financeinsights.net Open in urlscan Pro
52.206.125.39  Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 2QqrsDZnLHAeed1U5ggK7FN5OWW Show response financeinsights.net/	24 KB 25 KB	577ms 481ms	Document text/html	52.206.125.39 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.206.125.39 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-206-125-39.compute-1.amazonaws.com Software / Resource Hash 7ff710fb396c15f19a263dbe1e668c6322f43f303e30a9482ea717f22ab25cdf Request headers Accept-Language en-US,en;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers apigw-requestid YPuGGhwEIAMEW4Q= cache-control no-cache, private content-length 24145 content-type text/html; charset=UTF-8 date Thu, 23 May 2024 22:31:28 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.1.1/	85 KB 30 KB	98ms 29ms	Script text/javascript	2607:f8b0:4006:817::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js Requested by Host: financeinsights.net URL: https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://financeinsights.net/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 22 May 2024 00:35:58 GMT content-encoding gzip x-content-type-options nosniff age 165330 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30244 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Thu, 22 May 2025 00:35:58 GMT
GET H2	200	css2 fonts.googleapis.com/	4 KB 1 KB	111ms 46ms	Stylesheet text/css	2607:f8b0:4006:81d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Manrope:wght@400;800&display=swap Requested by Host: financeinsights.net URL: https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c7c3645c1fd04fe54331cf167a297e6bca436fb59bb1f2c753b35e3a0ebfefd6 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://financeinsights.net/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Thu, 23 May 2024 22:31:28 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 23 May 2024 22:31:28 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 23 May 2024 22:31:28 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	203 KB 74 KB	223ms 158ms	Script application/javascript	2607:f8b0:4006:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-78645440-6 Requested by Host: financeinsights.net URL: https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash bd3fc4fc02cd0af54bd2a16e5d0d100315417bc4ee5dbd4dc5968145a14bea03 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://financeinsights.net/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 22:31:29 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 74859 x-xss-protection 0 last-modified Thu, 23 May 2024 21:38:33 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 23 May 2024 22:31:29 GMT
GET H2	200	57ed1fe9-690d-42fa-88d1-02922427e7e5.png d3ft0j0pxzxklq.cloudfront.net/media/93279/	31 KB 31 KB	110ms 27ms	Image image/png	2600:9000:2209:7000:5:e4e7:6380:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3ft0j0pxzxklq.cloudfront.net/media/93279/57ed1fe9-690d-42fa-88d1-02922427e7e5.png Requested by Host: financeinsights.net URL: https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2209:7000:5:e4e7:6380:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash de4fae796f8234833237090833fec43ff710ad030910e0025c64bda11fba6d07 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://financeinsights.net/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 19:07:45 GMT x-amz-version-id k3dMEUsZnEhA8tDqkYhu_OHLHW3b4Th2 via 1.1 e5bd532dbdee524acdf00690205f3b5a.cloudfront.net (CloudFront) last-modified Wed, 07 Dec 2022 21:45:13 GMT server AmazonS3 x-amz-cf-pop EWR53-P1 age 185024 etag "65ebd5973b86945eb80206a908713fc3" x-cache Hit from cloudfront content-type image/png cache-control max-age=604800 x-amz-replication-status COMPLETED accept-ranges bytes content-length 31773 x-amz-cf-id Co3cCt2W_HykRXjn2D3sPJ96nF-KgpqDed3G3QB140Fm94TEQf8B-g==
