financeinsights.net Open in urlscan Pro
54.84.238.223  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 2YGMTDb8NIAZ1Bki5eMOLtbLpgK Show response financeinsights.net/	17 KB 18 KB	1205ms 649ms	Document text/html	54.84.238.223 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://financeinsights.net/2YGMTDb8NIAZ1Bki5eMOLtbLpgK?email=smkluth%40nctc.edu Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.84.238.223 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-84-238-223.compute-1.amazonaws.com Software / Resource Hash 5c92d6fc00339d0a5e05c74c3430803acd19a8f626d6bfa08a0c17301fe08fa5 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers apigw-requestid c0GmpiwIIAMEVSQ= cache-control no-cache, private content-length 17357 content-type text/html; charset=UTF-8 date Tue, 20 Aug 2024 15:35:32 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.1.1/	85 KB 30 KB	221ms 53ms	Script text/javascript	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js Requested by Host: financeinsights.net URL: https://financeinsights.net/2YGMTDb8NIAZ1Bki5eMOLtbLpgK?email=smkluth%40nctc.edu Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://financeinsights.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 14:36:30 GMT content-encoding gzip x-content-type-options nosniff age 3542 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30244 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 20 Aug 2025 14:36:30 GMT
GET H3	200	bootstrap.min.css stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/	152 KB 27 KB	210ms 75ms	Stylesheet text/css	104.18.10.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css Requested by Host: financeinsights.net URL: https://financeinsights.net/2YGMTDb8NIAZ1Bki5eMOLtbLpgK?email=smkluth%40nctc.edu Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://financeinsights.net/ Origin https://financeinsights.net User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 15:35:32 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 1055 strict-transport-security max-age=31536000; includeSubDomains; preload age 775369 cdn-cachedat 03/18/2024 12:46:56 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:08 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag W/"a15c2ac3234aa8f6064ef9c1f7383c37" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 3330e262483d72d7da96061bfbdfcbf8 timing-allow-origin * cdn-requestcountrycode DE cdn-status 200 cf-ray 8b63742c898e9735-FRA cdn-requestpullsuccess True
GET H2	200	styles.css d281oufm7mm6g9.cloudfront.net/campaigns/_SK8_LGs/8.41_Roth_Conversions/assets/css/	16 KB 17 KB	666ms 446ms	Stylesheet text/css	2600:9000:26db:5000:14:bf4f:a40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d281oufm7mm6g9.cloudfront.net/campaigns/_SK8_LGs/8.41_Roth_Conversions/assets/css/styles.css Requested by Host: financeinsights.net URL: https://financeinsights.net/2YGMTDb8NIAZ1Bki5eMOLtbLpgK?email=smkluth%40nctc.edu Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26db:5000:14:bf4f:a40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 37ef4e461b693181bf73340578be4e0f2adc01d3a0f24b0f73daab9bfc4019b1 Request headers Referer https://financeinsights.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-amz-version-id Q8Kh1yI_X7hNnUeqqQD4u6imukx8ujkn date Tue, 20 Aug 2024 15:35:33 GMT via 1.1 94313a5530517e71f4769858ce013d58.cloudfront.net (CloudFront) last-modified Tue, 12 Apr 2022 12:33:18 GMT server AmazonS3 x-amz-cf-pop MUC50-P3 etag "67586389af28d5cf6f8e118a84043399" x-cache RefreshHit from cloudfront content-type text/css accept-ranges bytes content-length 16616 x-amz-cf-id Q_c-Mlog1S_cIT5RyYdIVgJ0A83QapK7y-cm_caHF5coSTBbZjYT-g==
GET H2	200	js Show response www.googletagmanager.com/gtag/	279 KB 97 KB	240ms 92ms	Script application/javascript	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-QWS0TWZWVV Requested by Host: financeinsights.net URL: https://financeinsights.net/2YGMTDb8NIAZ1Bki5eMOLtbLpgK?email=smkluth%40nctc.edu Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash baf3580b450b2a92dec7156bc28fe7df86860a18b2cb6de0bb10fdb5659fcbb7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://financeinsights.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 15:35:33 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 98557 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 20 Aug 2024 15:35:33 GMT
