e4e7:6380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
624efce5b35706546700ff846f7ae604c239ba5b43a525c83f17bcbe7737e3f7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://financeinsights.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 17:17:00 GMT
x-amz-version-id
lzmi2P8wzCha6WmxY3kDEPve4.WNzIxn
via
1.1 fd87ab1d9a433dd02274380a706bf7d2.cloudfront.net (CloudFront)
last-modified
Wed, 02 Feb 2022 15:54:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P9
etag
"8d96ed00d6aeab81426c4648c03ad075"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=604800
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
88206
x-amz-cf-id
-ADOGxtksfeCfukHwPVQUHvASbbJVXvQskolOZJTAoIfAxnlzNyDyw==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: financeinsights.net
URL: https://financeinsights.net/4OpKs0lL1SOegwwHNYBaATk6EXX?email=maria.ocasio%40jfs.ohio.gov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://financeinsights.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 21 Mar 2024 17:20:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
345382
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Mar 2025 17:20:37 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
Requested by
Host: financeinsights.net
URL: https://financeinsights.net/4OpKs0lL1SOegwwHNYBaATk6EXX?email=maria.ocasio%40jfs.ohio.gov
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://financeinsights.net/
Origin
https://financeinsights.net
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 17:16:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
236093
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6646
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-520c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QUF2TzfUH43wOz7ujP9Un8e2kJ%2FX6fyf1qawFT1%2BRGhPWdySIuolMwBk9db%2FkyRdORzycPkF7gpH6smR6hrZVfwMvqN6TyWycFtxltIPUhLZwHpdIthmcsEE%2FuEoJHA%2Fdz3InVYh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86a08d4659403603-FRA
expires
Sat, 15 Mar 2025 17:16:59 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
Requested by
Host: financeinsights.net
URL: https://financeinsights.net/4OpKs0lL1SOegwwHNYBaATk6EXX?email=maria.ocasio%40jfs.ohio.gov
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://financeinsights.net/
Origin
https://financeinsights.net
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 17:16:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
1068
age
650326
cdn-cachedat
01/17/2024 22:37:26
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"e1d98d47689e00f8ecbc5d9f61bdb42e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
3c5f1234b86c79ea8667143e8e0cb9e9
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
86a08d461d0b3bcf-WAW
cdn-requestpullsuccess
True
jquery-validate.bootstrap-tooltip.min.js
cdn.jsdelivr.net/npm/jquery-validation-bootstrap-tooltip@0.10.2/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/jquery-validation-bootstrap-tooltip@0.10.2/jquery-validate.bootstrap-tooltip.min.js
Requested by
Host: financeinsights.net
URL: https://financeinsights.net/4OpKs0lL1SOegwwHNYBaATk6EXX?email=maria.ocasio%40jfs.ohio.gov
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
238e6b2b43f55da7a4f5a6fb80697db124469ed4da566e3dfdea1bea645629a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://financeinsights.net/
Origin
https://financeinsights.net
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 17:16:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
55007
x-jsd-version
0.10.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220125-FRA, cache-lga21944-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"7fa-PUn3BEkefzDDl8bIjqTdjyzY1Gs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=56kazGC1jGpqF3fKHkGomlS8gB8ekLFcWNzcUNOcCOlVX3OOpJL5OiN46qnNIRlXPjIKbvVL%2Fwc%2FKb8j7Av%2B0U6%2FlPyD9YGDyxqrxJSIgQ9q%2FAIenpxHUO2%2BLmEbSY6NBoY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
86a08d46797c503c-WAW
jquery.waypoints.min.js
cdnjs.cloudflare.com/ajax/libs/waypoints/4.0.1/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/waypoints/4.0.1/jquery.waypoints.min.js
Requested by