GET H2	200	Copy-of-Booklet-Mockup-1.png aedesignblog.com/wp-content/uploads/2023/09/	76 KB 76 KB	404ms 199ms	Image image/png	151.101.2.159 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://aedesignblog.com/wp-content/uploads/2023/09/Copy-of-Booklet-Mockup-1.png Requested by Host: financeinsights.net URL: https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.2.159 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Flywheel/5.1.0 / Resource Hash 051b2268eb08d3fa5e4f9591b559dc40941fdeb2562e2a30cd3d78d6956566e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://financeinsights.net/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fw-static YES date Thu, 23 May 2024 22:31:29 GMT content-encoding gzip x-content-type-options nosniff x-cacheable YES x-fw-server Flywheel/5.1.0 x-cache MISS, MISS fastly-restarts 1 x-xss-protection 1 x-served-by cache-yyz4563-YYZ, cache-yyz4560-YYZ x-fw-type VISIT content-length 77604 referrer-policy no-referrer-when-downgrade last-modified Thu, 14 Sep 2023 15:24:55 GMT server Flywheel/5.1.0 x-timer S1716503489.030076,VS0,VE184 etag W/"650325c7-13174" x-fw-hash c39rwqw1up x-fw-version 5.0.0 content-type image/png vary Accept-Encoding, Authorization x-fw-serve TRUE cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 0, 0
GET H2	200	kit-_0005_will-your-money-last.png ae-templates.flywheelsites.com/wp-content/uploads/2022/08/	121 KB 121 KB	100ms 41ms	Image image/png	151.101.66.159 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://ae-templates.flywheelsites.com/wp-content/uploads/2022/08/kit-_0005_will-your-money-last.png Requested by Host: financeinsights.net URL: https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.66.159 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Flywheel/5.1.0 / Resource Hash 38306910934b14c0612c2c0e35b28784735d91b911ee3c7cb0df6121e116859a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://financeinsights.net/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fw-static YES date Thu, 23 May 2024 22:31:29 GMT content-encoding gzip x-content-type-options nosniff x-cacheable YES x-fw-server Flywheel/5.1.0 x-cache MISS, HIT fastly-restarts 1 x-xss-protection 1 x-served-by cache-yyz4548-YYZ, cache-yyz4539-YYZ x-fw-type VISIT content-length 123514 referrer-policy no-referrer-when-downgrade last-modified Wed, 17 Aug 2022 21:38:15 GMT server Flywheel/5.1.0 x-timer S1716503489.001641,VS0,VE5 etag W/"62fd5fc7-1e33a" x-fw-hash vdmsw8mby2 x-fw-version 5.0.0 content-type image/png vary Accept-Encoding, Authorization x-fw-serve TRUE cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 0, 0
GET H2	200	kit-_0006_Layer-1.png ae-templates.flywheelsites.com/wp-content/uploads/2022/08/	121 KB 121 KB	73ms 18ms	Image image/png	151.101.66.159 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://ae-templates.flywheelsites.com/wp-content/uploads/2022/08/kit-_0006_Layer-1.png Requested by Host: financeinsights.net URL: https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.66.159 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Flywheel/5.1.0 / Resource Hash 78d76e91b83a9959ebc08771a609909686617fd61b411412a83749dcb152bbb6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://financeinsights.net/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fw-static YES date Thu, 23 May 2024 22:31:29 GMT content-encoding gzip x-content-type-options nosniff x-cacheable YES x-fw-server Flywheel/5.1.0 x-cache MISS, HIT fastly-restarts 1 x-xss-protection 1 x-served-by cache-yyz4563-YYZ, cache-yyz4539-YYZ x-fw-type VISIT content-length 123257 referrer-policy no-referrer-when-downgrade last-modified Wed, 17 Aug 2022 21:38:17 GMT server Flywheel/5.1.0 x-timer S1716503489.001288,VS0,VE4 etag W/"62fd5fc9-1e23e" x-fw-hash vdmsw8mby2 x-fw-version 5.0.0 content-type image/png vary Accept-Encoding, Authorization x-fw-serve TRUE cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 0, 0