GET H2	200	img_main.png d281oufm7mm6g9.cloudfront.net/campaigns/_SK8_LGs/8.41_Roth_Conversions/assets/img/	86 KB 86 KB	705ms 485ms	Image image/png	2600:9000:26db:5000:14:bf4f:a40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d281oufm7mm6g9.cloudfront.net/campaigns/_SK8_LGs/8.41_Roth_Conversions/assets/img/img_main.png Requested by Host: financeinsights.net URL: https://financeinsights.net/2YGMTDb8NIAZ1Bki5eMOLtbLpgK?email=smkluth%40nctc.edu Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26db:5000:14:bf4f:a40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5c4b87eee9a7af7990953866fd4bdbdfcb47ce12f5d9e0cd2cd3737a3f0d8c5f Request headers Referer https://financeinsights.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-amz-version-id 4AA1l_lrEpdCiyFnSvpZiqKntsJi5hba date Tue, 20 Aug 2024 15:35:33 GMT via 1.1 94313a5530517e71f4769858ce013d58.cloudfront.net (CloudFront) last-modified Tue, 05 Apr 2022 16:43:08 GMT server AmazonS3 x-amz-cf-pop MUC50-P3 etag "0d1ea7162cc9253db8369e31552a25a5" x-cache RefreshHit from cloudfront content-type image/png accept-ranges bytes content-length 87758 x-amz-cf-id bpnMb-5r47ewQr-0_PISf5RKzynXX8e5RqiWNPzzEza7XA43CRfTsg==
GET H2	200	84c1bee4-4db2-4225-993e-3927c1bf0a04.jpeg d3ft0j0pxzxklq.cloudfront.net/media/122822/	62 KB 62 KB	806ms 586ms	Image image/jpeg	2600:9000:237d:3200:5:e4e7:6380:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3ft0j0pxzxklq.cloudfront.net/media/122822/84c1bee4-4db2-4225-993e-3927c1bf0a04.jpeg Requested by Host: financeinsights.net URL: https://financeinsights.net/2YGMTDb8NIAZ1Bki5eMOLtbLpgK?email=smkluth%40nctc.edu Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:237d:3200:5:e4e7:6380:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6e92fb77b2794de98e13d4a3f2bde4087c831bcd3c9ce640a909e1dfc03d1988 Request headers Referer https://financeinsights.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 15:35:33 GMT x-amz-version-id H4dxjUKh3TWi.q7zH9WBcee_W8J3VaTb via 1.1 d34e2629ef96cca4a5e6c92c061c82b4.cloudfront.net (CloudFront) last-modified Fri, 31 May 2024 15:07:32 GMT server AmazonS3 x-amz-cf-pop MUC50-P2 etag "4f74226c24f6e0481bef67a1cb7f687d" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/jpeg cache-control max-age=604800 x-amz-replication-status COMPLETED accept-ranges bytes content-length 63021 x-amz-cf-id HTt9iTl94W3_hRdzXAy_EWGuNJZcm4_sYt1NdHeBA_JGPWZpC8AKQQ==
GET H2	200	website.svg d281oufm7mm6g9.cloudfront.net/campaigns/_SK8_LGs/8.41_Roth_Conversions/assets/img/	931 B 1 KB	461ms 460ms	Image image/svg+xml	2600:9000:26db:5000:14:bf4f:a40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d281oufm7mm6g9.cloudfront.net/campaigns/_SK8_LGs/8.41_Roth_Conversions/assets/img/website.svg Requested by Host: financeinsights.net URL: https://financeinsights.net/2YGMTDb8NIAZ1Bki5eMOLtbLpgK?email=smkluth%40nctc.edu Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26db:5000:14:bf4f:a40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a17effd8adbb1de6ab66d161e122102805054cb594e26e82c14505efc1bf1c89 Request headers Referer https://financeinsights.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-amz-version-id vXbyQfcOYreV9z1Xy_2JEB0RAqjXBB0D date Tue, 20 Aug 2024 15:35:34 GMT via 1.1 94313a5530517e71f4769858ce013d58.cloudfront.net (CloudFront) last-modified Tue, 05 Apr 2022 16:43:11 GMT server AmazonS3 x-amz-cf-pop MUC50-P3 etag "2765b7b968c5ec8b939e10e787d775ad" x-cache RefreshHit from cloudfront content-type image/svg+xml accept-ranges bytes content-length 931 x-amz-cf-id SQVJ5v7vpVZxBAvpZWQiVxwjnl6V_2ftqhqbw33fEGHL0c_9qfRNYA==
GET H2	200	email.svg d281oufm7mm6g9.cloudfront.net/campaigns/_SK8_LGs/8.41_Roth_Conversions/assets/img/	828 B 1 KB	453ms 451ms	Image image/svg+xml	2600:9000:26db:5000:14:bf4f:a40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d281oufm7mm6g9.cloudfront.net/campaigns/_SK8_LGs/8.41_Roth_Conversions/assets/img/email.svg Requested by Host: financeinsights.net URL: https://financeinsights.net/2YGMTDb8NIAZ1Bki5eMOLtbLpgK?email=smkluth%40nctc.edu Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26db:5000:14:bf4f:a40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0b5a4ff02ec2c1123db80595a24287417c80ea6d49e996ed362341049874da20 Request headers Referer https://financeinsights.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-amz-version-id YbPPPlthTk7MClxqUYSWSvw0uK3Tpl6M date Tue, 20 Aug 2024 15:35:34 GMT via 1.1 94313a5530517e71f4769858ce013d58.cloudfront.net (CloudFront) last-modified Tue, 05 Apr 2022 16:43:08 GMT server AmazonS3 x-amz-cf-pop MUC50-P3 etag "8754961ec17e652c552459e009451e3d" x-cache RefreshHit from cloudfront content-type image/svg+xml accept-ranges bytes content-length 828 x-amz-cf-id KbK5kK0kmqfGizlOkU9yRl3MRDgLyzqShSO1hBavGRFgbVWiFw7Ing==