Host: financeinsights.net
URL: https://financeinsights.net/4OpKs0lL1SOegwwHNYBaATk6EXX?email=maria.ocasio%40jfs.ohio.gov
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c39ce2883aad8a36c4194dc053127b29efa1677cc12db45e805760c5d9f14d1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://financeinsights.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 17:16:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
320209
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2417
last-modified
Mon, 04 May 2020 16:17:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb0402f-2281"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=miQ3AHLOcbc1f12xPPSO8sYsXTh%2BpIVECL4EEAUU1nPuhZtCXOf4YURhV7yb1E7R6bx57qSpSjA%2BtTtogKOK%2FDBN1wWqZWoCR%2FyhYJEqF5FfEGZPyhExuxEx1O0%2F%2BuIc4v%2BDGX2q"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86a08d465fb83647-FRA
expires
Sat, 15 Mar 2025 17:16:59 GMT
exit-intent.min.js
assets.snappykraken.com/global/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.snappykraken.com/global/js/exit-intent.min.js
Requested by
Host: financeinsights.net
URL: https://financeinsights.net/4OpKs0lL1SOegwwHNYBaATk6EXX?email=maria.ocasio%40jfs.ohio.gov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:3200:3:23f5:d040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a599faacc241e28e254d0aa850f6fe979b50b36c411d4f335379cf40069c5a6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://financeinsights.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
N5IsTKdkUITlDZeVNOY4ETgiu6ZNCxDn
content-encoding
gzip
via
1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
date
Sun, 24 Mar 2024 19:27:29 GMT
last-modified
Tue, 07 Feb 2023 14:14:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
78571
x-amz-server-side-encryption
AES256
etag
W/"7cd19e39545564deea163df7b5c7c5a7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
UiL0wWK7IZxPfYJvVwOjx217_owqZh3tDTd2jPtk1UtZS0Z87iWCgQ==
scripts.min.js
snappykraken-assets.s3.amazonaws.com/campaigns/_SK8_LGs/8.26_Early_Retirement_Time_Bomb/assets/js/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snappykraken-assets.s3.amazonaws.com/campaigns/_SK8_LGs/8.26_Early_Retirement_Time_Bomb/assets/js/scripts.min.js
Requested by
Host: financeinsights.net
URL: https://financeinsights.net/4OpKs0lL1SOegwwHNYBaATk6EXX?email=maria.ocasio%40jfs.ohio.gov
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.221.33 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
7f4799f6316f78f403d2bda5db81601c1164cd03569cffe4e7070079b27efa01

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://financeinsights.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 25 Mar 2024 17:17:00 GMT
x-amz-version-id
SpFX_KQvYzi.UvL1j4PU_r2r0SIsIr2K
Last-Modified
Thu, 11 Mar 2021 01:32:56 GMT
Server
AmazonS3
x-amz-request-id
DR3VQ595SN7PKKZS
ETag
"b25c7ff0474a55dd294ac400f2c70f2c"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
4392
x-amz-id-2
KZR+o4lYsV+IoHD54TFzr5F0MJdpJW6CP2zgZ537U5y180LkXjLifON00+5D7Kfkoo23/6ixBT8=
library.js
snappykraken.api.oneall.com/socialize/ 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snappykraken.api.oneall.com/socialize/library.js
Requested by
Host: financeinsights.net
URL: https://financeinsights.net/4OpKs0lL1SOegwwHNYBaATk6EXX?email=maria.ocasio%40jfs.ohio.gov
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
136.243.63.184 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
xip08.oneall.com
Software
nginx /
Resource Hash
d5cfc192a0dd69af304646f1cda808118958cd90dfab2c454d3431fe16f35ba9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://financeinsights.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
private
Date
Mon, 25 Mar 2024 17:16:59 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Mar 2017 01:55:56 GMT
Server
nginx
X-Forwarded-Target
xsierra.oneall.com
Vary
Accept-Encoding
P3P
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Content-Type
text/javascript; charset=UTF-8
Cache-Control
max-age=14400, private
Connection
keep-alive
Content-Length
12449
X-Cached
HIT
Expires
Mon, 25 Mar 2024 21:16:44 GMT
utilities.css