GET H2	200	kit-_0004_social-security-report.png ae-templates.flywheelsites.com/wp-content/uploads/2022/08/	119 KB 119 KB	250ms 196ms	Image image/png	151.101.66.159 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://ae-templates.flywheelsites.com/wp-content/uploads/2022/08/kit-_0004_social-security-report.png Requested by Host: financeinsights.net URL: https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.66.159 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Flywheel/5.1.0 / Resource Hash 779d6eb55557bd0dda82d040f8d90392a6ceb31ca4225e5d336c323a7c1270ff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://financeinsights.net/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fw-static YES date Thu, 23 May 2024 22:31:29 GMT content-encoding gzip x-content-type-options nosniff x-cacheable YES x-fw-server Flywheel/5.1.0 x-cache MISS, MISS fastly-restarts 1 x-xss-protection 1 x-served-by cache-yyz4525-YYZ, cache-yyz4539-YYZ x-fw-type VISIT content-length 121411 referrer-policy no-referrer-when-downgrade last-modified Wed, 17 Aug 2022 21:38:13 GMT server Flywheel/5.1.0 x-timer S1716503489.001330,VS0,VE111 etag W/"62fd5fc5-1db00" x-fw-hash vdmsw8mby2 x-fw-version 5.0.0 content-type image/png vary Accept-Encoding, Authorization x-fw-serve TRUE cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 0, 0
GET H2	200	checklist-challenge.png ae-templates.flywheelsites.com/wp-content/uploads/2022/04/	202 KB 187 KB	95ms 42ms	Image image/png	151.101.66.159 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://ae-templates.flywheelsites.com/wp-content/uploads/2022/04/checklist-challenge.png Requested by Host: financeinsights.net URL: https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.66.159 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Flywheel/5.1.0 / Resource Hash e23090c59670eb531ed6d51d3a40e2e31ae1b41f060b262bf60137afe65431a9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://financeinsights.net/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fw-static YES date Thu, 23 May 2024 22:31:29 GMT content-encoding gzip x-content-type-options nosniff x-cacheable YES x-fw-server Flywheel/5.1.0 x-cache MISS, HIT fastly-restarts 1 x-xss-protection 1 x-served-by cache-yyz4535-YYZ, cache-yyz4539-YYZ x-fw-type VISIT content-length 190882 referrer-policy no-referrer-when-downgrade last-modified Wed, 13 Apr 2022 20:35:52 GMT server Flywheel/5.1.0 x-timer S1716503489.001648,VS0,VE5 etag W/"62573428-3260d" x-fw-hash vdmsw8mby2 x-fw-version 5.0.0 content-type image/png vary Accept-Encoding, Authorization x-fw-serve TRUE cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 0, 0
GET H2	200	kit-_0003_recession.png ae-templates.flywheelsites.com/wp-content/uploads/2022/08/	112 KB 112 KB	272ms 219ms	Image image/png	151.101.66.159 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://ae-templates.flywheelsites.com/wp-content/uploads/2022/08/kit-_0003_recession.png Requested by Host: financeinsights.net URL: https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.66.159 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Flywheel/5.1.0 / Resource Hash e4010955e3fdd13bbee199bdef1037a191bb59a23f59c450345aa373bc4e5b16 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://financeinsights.net/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fw-static YES date Thu, 23 May 2024 22:31:29 GMT content-encoding gzip x-content-type-options nosniff x-cacheable YES x-fw-server Flywheel/5.1.0 x-cache MISS, MISS fastly-restarts 1 x-xss-protection 1 x-served-by cache-yyz4557-YYZ, cache-yyz4539-YYZ x-fw-type VISIT content-length 114044 referrer-policy no-referrer-when-downgrade last-modified Wed, 17 Aug 2022 21:38:11 GMT server Flywheel/5.1.0 x-timer S1716503489.001598,VS0,VE180 etag W/"62fd5fc3-1be3a" x-fw-hash vdmsw8mby2 x-fw-version 5.0.0 content-type image/png vary Accept-Encoding, Authorization x-fw-serve TRUE cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 0, 0