GET H2	200	phone.svg d281oufm7mm6g9.cloudfront.net/campaigns/_SK8_LGs/8.41_Roth_Conversions/assets/img/	3 KB 3 KB	569ms 523ms	Image image/svg+xml	2600:9000:26db:5000:14:bf4f:a40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d281oufm7mm6g9.cloudfront.net/campaigns/_SK8_LGs/8.41_Roth_Conversions/assets/img/phone.svg Requested by Host: financeinsights.net URL: https://financeinsights.net/2YGMTDb8NIAZ1Bki5eMOLtbLpgK?email=smkluth%40nctc.edu Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26db:5000:14:bf4f:a40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e39de0addff05ce7b990b8ea188df3b9e8381c214dfa19d8d6ebde56b8a2ed3f Request headers Referer https://financeinsights.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-amz-version-id uFvZ_0AvPub7hiUeThsn1ZcE_JrtFU_G date Tue, 20 Aug 2024 15:35:35 GMT via 1.1 94313a5530517e71f4769858ce013d58.cloudfront.net (CloudFront) last-modified Tue, 05 Apr 2022 16:43:11 GMT server AmazonS3 x-amz-cf-pop MUC50-P3 etag "36a56acb62a3ab83d11775c59145506f" x-cache RefreshHit from cloudfront content-type image/svg+xml accept-ranges bytes content-length 3203 x-amz-cf-id v4BSlNuzcbrPDY282wIjjWyj99MG8qxJgPEnCmwYgSlAcr2G2podsQ==
GET H2	200	img_popup.png d281oufm7mm6g9.cloudfront.net/campaigns/_SK8_LGs/8.41_Roth_Conversions/assets/img/	99 KB 100 KB	487ms 442ms	Image image/png	2600:9000:26db:5000:14:bf4f:a40:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d281oufm7mm6g9.cloudfront.net/campaigns/_SK8_LGs/8.41_Roth_Conversions/assets/img/img_popup.png Requested by Host: financeinsights.net URL: https://financeinsights.net/2YGMTDb8NIAZ1Bki5eMOLtbLpgK?email=smkluth%40nctc.edu Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26db:5000:14:bf4f:a40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 56ca168ec4986b47198ca893643a1d825346841c72948a5bf821c30a64acc453 Request headers Referer https://financeinsights.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-amz-version-id qKV47t0qoICMZF2ANcoH4Hl.emEjhUku date Tue, 20 Aug 2024 15:35:35 GMT via 1.1 94313a5530517e71f4769858ce013d58.cloudfront.net (CloudFront) last-modified Tue, 05 Apr 2022 16:43:09 GMT server AmazonS3 x-amz-cf-pop MUC50-P3 etag "7a3d7b4637f79af8682107d5f2018ae2" x-cache RefreshHit from cloudfront content-type image/png accept-ranges bytes content-length 101472 x-amz-cf-id CMyokDEWDBsouslXWc5C5MLfl1Dvz6b6mY8bZaam1Cu-QXn1jMPq2g==
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.5.1/	87 KB 30 KB	113ms 62ms	Script text/javascript	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Requested by Host: financeinsights.net URL: https://financeinsights.net/2YGMTDb8NIAZ1Bki5eMOLtbLpgK?email=smkluth%40nctc.edu Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://financeinsights.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 14:48:31 GMT content-encoding gzip x-content-type-options nosniff age 2822 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31021 x-xss-protection 0 last-modified Fri, 08 May 2020 07:05:03 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 20 Aug 2025 14:48:31 GMT
GET H3	200	popper.min.js Show response cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/	21 KB 7 KB	202ms 58ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js Requested by Host: financeinsights.net URL: https://financeinsights.net/2YGMTDb8NIAZ1Bki5eMOLtbLpgK?email=smkluth%40nctc.edu Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://financeinsights.net/ Origin https://financeinsights.net User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 15:35:33 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 492303 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 6646 last-modified Mon, 04 May 2020 16:15:37 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03fa9-520c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rC%2BvpXXKO7WO4VCXaIH1RqshdtDG%2FLd1jCtcG2Xi69lK8IAuIRbhBQ9Ug9lhvJ8RBMgKMacWrlsdYqcut9xnxAOPsIWiNcrus74nZWzj4GvlviqBDay56j1oExxSwVj%2FXSQX9Eg%2F"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 8b6374344ff14da0-FRA expires Sun, 10 Aug 2025 15:35:33 GMT