assets.snappykraken.com/global/css/ 		56 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.snappykraken.com/global/css/utilities.css
Requested by
Host: ae-templates.flywheelsites.com
URL: https://ae-templates.flywheelsites.com/sk-templates/sk-styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:3200:3:23f5:d040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49c16a4ae787303bbeda923e76639f749418a8573076403cf205729c18237900

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ae-templates.flywheelsites.com/sk-templates/sk-styles.css
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
U.e60LpyBj9uRZiwARhbkMk4pvlSsI9O
content-encoding
br
via
1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
date
Mon, 25 Mar 2024 08:56:27 GMT
last-modified
Tue, 07 Feb 2023 14:14:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
30033
x-amz-server-side-encryption
AES256
etag
W/"6dc9caa9fb4ca49e7349cca46daa5aec"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
UOM4HI0fBZ-FFJOqKe0m5Lu6-d5MlHMXdj9A9JE65E-Q5QuAm4dMjQ==
css2
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&family=Roboto+Condensed:ital,wght@0,400;0,700;1,300;1,400&display=swap
Requested by
Host: ae-templates.flywheelsites.com
URL: https://ae-templates.flywheelsites.com/sk-templates/sk-styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44f2939203f0ad22132d084d2c447de39280876606ba24d1f83807c203622ebb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ae-templates.flywheelsites.com/sk-templates/sk-styles.css
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 25 Mar 2024 17:16:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 25 Mar 2024 17:16:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 Mar 2024 17:16:58 GMT
all.css
pro.fontawesome.com/releases/v5.7.1/css/ 		77 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pro.fontawesome.com/releases/v5.7.1/css/all.css
Requested by
Host: assets.snappykraken.com
URL: https://assets.snappykraken.com/global/css/utilities.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9db1b06a7cfcabc0a842a496f6af2ab20c2e9aa6482210313b3c1588f4a066a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://assets.snappykraken.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 17:16:59 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 28 Jun 2021 17:35:05 GMT
server
cloudflare
x-amz-request-id
VETG73GY58V10VXW
age
1038774
etag
W/"8f17a5dd66766d27715ec7925ed120fe"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31556926
cf-ray
86a08d45ac39972f-FRA
x-amz-id-2
GGpdkagfC59q19kQdXaC0HBXDaZ8IwotHT1MzDHC96Q/qbq7QMrW9/bjohlJm2XVcDy+V5Ml0sC729IPpX9YIA==
heap-642619154.js
cdn.heapanalytics.com/js/ 		114 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.heapanalytics.com/js/heap-642619154.js
Requested by
Host: financeinsights.net
URL: https://financeinsights.net/4OpKs0lL1SOegwwHNYBaATk6EXX?email=maria.ocasio%40jfs.ohio.gov
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-35.fra56.r.cloudfront.net
Software
nginx / Express
Resource Hash
61e03869c37d5c8c54baa9557cdac25cd05ca11b2e46f5f261ae1c00dd1c5f08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://financeinsights.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 17:16:11 GMT
content-encoding
br
via
1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
x-amz-cf-pop
FRA56-C2
age
48
x-powered-by
Express
etag
W/"1c869-ziUKee8nZAkYZekj2dEcYABYP/Q"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=120
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
4zx0gKCLU40ykmtIGjY9NF_8mNuis4BXpXKpFfX-e2hUfHNQxmIH7g==
check.svg
ae-templates.flywheelsites.com/sk-templates/ 		847 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ae-templates.flywheelsites.com/sk-templates/check.svg
Requested by
Host: ae-templates.flywheelsites.com
URL: https://ae-templates.flywheelsites.com/sk-templates/sk-styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Flywheel/5.1.0 /
Resource Hash
b70bd7154918f70e35f1abef136d93ff67b35e48088e6cce12f76385ca2e3623
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://ae-templates.flywheelsites.com/sk-templates/sk-styles.css