GET H2	200	kit-_0000_AdobeStock_109099922.png ae-templates.flywheelsites.com/wp-content/uploads/2022/08/	104 KB 104 KB	95ms 42ms	Image image/png	151.101.66.159 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://ae-templates.flywheelsites.com/wp-content/uploads/2022/08/kit-_0000_AdobeStock_109099922.png Requested by Host: financeinsights.net URL: https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.66.159 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Flywheel/5.1.0 / Resource Hash b17f9e5da794ef1b1ac99f336f21dde1bb105080271fef7fec41a97b67ebb500 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://financeinsights.net/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fw-static YES date Thu, 23 May 2024 22:31:29 GMT content-encoding gzip x-content-type-options nosniff x-cacheable YES x-fw-server Flywheel/5.1.0 x-cache MISS, HIT fastly-restarts 1 x-xss-protection 1 x-served-by cache-yyz4572-YYZ, cache-yyz4539-YYZ x-fw-type VISIT content-length 106488 referrer-policy no-referrer-when-downgrade last-modified Wed, 17 Aug 2022 21:38:03 GMT server Flywheel/5.1.0 x-timer S1716503489.001585,VS0,VE5 etag W/"62fd5fbb-1a0b2" x-fw-hash vdmsw8mby2 x-fw-version 5.0.0 content-type image/png vary Accept-Encoding, Authorization x-fw-serve TRUE cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 0, 0
GET H2	200	manwithcoffee.png ae-templates.flywheelsites.com/wp-content/uploads/2022/08/	616 KB 617 KB	333ms 329ms	Image image/png	151.101.66.159 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://ae-templates.flywheelsites.com/wp-content/uploads/2022/08/manwithcoffee.png Requested by Host: financeinsights.net URL: https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.66.159 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Flywheel/5.1.0 / Resource Hash 6edb7f0dce7e15095fb6e4e5f97d6cf8afc72a0737d7b5926fa388cf4829c6c7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://financeinsights.net/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fw-static YES date Thu, 23 May 2024 22:31:29 GMT content-encoding gzip x-content-type-options nosniff x-cacheable YES x-fw-server Flywheel/5.1.0 x-cache MISS, MISS fastly-restarts 1 x-xss-protection 1 x-served-by cache-yyz4545-YYZ, cache-yyz4539-YYZ x-fw-type VISIT content-length 631029 referrer-policy no-referrer-when-downgrade last-modified Tue, 16 Aug 2022 20:39:49 GMT server Flywheel/5.1.0 x-timer S1716503489.174166,VS0,VE232 etag W/"62fc0095-9a02b" x-fw-hash vdmsw8mby2 x-fw-version 5.0.0 content-type image/png vary Accept-Encoding, Authorization x-fw-serve TRUE cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 0, 0
GET H/1.1	200 OK	library.js Show response snappykraken.api.oneall.com/socialize/	46 KB 13 KB	784ms 112ms	Script text/javascript	136.243.63.184 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://snappykraken.api.oneall.com/socialize/library.js Requested by Host: financeinsights.net URL: https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 136.243.63.184 Berlin, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS xip08.oneall.com Software nginx / Resource Hash d5cfc192a0dd69af304646f1cda808118958cd90dfab2c454d3431fe16f35ba9 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://financeinsights.net/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma private Date Thu, 23 May 2024 22:31:29 GMT Content-Encoding gzip Last-Modified Wed, 29 Mar 2017 01:55:56 GMT Server nginx X-Forwarded-Target xquebec.oneall.com Vary Accept-Encoding P3P CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA" Content-Type text/javascript; charset=UTF-8 Cache-Control max-age=14400, private Connection keep-alive Content-Length 12449 X-Cached HIT Expires Fri, 24 May 2024 02:31:15 GMT
GET H2	200	heap-642619154.js Show response cdn.heapanalytics.com/js/	117 KB 38 KB	217ms 155ms	Script application/javascript	18.164.116.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.heapanalytics.com/js/heap-642619154.js Requested by Host: financeinsights.net URL: https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.116.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-116-57.jfk50.r.cloudfront.net Software nginx / Express Resource Hash a7441c6db8fc45012acf7313c5a1ea64b2dbb8d215ad64173c559f86bf0297ef Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://financeinsights.net/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 22:29:30 GMT content-encoding br via 1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains server nginx x-amz-cf-pop JFK50-P6 age 119 x-powered-by Express etag W/"1d2c7-KZFRKXAEl6ZhEP+aHA9F9tHf62M" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 cache-control public, max-age=120 alt-svc h3=":443"; ma=86400 x-amz-cf-id MMVYzwaReUq73q_LXu7vcBOgOx2MYfhzTeVOVAdNcVQ1BYfI0pzq7w==