GET H3	200	bootstrap.min.js Show response stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/	57 KB 18 KB	113ms 83ms	Script application/javascript	104.18.10.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js Requested by Host: financeinsights.net URL: https://financeinsights.net/2YGMTDb8NIAZ1Bki5eMOLtbLpgK?email=smkluth%40nctc.edu Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://financeinsights.net/ Origin https://financeinsights.net User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 15:35:33 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 1068 strict-transport-security max-age=31536000; includeSubDomains; preload age 13809456 cdn-cachedat 01/17/2024 22:37:26 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:08 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag W/"e1d98d47689e00f8ecbc5d9f61bdb42e" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 3c5f1234b86c79ea8667143e8e0cb9e9 timing-allow-origin * cdn-requestcountrycode US cdn-status 200 cf-ray 8b6374339c249735-FRA cdn-requestpullsuccess True
GET H2	200	jquery-validate.bootstrap-tooltip.min.js Show response cdn.jsdelivr.net/npm/jquery-validation-bootstrap-tooltip@0.10.2/	2 KB 2 KB	217ms 68ms	Script application/javascript	2606:4700::6812:ba1f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/jquery-validation-bootstrap-tooltip@0.10.2/jquery-validate.bootstrap-tooltip.min.js Requested by Host: financeinsights.net URL: https://financeinsights.net/2YGMTDb8NIAZ1Bki5eMOLtbLpgK?email=smkluth%40nctc.edu Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 238e6b2b43f55da7a4f5a6fb80697db124469ed4da566e3dfdea1bea645629a4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://financeinsights.net/ Origin https://financeinsights.net User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 15:35:33 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 2357635 x-jsd-version 0.10.2 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 823 x-served-by cache-fra-etou8220125-FRA, cache-lga21967-LGA x-jsd-version-type version server cloudflare etag W/"7fa-PUn3BEkefzDDl8bIjqTdjyzY1Gs" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NXDMsXb%2Bni%2BMJgUcA3VzECdN0EZSothayywvnLg1M8vf3rGHrzeg%2BVqIYLzBAPpcSuiORnB4V4Hm1muz1vuZlTwyHCGzas7Z%2BrvBs6weXiyFb8iAp8quKoRl4D9sWLYyQHKyq9hQy3bDWQIeWYg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin * cf-ray 8b63743459b9bbeb-FRA
GET H2	200	forms.min.js Show response assets.snappykraken.com/global/js/	6 KB 3 KB	111ms 62ms	Script application/javascript	2600:9000:26da:f400:3:23f5:d040:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.snappykraken.com/global/js/forms.min.js Requested by Host: financeinsights.net URL: https://financeinsights.net/2YGMTDb8NIAZ1Bki5eMOLtbLpgK?email=smkluth%40nctc.edu Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26da:f400:3:23f5:d040:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b50f81edf6a754d02ebb32e2ad873610364b9839569471a15551968044a5db02 Request headers Referer https://financeinsights.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 07:36:36 GMT x-amz-version-id XzliPXsrse79foQBjBKevPJFZ6nWf3IK content-encoding br last-modified Wed, 01 Mar 2023 21:18:57 GMT server AmazonS3 via 1.1 16c1fbe376c986a5f9ba0cb7fbfd58b4.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P4 etag W/"85cf8861de84df64d8c8a235e006cbfe" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript age 28738 x-amz-cf-id 0-je0s2UljoTHppUYR7R8XnkVGV1ss2waL3ksWoVWK4d4ZmeOKSAZQ==
GET H3	200	jquery.waypoints.min.js Show response cdnjs.cloudflare.com/ajax/libs/waypoints/4.0.1/	9 KB 3 KB	204ms 62ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/waypoints/4.0.1/jquery.waypoints.min.js Requested by Host: financeinsights.net URL: https://financeinsights.net/2YGMTDb8NIAZ1Bki5eMOLtbLpgK?email=smkluth%40nctc.edu Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c39ce2883aad8a36c4194dc053127b29efa1677cc12db45e805760c5d9f14d1 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://financeinsights.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 15:35:33 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1005384 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 2417 last-modified Mon, 04 May 2020 16:17:51 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb0402f-2281" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jXLZhuLFOVhcBuRtFEZjHEX8OJTIoXXl2oZAeMBnfl%2FWVTdVUd4Cd6UBL0WvHzJWNtEwac1FYoN8E1vB6k9KsdirFNt7fA97iaRQlfrbmGDln%2F1uqAqHhkxzieO65q8ZkP%2F%2FJfvB"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 8b63743448831957-FRA expires Sun, 10 Aug 2025 15:35:33 GMT