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fw-static
YES
date
Mon, 25 Mar 2024 17:16:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-fw-server
Flywheel/5.1.0
x-cache
MISS, HIT
fastly-restarts
1
x-xss-protection
1
x-served-by
cache-fra-etou8220102-FRA, cache-fra-etou8220095-FRA
x-fw-type
VISIT
content-length
535
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 06 May 2021 17:00:08 GMT
server
Flywheel/5.1.0
x-timer
S1711387019.212732,VS0,VE1
etag
W/"60942098-34f"
x-fw-hash
vdmsw8mby2
x-fw-version
5.0.0
content-type
image/svg+xml
vary
Accept-Encoding, Authorization
access-control-allow-origin
*
x-fw-serve
TRUE
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
0, 1
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&family=Roboto+Condensed:ital,wght@0,400;0,700;1,300;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://financeinsights.net
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 19 Mar 2024 00:47:31 GMT
x-content-type-options
nosniff
age
577768
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51404
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:52:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Mar 2025 00:47:31 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&family=Roboto+Condensed:ital,wght@0,400;0,700;1,300;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://financeinsights.net
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 19 Mar 2024 07:45:27 GMT
x-content-type-options
nosniff
age
552692
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Mar 2025 07:45:27 GMT
ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v27/ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&family=Roboto+Condensed:ital,wght@0,400;0,700;1,300;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e0d02c04fe3bb456ed7318a162a6248bd481b6f8e955fecda064d7c0ad3d792
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://financeinsights.net
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 18 Mar 2024 19:56:20 GMT
x-content-type-options
nosniff
age
595239
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56996
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:53:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Mar 2025 19:56:20 GMT
js
www.googletagmanager.com/gtag/ 		253 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QWS0TWZWVV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-78645440-6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e280de0606b74807e6307404243cef542f54918491481a919225c6bf3fc346a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://financeinsights.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 17:16:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90093
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 25 Mar 2024 17:16:59 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-78645440-6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://financeinsights.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 25 Mar 2024 15:38:42 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5897
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 25 Mar 2024 17:38:42 GMT
collect
region1.google-analytics.com/g/ 		0
247 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-QWS0TWZWVV&gtm=45je43k0v9136726501za200&_p=1711387019190&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=275606019.1711387020&ul=en-us&sr=800x600&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.58%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.58&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1711387019&sct=1&seg=0&dl=https%3A%2F%2Ffinanceinsights.net%2F4OpKs0lL1SOegwwHNYBaATk6EXX%3Femail%3Dmaria.ocasio%2540jfs.ohio.gov&dt=Ballots%2C%20Bills%20and%20Bull%20Markets%20%E2%80%93%20Oh%20My!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1732