GET H2	200	thankyou-arrow.svg ae-templates.flywheelsites.com/wp-content/uploads/2022/08/	1 KB 862 B	104ms 101ms	Image image/svg+xml	151.101.66.159 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://ae-templates.flywheelsites.com/wp-content/uploads/2022/08/thankyou-arrow.svg Requested by Host: financeinsights.net URL: https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.66.159 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Flywheel/5.1.0 / Resource Hash 2a4421960866d28b8511f347089e4cd5e06e992aa3c2bb3fb82690c44f709d03 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://financeinsights.net/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fw-static YES date Thu, 23 May 2024 22:31:29 GMT content-encoding gzip x-content-type-options nosniff x-cacheable YES x-fw-server Flywheel/5.1.0 x-cache MISS, MISS fastly-restarts 1 x-xss-protection 1 x-served-by cache-yyz4579-YYZ, cache-yyz4539-YYZ x-fw-type VISIT content-length 708 referrer-policy no-referrer-when-downgrade last-modified Wed, 24 Aug 2022 21:14:01 GMT server Flywheel/5.1.0 x-timer S1716503489.174150,VS0,VE86 etag W/"63069499-4db" x-fw-hash vdmsw8mby2 x-fw-version 5.0.0 content-type image/svg+xml vary Accept-Encoding, Authorization access-control-allow-origin * x-fw-serve TRUE cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 0, 0
GET H2	200	xn7gYHE41ni1AdIRggexSg.woff2 fonts.gstatic.com/s/manrope/v15/	24 KB 24 KB	200ms 138ms	Font font/woff2	2607:f8b0:4006:808::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Manrope:wght@400;800&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:808::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://financeinsights.net Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 05:00:16 GMT x-content-type-options nosniff age 235873 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24376 x-xss-protection 0 last-modified Wed, 13 Sep 2023 23:22:16 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 21 May 2025 05:00:16 GMT
GET H2	200	h heapanalytics.com/	37 B 261 B	110ms 34ms	Image image/gif	34.225.48.49 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://heapanalytics.com/h?a=642619154&u=2211288904118397&v=4774505804838134&s=2986561875417541&b=web&tv=4.0&z=0&h=%2F2QqrsDZnLHAeed1U5ggK7FN5OWW&q=%3Femail%3Dkaren.martin%2540changehealthcare.com&d=financeinsights.net&t=Success!&ts=1716503489188&ubv=125.0.6422.76&upv=10.0.0&sch=1200&scw=1600&st=1716503489192&ei=238&et=variation Requested by Host: financeinsights.net URL: https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.225.48.49 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-225-48-49.compute-1.amazonaws.com Software nginx / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://financeinsights.net/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 22:31:29 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx etag W/"25-4iFqfptz9csCeTUceM5hwzR1zqc" content-type image/gif cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate content-length 37
GET H2	200	js Show response www.googletagmanager.com/gtag/	270 KB 94 KB	67ms 66ms	Script application/javascript	2607:f8b0:4006:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-QWS0TWZWVV&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-78645440-6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 6d754e0a323e44a6a64b6dabefa408aa0a2f32f6acf2d9aaa60e86bf107149da Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://financeinsights.net/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 22:31:29 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 95704 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 23 May 2024 22:31:29 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	266ms 201ms	Script text/javascript	2607:f8b0:4006:824::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-78645440-6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://financeinsights.net/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 23 May 2024 22:07:06 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 1463 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Fri, 24 May 2024 00:07:06 GMT