GET H2	200	exit-intent.min.js Show response assets.snappykraken.com/global/js/	1 KB 989 B	432ms 385ms	Script application/javascript	2600:9000:26da:f400:3:23f5:d040:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.snappykraken.com/global/js/exit-intent.min.js Requested by Host: financeinsights.net URL: https://financeinsights.net/2YGMTDb8NIAZ1Bki5eMOLtbLpgK?email=smkluth%40nctc.edu Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26da:f400:3:23f5:d040:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4a599faacc241e28e254d0aa850f6fe979b50b36c411d4f335379cf40069c5a6 Request headers Referer https://financeinsights.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-amz-version-id N5IsTKdkUITlDZeVNOY4ETgiu6ZNCxDn content-encoding br via 1.1 16c1fbe376c986a5f9ba0cb7fbfd58b4.cloudfront.net (CloudFront) date Tue, 20 Aug 2024 10:36:57 GMT last-modified Tue, 07 Feb 2023 14:14:32 GMT server AmazonS3 x-amz-cf-pop MUC50-P4 age 17917 x-amz-server-side-encryption AES256 etag W/"7cd19e39545564deea163df7b5c7c5a7" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id iO4n5FbU63YD5cYnKDb3r5P4-ZndoPOZ3vIfj6TwqhcA-dhlRXLKiw==
GET H/1.1	200 OK	library.js Show response snappykraken.api.oneall.com/socialize/	46 KB 13 KB	308ms 64ms	Script text/javascript	136.243.63.184 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://snappykraken.api.oneall.com/socialize/library.js Requested by Host: financeinsights.net URL: https://financeinsights.net/2YGMTDb8NIAZ1Bki5eMOLtbLpgK?email=smkluth%40nctc.edu Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 136.243.63.184 Berlin, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS xip08.oneall.com Software nginx / Resource Hash f36b928eccaf6ad312c1dac3b8cb32afd494ae6a6b1ee6de2e50027931682633 Request headers Referer https://financeinsights.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Pragma private Date Tue, 20 Aug 2024 15:35:33 GMT Content-Encoding gzip Last-Modified Wed, 29 Mar 2017 01:55:56 GMT Server nginx X-Forwarded-Target xpapa.oneall.com Vary Accept-Encoding P3P CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA" Content-Type text/javascript; charset=UTF-8 Cache-Control max-age=14400, private Connection keep-alive Content-Length 12450 X-Cached HIT Expires Tue, 20 Aug 2024 19:35:26 GMT
GET H2	200	utilities.css assets.snappykraken.com/global/css/	56 KB 4 KB	267ms 66ms	Stylesheet text/css	2600:9000:26da:f400:3:23f5:d040:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.snappykraken.com/global/css/utilities.css Requested by Host: d281oufm7mm6g9.cloudfront.net URL: https://d281oufm7mm6g9.cloudfront.net/campaigns/_SK8_LGs/8.41_Roth_Conversions/assets/css/styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26da:f400:3:23f5:d040:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 49c16a4ae787303bbeda923e76639f749418a8573076403cf205729c18237900 Request headers Referer https://d281oufm7mm6g9.cloudfront.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 03:07:12 GMT x-amz-version-id U.e60LpyBj9uRZiwARhbkMk4pvlSsI9O content-encoding br last-modified Tue, 07 Feb 2023 14:14:37 GMT server AmazonS3 via 1.1 16c1fbe376c986a5f9ba0cb7fbfd58b4.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P4 etag W/"6dc9caa9fb4ca49e7349cca46daa5aec" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css age 44902 x-amz-cf-id rhj3t3XnK7ZQ7yre23U9wtXUrlwdG02iWoKbqyRbwCzg3DvMLmaFbQ==
GET H2	200	css2 fonts.googleapis.com/	16 KB 1 KB	244ms 56ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Big+Shoulders+Display:wght@700;800;900&family=Roboto&family=Satisfy&family=Source+Sans+Pro:wght@400;600;700;900&display=swap Requested by Host: d281oufm7mm6g9.cloudfront.net URL: https://d281oufm7mm6g9.cloudfront.net/campaigns/_SK8_LGs/8.41_Roth_Conversions/assets/css/styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d8b560aaa018e16149ce95b959527f4051c73d938305248b07fccd3f42c44300 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://d281oufm7mm6g9.cloudfront.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 20 Aug 2024 15:35:33 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 20 Aug 2024 15:35:33 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 20 Aug 2024 15:35:33 GMT