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QWS0TWZWVV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://financeinsights.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 25 Mar 2024 17:16:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://financeinsights.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2054828889&t=pageview&_s=1&dl=https%3A%2F%2Ffinanceinsights.net%2F4OpKs0lL1SOegwwHNYBaATk6EXX%3Femail%3Dmaria.ocasio%2540jfs.ohio.gov&ul=en-us&de=UTF-8&dt=Ballots%2C%20Bills%20and%20Bull%20Markets%20%E2%80%93%20Oh%20My!&sd=24-bit&sr=800x600&vp=1600x1113&je=0&_u=YADAAUABAAAAACAAI~&jid=1460268502&gjid=1425895410&cid=275606019.1711387020&tid=UA-78645440-6&_gid=1110282961.1711387020&_r=1&gtm=457e43k0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=996524976
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://financeinsights.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 25 Mar 2024 17:16:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://financeinsights.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-78645440-6&cid=275606019.1711387020&jid=1460268502&gjid=1425895410&_gid=1110282961.1711387020&npa=1&_u=YADAAUAAAAAAACAAI~&z=1254580114
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://financeinsights.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 25 Mar 2024 17:16:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://financeinsights.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		44 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		90 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
h
heapanalytics.com/ 		37 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heapanalytics.com/h?a=642619154&u=3294409719996031&v=4111401604877766&s=2689448872988029&b=web&tv=4.0&z=0&h=%2F4OpKs0lL1SOegwwHNYBaATk6EXX&q=%3Femail%3Dmaria.ocasio%2540jfs.ohio.gov&d=financeinsights.net&t=Ballots%2C%20Bills%20and%20Bull%20Markets%20%E2%80%93%20Oh%20My!&ts=1711387019898&ubv=123.0.6312.58&upv=10.0.0&st=1711387019899
Requested by
Host: financeinsights.net
URL: https://financeinsights.net/4OpKs0lL1SOegwwHNYBaATk6EXX?email=maria.ocasio%40jfs.ohio.gov
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.34.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-34-114.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://financeinsights.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 25 Mar 2024 17:17:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
37
favicon.ico
d281oufm7mm6g9.cloudfront.net/financeinsights/ 		91 KB
91 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d281oufm7mm6g9.cloudfront.net/financeinsights/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:dc00:14:bf4f:a40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8cea0d1f0e3ddc0dd891b8e7d4ee7c072201e1d1b576378bcff12df46318af98

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://financeinsights.net/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
date
Mon, 25 Mar 2024 09:24:26 GMT
via
1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
last-modified
Fri, 29 May 2020 14:35:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
age
55160
etag
"b8da8c7e353a20a4e3d2897796addc3d"
x-cache
Hit from cloudfront
content-type
image/vnd.microsoft.icon
accept-ranges
bytes
content-length
93062
x-amz-cf-id
mlv8u9eJLPY4h0HpOFg5SP2Gp20q2dfhMlfQVDNTMYfrLMdpXN9AIQ==

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal function| $ function| jQuery object| oa object| s function| gtag object| dataLayer object| heap function| Popper object| bootstrap object| jQuery1124019578753892262557 function| Waypoint object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| oneall function| oa_social_abstract function| oa_social_login function| oa_social_link function| oa_social_sharing object| _oa_asq function| oa_class object| _oneall object| gaGlobal object| gaplugins object| gaData object| Modernizr

9 Cookies

Domain/Path Name / Value
financeinsights.net/ Name: XSRF-TOKEN
Value: eyJpdiI6ImZZYldVRzllR0ZYRldUMUZnaXdhaUE9PSIsInZhbHVlIjoiMXVybU0xZVJXUU1QL3NkTkFHaW1IKzY5bUVkNzRHZ3ZzSkcxODgrUnAra1NteGtYTEhiUUNBQnZwYk40bFE4anp6K0Qya1E4a0puMDJRWjhlOTRZY3grWWdZSUg1cFZnQVNRK0NPUFA2SElWSEVSUWJvMDV2VG5RMmUzN29vS3ciLCJtYWMiOiI5YTQ0MzA1ZmFlNmFkMjE4YmY1ODQ0MTM0MzM5NzgyOGFjYjhjOGY0YzRiYWM0M2ExM2Q0ZmRkNDc1MzhkY2RmIiwidGFnIjoiIn0%3D
financeinsights.net/ Name: financeinsightsnet_session