POST H2	204	collect www.google-analytics.com/g/	0 164 B	43ms 42ms	Ping text/plain	2607:f8b0:4006:824::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-QWS0TWZWVV&gtm=45je45m0v9136726501za200&_p=1716503488937&gcd=13l3l3l3l1&npa=0&dma=0&cid=1792961775.1716503490&ul=en-us&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1716503489&sct=1&seg=0&dl=https%3A%2F%2Ffinanceinsights.net%2F2QqrsDZnLHAeed1U5ggK7FN5OWW%3Femail%3Dkaren.martin%2540changehealthcare.com&dt=Success!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1366 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-QWS0TWZWVV&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://financeinsights.net/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 23 May 2024 22:31:29 GMT server Golfe2 content-type text/plain access-control-allow-origin https://financeinsights.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	2 B 92 B	42ms 42ms	XHR text/plain	2607:f8b0:4006:824::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=609602912&t=pageview&_s=1&dl=https%3A%2F%2Ffinanceinsights.net%2F2QqrsDZnLHAeed1U5ggK7FN5OWW%3Femail%3Dkaren.martin%2540changehealthcare.com&ul=en-us&de=UTF-8&dt=Success!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1534285827&gjid=103844850&cid=1792961775.1716503490&tid=UA-78645440-6&_gid=1879579797.1716503490&_r=1&gtm=457e45m0za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=1672919633 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://financeinsights.net/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 23 May 2024 22:31:29 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://financeinsights.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 348 B	118ms 42ms	XHR text/plain	2607:f8b0:4004:c09::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-78645440-6&cid=1792961775.1716503490&jid=1534285827&gjid=103844850&_gid=1879579797.1716503490&_u=YADAAUAAAAAAACAAI~&z=885886163 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://financeinsights.net/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Thu, 23 May 2024 22:31:29 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://financeinsights.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	favicon.ico d281oufm7mm6g9.cloudfront.net/financeinsights/	91 KB 91 KB	97ms 28ms	Other image/vnd.microsoft.icon	2600:9000:23ca:1000:14:bf4f:a40:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d281oufm7mm6g9.cloudfront.net/financeinsights/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:23ca:1000:14:bf4f:a40:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8cea0d1f0e3ddc0dd891b8e7d4ee7c072201e1d1b576378bcff12df46318af98 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://financeinsights.net/ Accept-Language en-US,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 22 May 2024 23:18:53 GMT x-amz-version-id null via 1.1 33aae203c47fd9e0f18a8f3f6d37fbfc.cloudfront.net (CloudFront) last-modified Fri, 29 May 2020 14:35:10 GMT server AmazonS3 x-amz-cf-pop JFK50-P2 age 83557 etag "b8da8c7e353a20a4e3d2897796addc3d" x-cache Hit from cloudfront content-type image/vnd.microsoft.icon accept-ranges bytes content-length 93062 x-amz-cf-id gIcmLrLZyZJReaC2HhijauTsznXOPqKYLdQSjArkFXlKBo2Z4D-3vw==

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| oa object| s function| gtag object| dataLayer object| heap object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData object| oneall function| oa_social_abstract function| oa_social_login function| oa_social_link function| oa_social_sharing object| _oa_asq function| oa_class object| _oneall