GET H2	200	all.css pro.fontawesome.com/releases/v5.7.1/css/	77 KB 16 KB	228ms 83ms	Stylesheet text/css	2606:4700::6812:133e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pro.fontawesome.com/releases/v5.7.1/css/all.css Requested by Host: assets.snappykraken.com URL: https://assets.snappykraken.com/global/css/utilities.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:133e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f9db1b06a7cfcabc0a842a496f6af2ab20c2e9aa6482210313b3c1588f4a066a Request headers Referer https://assets.snappykraken.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 15:35:33 GMT content-encoding gzip cf-cache-status HIT last-modified Mon, 28 Jun 2021 17:35:05 GMT server cloudflare x-amz-request-id ZWVSN77SVTACP3GX age 4143662 etag W/"8f17a5dd66766d27715ec7925ed120fe" vary Accept-Encoding content-type text/css cache-control max-age=31556926 cf-ray 8b6374327d4b71c4-FRA x-amz-id-2 BuJgP0O9rpFKWWV/FGQiBhksUlLrNuGibT+/Pe4N79GYdZ2TzMVIsfy6pRYiOTY7wW1JfoWBrZY=
GET H2	200	heap-642619154.js Show response cdn.heapanalytics.com/js/	117 KB 38 KB	335ms 191ms	Script application/javascript	18.173.154.122 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.heapanalytics.com/js/heap-642619154.js Requested by Host: financeinsights.net URL: https://financeinsights.net/2YGMTDb8NIAZ1Bki5eMOLtbLpgK?email=smkluth%40nctc.edu Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.154.122 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-154-122.muc50.r.cloudfront.net Software nginx / Express Resource Hash 8c1506bcf53d01aa070ed29e0146df42e7fac417108be763fc6f064a598c1bd2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://financeinsights.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 15:34:22 GMT content-encoding br via 1.1 918459d66ab0cca4258acacb6d3f6edc.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop MUC50-P3 age 71 x-powered-by Express x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 server nginx etag W/"1d49e-0Bxsq5G9fFyPkfzNE92BNcqhwmc" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=120 x-amz-cf-id KLVnKE3gEdf82fmFmpoLs1UypEc7nyLrsZjbVOrYSKz2LZS4XxljBA==
GET H2	200	fC1_PZJEZG-e9gHhdI4-NBbfd2ys3SjJCx1czNDu.woff2 fonts.gstatic.com/s/bigshouldersdisplay/v21/	35 KB 35 KB	349ms 98ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/bigshouldersdisplay/v21/fC1_PZJEZG-e9gHhdI4-NBbfd2ys3SjJCx1czNDu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Big+Shoulders+Display:wght@700;800;900&family=Roboto&family=Satisfy&family=Source+Sans+Pro:wght@400;600;700;900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 075292b13a638821b34726b33e49b3b711c4b9bee9b42f2bb68fa3b6ec888f2b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://financeinsights.net User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 13 Aug 2024 22:21:24 GMT x-content-type-options nosniff age 580450 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35504 x-xss-protection 0 last-modified Thu, 24 Aug 2023 20:28:44 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 13 Aug 2025 22:21:24 GMT
GET H2	200	6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 fonts.gstatic.com/s/sourcesanspro/v22/	14 KB 14 KB	393ms 143ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Big+Shoulders+Display:wght@700;800;900&family=Roboto&family=Satisfy&family=Source+Sans+Pro:wght@400;600;700;900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://financeinsights.net User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 14:04:01 GMT x-content-type-options nosniff age 5493 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14712 x-xss-protection 0 last-modified Thu, 01 Jun 2023 22:52:57 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 20 Aug 2025 14:04:01 GMT
GET H2	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 fonts.gstatic.com/s/sourcesanspro/v22/	15 KB 15 KB	335ms 84ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Big+Shoulders+Display:wght@700;800;900&family=Roboto&family=Satisfy&family=Source+Sans+Pro:wght@400;600;700;900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://financeinsights.net User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 13:55:28 GMT x-content-type-options nosniff age 6006 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14892 x-xss-protection 0 last-modified Thu, 01 Jun 2023 22:52:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 20 Aug 2025 13:55:28 GMT