Value: eyJpdiI6ImQwb3ZJTjI4TURnZXVuYXhWejM5Umc9PSIsInZhbHVlIjoiK2hJRVg0ekZyME90OXh0d0gzUW94L3FuRkQzUkExWUdLNHd3YTFES1pKTHpZTkhBNGJpSzVaSXppQkNxcnRRTHptUEF5V3UwVnROOGdTdkxPUWRhQ0ZJd21Zb2wwL0VubzBRR0hRc0FiNlFGV0F6WHJ6UnQ3aVlzbUVITi9BbjgiLCJtYWMiOiI4YzE3MGYyYjhlMjAyY2Y2MDg4N2RmN2NmNzJjZTQxZDc2N2VlM2UwMDk4OGVhMDYzOWEzNDY3ZjBlNWFhZmQyIiwidGFnIjoiIn0%3D
financeinsights.net/ Name: sk_email
Value: eyJpdiI6Ii85ZFBQNUlyUk5Ndk9BNU9OcVA2b0E9PSIsInZhbHVlIjoiZUltK3c2bDZtNzhYbGVKcjBvYXFZbDE3cnduSmxjN3Z1dUpxUmZXOENiUG80U1VxNVZ3S2ZGYUxDSi85eXhWTHNqOHFxQk1Ed29LNnB1VzZNbytGVmZvNDVWcmYxd3F4dzIrcDhpUm1tR3c9IiwibWFjIjoiZjJlNjM1MTk3ZjNiMTQ2ZGI5YjY3YTcwOGJmNmFjMzk1MDRhNjJmYzNiYWJhZDE2MzZmMzU2MWRkNDI5Y2MxYyIsInRhZyI6IiJ9
.financeinsights.net/ Name: _ga_QWS0TWZWVV
Value: GS1.1.1711387019.1.0.1711387019.0.0.0
.financeinsights.net/ Name: _ga
Value: GA1.2.275606019.1711387020
.financeinsights.net/ Name: _gid
Value: GA1.2.1110282961.1711387020
.financeinsights.net/ Name: _gat_gtag_UA_78645440_6
Value: 1
.financeinsights.net/ Name: _hp2_id.642619154
Value: %7B%22userId%22%3A%223294409719996031%22%2C%22pageviewId%22%3A%224111401604877766%22%2C%22sessionId%22%3A%222689448872988029%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.financeinsights.net/ Name: _hp2_ses_props.642619154
Value: %7B%22ts%22%3A1711387019898%2C%22d%22%3A%22financeinsights.net%22%2C%22h%22%3A%22%2F4OpKs0lL1SOegwwHNYBaATk6EXX%22%2C%22q%22%3A%22%3Femail%3Dmaria.ocasio%2540jfs.ohio.gov%22%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ae-templates.flywheelsites.com
ajax.googleapis.com
assets.snappykraken.com
cdn.heapanalytics.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
d281oufm7mm6g9.cloudfront.net
d3ft0j0pxzxklq.cloudfront.net
financeinsights.net
fonts.googleapis.com
fonts.gstatic.com
heapanalytics.com
pro.fontawesome.com
proofs.advisorsexcel.com
region1.google-analytics.com
snappykraken-assets.s3.amazonaws.com
snappykraken.api.oneall.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
104.16.88.20
104.17.25.14
104.18.11.207
13.32.27.35
136.243.63.184
151.101.66.159
2001:4860:4802:34::178
2001:4860:4802:34::36
2600:9000:214f:3200:3:23f5:d040:93a1
2600:9000:235a:e200:4:ba97:7a40:93a1
2600:9000:2670:8e00:5:e4e7:6380:21
2600:9000:2724:dc00:14:bf4f:a40:21
2606:4700:4400::6812:2844
2606:4700::6812:bcf
2a00:1450:4001:806::2003
2a00:1450:4001:811::200a
2a00:1450:4001:81c::2008
2a00:1450:4001:830::200a
2a00:1450:400c:c00::9c
34.230.104.39
52.216.221.33
54.209.34.114
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
238e6b2b43f55da7a4f5a6fb80697db124469ed4da566e3dfdea1bea645629a4
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
4031899e06042dd2207c6904a4e1bfb02fa795cab4e06979eee7eec8f5538707
44f2939203f0ad22132d084d2c447de39280876606ba24d1f83807c203622ebb
49c16a4ae787303bbeda923e76639f749418a8573076403cf205729c18237900
4a599faacc241e28e254d0aa850f6fe979b50b36c411d4f335379cf40069c5a6
4e0d02c04fe3bb456ed7318a162a6248bd481b6f8e955fecda064d7c0ad3d792
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61e03869c37d5c8c54baa9557cdac25cd05ca11b2e46f5f261ae1c00dd1c5f08
624efce5b35706546700ff846f7ae604c239ba5b43a525c83f17bcbe7737e3f7
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71d85395f5e77e2ddf227d1f61c56063e1d0e3c017362d5e50209408cfcb83b1
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
7f4799f6316f78f403d2bda5db81601c1164cd03569cffe4e7070079b27efa01
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8c39ce2883aad8a36c4194dc053127b29efa1677cc12db45e805760c5d9f14d1
8cea0d1f0e3ddc0dd891b8e7d4ee7c072201e1d1b576378bcff12df46318af98
9fc8ef0d209ed9cbb2272629b5bb9d5cc13290dd0b75d5dc4e62291748781ffc
b70bd7154918f70e35f1abef136d93ff67b35e48088e6cce12f76385ca2e3623
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
d5cfc192a0dd69af304646f1cda808118958cd90dfab2c454d3431fe16f35ba9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e06a885219da7bd646a1b5292cc7cff932f677a0c0efb3de797c167f7ce6f8ef
e280de0606b74807e6307404243cef542f54918491481a919225c6bf3fc346a4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f9db1b06a7cfcabc0a842a496f6af2ab20c2e9aa6482210313b3c1588f4a066a