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			financeinsights.net/	1970-01-20 20:48:30	Name: XSRF-TOKEN Value: eyJpdiI6IjIwMWJrNnNVMjFkOHRoOUNkRUZzV0E9PSIsInZhbHVlIjoieDBUMG1jdVFiWGd3V29oUXBQVk13UmI2cXR6UlRheDZxK3VDVVdVSldEb3h0UE5YNjlxWGFaaG9lcFhqY2RHeU1hNXFaUURRcXVTTm9LajRlS05KaXBLd1Zhem9EVkRVVGZwUnlNYzZ5cVV4L0YzZjcveGlVQmxrRzloOGdEenMiLCJtYWMiOiJhZGNjZDliMGQ4OGMwOTM3MjZkNTc4NmI5OGYwYjhhN2E0ZDEwOGYzZmRkMzExZmQ0MTY5YmJiYmIzNGYzZTJmIiwidGFnIjoiIn0%3D
			financeinsights.net/	1970-01-20 20:48:30	Name: financeinsightsnet_session Value: eyJpdiI6Im5wQnlKZzNtSEcwM0lOekF2aWh0ZlE9PSIsInZhbHVlIjoiWFpON0RwR2dUS3VJUjNSMitpN29SaC9GUUc5N2U4RHd5L1JqdXM3b3l4Tk5QTERUNTJ0YXVoWVpobGNyMmV5UElYVkgya2JWOHY3Zkl4SzFmSUJWNjY1alh6dEVWSXEwMmYyZWZMWHlFWDRqVmIwdUovbjNoNkpPZGZXRE92bnEiLCJtYWMiOiIzODcxYjQ2NTVjM2FjODRlOWU2OGVmOTE1NjhiYWFlN2NiNWE3ZDU4YTUyMmEwYjQzZTdlYjEyZDhmNjEyNDdlIiwidGFnIjoiIn0%3D
			financeinsights.net/	1970-01-21 06:24:23	Name: sk_email Value: eyJpdiI6InVvRUVCTHBrRHVoMEJ6bEJ3MlZvMWc9PSIsInZhbHVlIjoibElXTm5Ca2x0ZXFzMlhMYUtGUjJteVNCNlQxeC9jOGNlcW5TdEtueGlqb1FGYzlBMXQ4Y1ZUVG9NeEcwTWN4bFNnUnFkVTQ1UWlaZlhwTEZpcTNUMmN5T1dvbiszbEhZcGJmQXQ5NkRobW89IiwibWFjIjoiMjZkY2I3NTRmOTJkN2VlYjAxNjU2OGNhOTc4Y2UxZjA0MDc2MzEwN2Q4MDNhYTJmZGY5ZjkyNzQyNGMwMTMzZiIsInRhZyI6IiJ9
			.financeinsights.net/	1970-01-21 06:16:21	Name: _hp2_id.642619154 Value: %7B%22userId%22%3A%222211288904118397%22%2C%22pageviewId%22%3A%224774505804838134%22%2C%22sessionId%22%3A%222986561875417541%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
			.financeinsights.net/	1970-01-20 20:48:25	Name: _hp2_ses_props.642619154 Value: %7B%22ts%22%3A1716503489188%2C%22d%22%3A%22financeinsights.net%22%2C%22h%22%3A%22%2F2QqrsDZnLHAeed1U5ggK7FN5OWW%22%2C%22q%22%3A%22%3Femail%3Dkaren.martin%2540changehealthcare.com%22%7D
			.financeinsights.net/	1970-01-21 06:24:23	Name: _ga_QWS0TWZWVV Value: GS1.1.1716503489.1.0.1716503489.0.0.0
			.financeinsights.net/	1970-01-21 06:24:23	Name: _ga Value: GA1.2.1792961775.1716503490
			.financeinsights.net/	1970-01-20 20:49:49	Name: _gid Value: GA1.2.1879579797.1716503490
			.financeinsights.net/	1970-01-20 20:48:23	Name: _gat_gtag_UA_78645440_6 Value: 1

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com Message: Mixed Content: The page at 'https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com' was loaded over HTTPS, but requested an insecure element 'http://ae-templates.flywheelsites.com/wp-content/uploads/2022/08/kit-_0005_will-your-money-last.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com Message: Mixed Content: The page at 'https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com' was loaded over HTTPS, but requested an insecure element 'http://ae-templates.flywheelsites.com/wp-content/uploads/2022/08/kit-_0006_Layer-1.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com Message: Mixed Content: The page at 'https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com' was loaded over HTTPS, but requested an insecure element 'http://ae-templates.flywheelsites.com/wp-content/uploads/2022/08/kit-_0004_social-security-report.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com Message: Mixed Content: The page at 'https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com' was loaded over HTTPS, but requested an insecure element 'http://ae-templates.flywheelsites.com/wp-content/uploads/2022/08/kit-_0003_recession.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com Message: Mixed Content: The page at 'https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com' was loaded over HTTPS, but requested an insecure element 'http://ae-templates.flywheelsites.com/wp-content/uploads/2022/08/kit-_0000_AdobeStock_109099922.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com Message: Mixed Content: The page at 'https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com' was loaded over HTTPS, but requested an insecure element 'http://ae-templates.flywheelsites.com/wp-content/uploads/2022/08/manwithcoffee.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com(Line 932) Message: Mixed Content: The page at 'https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com' was loaded over HTTPS, but requested an insecure element 'http://ae-templates.flywheelsites.com/wp-content/uploads/2022/08/kit-_0005_will-your-money-last.