GET H2	200	6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 fonts.gstatic.com/s/sourcesanspro/v22/	14 KB 15 KB	299ms 49ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Big+Shoulders+Display:wght@700;800;900&family=Roboto&family=Satisfy&family=Source+Sans+Pro:wght@400;600;700;900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://financeinsights.net User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 14:43:04 GMT x-content-type-options nosniff age 3150 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14824 x-xss-protection 0 last-modified Thu, 01 Jun 2023 22:52:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 20 Aug 2025 14:43:04 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v32/	18 KB 19 KB	285ms 35ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Big+Shoulders+Display:wght@700;800;900&family=Roboto&family=Satisfy&family=Source+Sans+Pro:wght@400;600;700;900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://financeinsights.net User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 14:08:32 GMT x-content-type-options nosniff age 5222 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18536 x-xss-protection 0 last-modified Thu, 01 Aug 2024 20:41:24 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 20 Aug 2025 14:08:32 GMT
GET DATA	200 OK	truncated /	44 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated /	82 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated /	90 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated /	38 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers Content-Type image/webp
POST H2	204	collect region1.google-analytics.com/g/	0 0	171ms 52ms	Fetch text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-QWS0TWZWVV&gtm=45je48e0v9136726501za200&_p=1724168133640&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=580397124.1724168134&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1724168134&sct=1&seg=0&dl=https%3A%2F%2Ffinanceinsights.net%2F2YGMTDb8NIAZ1Bki5eMOLtbLpgK%3Femail%3Dsmkluth%2540nctc.edu&dt=Explode%20Your%20Tax%20Savings%3F&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3071 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-QWS0TWZWVV Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers Referer https://financeinsights.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 20 Aug 2024 15:35:34 GMT server Golfe2 content-type text/plain access-control-allow-origin https://financeinsights.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	h heapanalytics.com/	37 B 261 B	383ms 118ms	Image image/gif	3.227.198.220 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://heapanalytics.com/h?a=642619154&u=6111045914080090&v=5853055906811251&s=4441274615741854&b=web&tv=4.0&z=0&h=%2F2YGMTDb8NIAZ1Bki5eMOLtbLpgK&q=%3Femail%3Dsmkluth%2540nctc.edu&d=financeinsights.net&t=Explode%20Your%20Tax%20Savings%3F&ts=1724168134291&sch=1200&scw=1600&st=1724168134308&lv=4.23.3&ld=cdn.heapanalytics.com Requested by Host: financeinsights.net URL: https://financeinsights.net/2YGMTDb8NIAZ1Bki5eMOLtbLpgK?email=smkluth%40nctc.edu Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.227.198.220 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-227-198-220.compute-1.amazonaws.com Software nginx / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://financeinsights.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers pragma no-cache date Tue, 20 Aug 2024 15:35:34 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx etag W/"25-4iFqfptz9csCeTUceM5hwzR1zqc" content-type image/gif cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate content-length 37
GET H2	200	favicon.ico d281oufm7mm6g9.cloudfront.net/financeinsights/	91 KB 91 KB	60ms 59ms	Other image/vnd.microsoft.icon	2600:9000:26db:5000:14:bf4f:a40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d281oufm7mm6g9.cloudfront.net/financeinsights/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26db:5000:14:bf4f:a40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8cea0d1f0e3ddc0dd891b8e7d4ee7c072201e1d1b576378bcff12df46318af98 Request headers Referer https://financeinsights.net/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 20 Aug 2024 04:25:51 GMT x-amz-version-id null via 1.1 94313a5530517e71f4769858ce013d58.cloudfront.net (CloudFront) last-modified Fri, 29 May 2020 14:35:10 GMT server AmazonS3 x-amz-cf-pop MUC50-P3 age 40184 etag "b8da8c7e353a20a4e3d2897796addc3d" x-cache Hit from cloudfront content-type image/vnd.microsoft.icon accept-ranges bytes content-length 93062 x-amz-cf-id nFkFSrRGlSqhtYMdhSwBBbLLdjTaXDmOyO53_n5c88KzkW6ySUZ9KA==

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| oa object| s function| gtag object| dataLayer object| heap function| Popper object| bootstrap function| getParameterByName object| phoneInputs function| doFormat object| Modernizr function| Waypoint object| oneall function| oa_social_abstract function| oa_social_login function| oa_social_link function| oa_social_sharing object| _oa_asq function| oa_class object| _oneall object| google_tag_manager object| google_tag_data object| gaGlobal

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			financeinsights.net/	1970-01-20 22:56:15	Name: XSRF-TOKEN Value: eyJpdiI6InNmVVpqM1JrOVJNNFhzeDVseTl6S3c9PSIsInZhbHVlIjoiR1JoRDAyZTQ5Ly91bENFNHBidHJrN0VPYXFmd1E2UXZHVW9yc1JTMmZuV1Q1Tlg3SndKMUEvZ0lsZTBVWHRjbzd5dWVJRUpMR29LeXVEVXhIVlJqdWFSK3dOMC9xZmthMENuc3ZhR0pYN1pGblZ3UHAyV09oTExySEh1dUlqZ3kiLCJtYWMiOiIzYjBmNjZhYWVlOThmNWE2NzI2MDY4NGE4YjY0NzljZmZlNGNmMmExNmRjM2VjNTVhNjk4N2E1MjNiNjg5YjYyIiwidGFnIjoiIn0%3D
			financeinsights.net/	1970-01-20 22:56:15	Name: financeinsightsnet_session Value: eyJpdiI6InBoaDlNWWpZWVNQVjZrSEFvZ3dDZVE9PSIsInZhbHVlIjoiOEJLL3U4bngvVmRrYnc0M24wdlBjVWsrWU9telFQZTl2ZW1qdmVybWhkQis0ejVvZ1ExV1YwTllzTGduaWJQRUdGa1ZHWWhlcmVEMnIwczF1MHlXSHV6OEpGYThBN1Fod3dMK3cyWHdQN252V1ptbGN0QUQ5Y09NRzlYbVBqQnEiLCJtYWMiOiIzN2M3ZDM3YjY3NjY1NjUzNWY4MDcxNTdiODk0Yjc0M2I1NTBlYzY4OTE4NjZhMGU4OTYyYzQ2Yjk0N2M5OGJiIiwidGFnIjoiIn0%3D
			financeinsights.net/	1970-01-21 08:32:08	Name: sk_email Value: eyJpdiI6ImVGK0dxcUgyL1NnU20wN3lIK0s2Ymc9PSIsInZhbHVlIjoic0NRRENSUlZHYmY4K3ZtZzI0T0daaVpLcEp0Y2pnSHRlaW5lWklyTy90M1IyZ2Jia1YzVVlPK241RVdodmNkci93TktDR0pBWnQrMFNGQmVvMlpPUnc9PSIsIm1hYyI6ImIyYTI0NzE2NTk2ZmM3NzM3YzQ3NzNmNmQ4NjhlMGUzMmUyMWMzODE3MWFmMjc3YzU3OTJkYmVjOTI4MmI4OTciLCJ0YWciOiIifQ%3D%3D
			.financeinsights.net/	1970-01-21 08:32:08	Name: _ga_QWS0TWZWVV Value: GS1.1.1724168134.1.0.1724168134.0.0.0
			.financeinsights.net/	1970-01-21 08:32:08	Name: _ga Value: GA1.1.580397124.1724168134
			.financeinsights.net/	1970-01-21 08:24:05	Name: _hp2_id.642619154 Value: %7B%22userId%22%3A%226111045914080090%22%2C%22pageviewId%22%3A%225853055906811251%22%2C%22sessionId%22%3A%224441274615741854%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
			.financeinsights.net/	1970-01-20 22:56:09	Name: _hp2_ses_props.642619154 Value: %7B%22ts%22%3A1724168134291%2C%22d%22%3A%22financeinsights.net%22%2C%22h%22%3A%22%2F2YGMTDb8NIAZ1Bki5eMOLtbLpgK%22%2C%22q%22%3A%22%3Femail%3Dsmkluth%2540nctc.edu%22%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.snappykraken.com
cdn.heapanalytics.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
d281oufm7mm6g9.cloudfront.net
d3ft0j0pxzxklq.cloudfront.net
financeinsights.net
fonts.googleapis.com
fonts.gstatic.com
heapanalytics.com
pro.fontawesome.com
region1.google-analytics.com
snappykraken.api.oneall.com
stackpath.bootstrapcdn.com
www.googletagmanager.com
104.17.25.14
104.18.10.207
136.243.63.184
18.173.154.122
2001:4860:4802:32::36
2600:9000:237d:3200:5:e4e7:6380:21
2600:9000:26da:f400:3:23f5:d040:93a1
2600:9000:26db:5000:14:bf4f:a40:21
2606:4700::6812:133e
2606:4700::6812:ba1f
2a00:1450:4001:813::200a
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:831::2008
3.227.198.220
54.84.238.223
075292b13a638821b34726b33e49b3b711c4b9bee9b42f2bb68fa3b6ec888f2b
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0b5a4ff02ec2c1123db80595a24287417c80ea6d49e996ed362341049874da20
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
238e6b2b43f55da7a4f5a6fb80697db124469ed4da566e3dfdea1bea645629a4
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
37ef4e461b693181bf73340578be4e0f2adc01d3a0f24b0f73daab9bfc4019b1
49c16a4ae787303bbeda923e76639f749418a8573076403cf205729c18237900
4a599faacc241e28e254d0aa850f6fe979b50b36c411d4f335379cf40069c5a6
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
56ca168ec4986b47198ca893643a1d825346841c72948a5bf821c30a64acc453
5c4b87eee9a7af7990953866fd4bdbdfcb47ce12f5d9e0cd2cd3737a3f0d8c5f
5c92d6fc00339d0a5e05c74c3430803acd19a8f626d6bfa08a0c17301fe08fa5
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
6e92fb77b2794de98e13d4a3f2bde4087c831bcd3c9ce640a909e1dfc03d1988
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8c1506bcf53d01aa070ed29e0146df42e7fac417108be763fc6f064a598c1bd2
8c39ce2883aad8a36c4194dc053127b29efa1677cc12db45e805760c5d9f14d1
8cea0d1f0e3ddc0dd891b8e7d4ee7c072201e1d1b576378bcff12df46318af98
a17effd8adbb1de6ab66d161e122102805054cb594e26e82c14505efc1bf1c89
b50f81edf6a754d02ebb32e2ad873610364b9839569471a15551968044a5db02
baf3580b450b2a92dec7156bc28fe7df86860a18b2cb6de0bb10fdb5659fcbb7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
d8b560aaa018e16149ce95b959527f4051c73d938305248b07fccd3f42c44300
e39de0addff05ce7b990b8ea188df3b9e8381c214dfa19d8d6ebde56b8a2ed3f
f36b928eccaf6ad312c1dac3b8cb32afd494ae6a6b1ee6de2e50027931682633
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9db1b06a7cfcabc0a842a496f6af2ab20c2e9aa6482210313b3c1588f4a066a