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com(Line 932) Message: Mixed Content: The page at 'https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com' was loaded over HTTPS, but requested an insecure element 'http://ae-templates.flywheelsites.com/wp-content/uploads/2022/08/kit-_0006_Layer-1.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com(Line 932) Message: Mixed Content: The page at 'https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com' was loaded over HTTPS, but requested an insecure element 'http://ae-templates.flywheelsites.com/wp-content/uploads/2022/08/kit-_0004_social-security-report.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com(Line 932) Message: Mixed Content: The page at 'https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com' was loaded over HTTPS, but requested an insecure element 'http://ae-templates.flywheelsites.com/wp-content/uploads/2022/08/kit-_0003_recession.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com(Line 932) Message: Mixed Content: The page at 'https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com' was loaded over HTTPS, but requested an insecure element 'http://ae-templates.flywheelsites.com/wp-content/uploads/2022/08/kit-_0000_AdobeStock_109099922.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com(Line 932) Message: Mixed Content: The page at 'https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com' was loaded over HTTPS, but requested an insecure element 'http://ae-templates.flywheelsites.com/wp-content/uploads/2022/08/manwithcoffee.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com(Line 935) Message: Mixed Content: The page at 'https://financeinsights.net/2QqrsDZnLHAeed1U5ggK7FN5OWW?email=karen.martin%40changehealthcare.com' was loaded over HTTPS, but requested an insecure element 'http://ae-templates.flywheelsites.com/wp-content/uploads/2022/08/thankyou-arrow.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ae-templates.flywheelsites.com
aedesignblog.com
ajax.googleapis.com
cdn.heapanalytics.com
d281oufm7mm6g9.cloudfront.net
d3ft0j0pxzxklq.cloudfront.net
financeinsights.net
fonts.googleapis.com
fonts.gstatic.com
heapanalytics.com
snappykraken.api.oneall.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
136.243.63.184
151.101.2.159
151.101.66.159
18.164.116.57
2600:9000:2209:7000:5:e4e7:6380:21
2600:9000:23ca:1000:14:bf4f:a40:21
2607:f8b0:4004:c09::9c
2607:f8b0:4006:808::2003
2607:f8b0:4006:80f::2008
2607:f8b0:4006:817::200a
2607:f8b0:4006:81d::200a
2607:f8b0:4006:824::200e
34.225.48.49
52.206.125.39
051b2268eb08d3fa5e4f9591b559dc40941fdeb2562e2a30cd3d78d6956566e5
14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7
2a4421960866d28b8511f347089e4cd5e06e992aa3c2bb3fb82690c44f709d03
38306910934b14c0612c2c0e35b28784735d91b911ee3c7cb0df6121e116859a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d754e0a323e44a6a64b6dabefa408aa0a2f32f6acf2d9aaa60e86bf107149da
6edb7f0dce7e15095fb6e4e5f97d6cf8afc72a0737d7b5926fa388cf4829c6c7
779d6eb55557bd0dda82d040f8d90392a6ceb31ca4225e5d336c323a7c1270ff
78d76e91b83a9959ebc08771a609909686617fd61b411412a83749dcb152bbb6
7ff710fb396c15f19a263dbe1e668c6322f43f303e30a9482ea717f22ab25cdf
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8cea0d1f0e3ddc0dd891b8e7d4ee7c072201e1d1b576378bcff12df46318af98
a7441c6db8fc45012acf7313c5a1ea64b2dbb8d215ad64173c559f86bf0297ef
b17f9e5da794ef1b1ac99f336f21dde1bb105080271fef7fec41a97b67ebb500
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd3fc4fc02cd0af54bd2a16e5d0d100315417bc4ee5dbd4dc5968145a14bea03
c7c3645c1fd04fe54331cf167a297e6bca436fb59bb1f2c753b35e3a0ebfefd6
d5cfc192a0dd69af304646f1cda808118958cd90dfab2c454d3431fe16f35ba9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de4fae796f8234833237090833fec43ff710ad030910e0025c64bda11fba6d07
e23090c59670eb531ed6d51d3a40e2e31ae1b41f060b262bf60137afe65431a9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4010955e3fdd13bbee199bdef1037a191bb59a23f59c450345aa373bc4e5b16