corriganfinancial.com Open in urlscan Pro
72.142.150.137 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.corriganbenefits.com/
Effective URL:
https://corriganfinancial.com/
Submission: On August 22 via api (August 22nd 2024, 3:22:43 pm UTC) from US — Scanned from DE

Summary HTTP 67 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 28 IPs in 6 countries across 32 domains to perform 67 HTTP transactions. The main IP is 72.142.150.137, located in Edmonton, Canada and belongs to CFCS, CA. The main domain is corriganfinancial.com.
TLS certificate: Issued by R10 on July 10th 2024. Valid for: 3 months.

This is the only time corriganfinancial.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	15.197.225.128 15.197.225.128	16509 (AMAZON-02) (AMAZON-02)
29	72.142.150.137 72.142.150.137	16583 (CFCS) (CFCS)
2	35.234.162.151 35.234.162.151	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
17 22	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:211... 2600:9000:211e:e200:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4232:85db:a4bc:3306:7fe9	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.159.3.140 35.159.3.140	16509 (AMAZON-02) (AMAZON-02)
1 1	3.67.218.153 3.67.218.153	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
1 2	89.149.193.88 89.149.193.88	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	52.207.159.248 52.207.159.248	14618 (AMAZON-AES) (AMAZON-AES)
1	72.246.169.24 72.246.169.24	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.72.42.145 54.72.42.145	16509 (AMAZON-02) (AMAZON-02)
1	34.250.173.246 34.250.173.246	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	216.58.206.66 216.58.206.66	15169 (GOOGLE) (GOOGLE)
1 1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
1 2	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
67	28

1 15.197.225.128 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com

www.corriganbenefits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 72.142.150.137 (Edmonton, Canada)

ASN16583 (CFCS, CA)
PTR: bizz.tanglednetwork.com

corriganfinancial.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.234.162.151 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 151.162.234.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 34.91.62.186 (Groningen, Netherlands) 17 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:e200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:85db:a4bc:3306:7fe9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.159.3.140 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-159-3-140.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.67.218.153 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-218-153.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.149.193.88 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.207.159.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-159-248.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.246.169.24 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.42.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-42-145.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.173.246 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-173-246.eu-west-1.compute.amazonaws.com

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.141 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	corriganfinancial.com corriganfinancial.com	425 KB
24	simpli.fi 17 redirects tag.simpli.fi — Cisco Umbrella Rank: 8238 i.simpli.fi — Cisco Umbrella Rank: 6968 um.simpli.fi — Cisco Umbrella Rank: 1484	13 KB
4	gstatic.com fonts.gstatic.com	73 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104 region1.google-analytics.com — Cisco Umbrella Rank: 3123	21 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 383	2 KB
2	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 77 cm.g.doubleclick.net — Cisco Umbrella Rank: 363	433 B
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 3519	2 KB
2	smartadserver.com 1 redirects sync.smartadserver.com — Cisco Umbrella Rank: 2269	401 B
2	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 4127	934 B
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 910 d.agkn.com — Cisco Umbrella Rank: 1174	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 646	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 741	730 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	73 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 864	264 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 555	239 B
1	google.de www.google.de — Cisco Umbrella Rank: 6716	64 B
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 10	783 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 176	23 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 689	98 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 1396	223 B
1	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 1296	266 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 1556	479 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 2757	421 B
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 10885	175 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 632	140 B
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1897	378 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 1043	236 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	95 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
1	corriganbenefits.com 1 redirects www.corriganbenefits.com	318 B
0	intentiq.com Failed sync.intentiq.com Failed
67	32

	Domain	Requested by
29	corriganfinancial.com	corriganfinancial.com
22	um.simpli.fi	17 redirects
4	fonts.gstatic.com	fonts.googleapis.com
2	ib.adnxs.com	1 redirects
2	loadm.exelator.com	1 redirects
2	sync.smartadserver.com	1 redirects
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects
2	sync.1rx.io	2 redirects
2	www.facebook.com	corriganfinancial.com
2	connect.facebook.net	corriganfinancial.com connect.facebook.net
2	www.google-analytics.com	corriganfinancial.com www.google-analytics.com
1	cm.g.doubleclick.net
1	us-u.openx.net
1	pixel.rubiconproject.com
1	www.google.de
1	www.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	1 redirects
1	idsync.rlcdn.com
1	ce.lijit.com
1	bcp.crwdcntrl.net
1	stags.bluekai.com
1	sync.bfmio.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	eb2.3lift.com
1	sync.targeting.unrulymedia.com
1	s.ad.smaato.net
1	i.simpli.fi	tag.simpli.fi
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.google-analytics.com
1	fonts.googleapis.com	corriganfinancial.com
1	tag.simpli.fi	corriganfinancial.com
1	www.corriganbenefits.com	1 redirects
0	sync.intentiq.com Failed
67	37

This site contains links to these domains. Also see Links.

Domain
portal.manulife.ca
www.facebook.com
bit.ly
www.youtube.com
goo.gl
freshbrand.ca

Subject Issuer	Validity	Valid
corriganfinancial.com R10	`2024-07-10` - `2024-10-08`	3 months	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-31` - `2024-08-29`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://corriganfinancial.com/
Frame ID: 4463DD4B34B30F23F22F2B80722224A9
Requests: 67 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Corrigan Financial | Employee and Group Benefits - Kamloops, B.C.

Page URL History Show full URLs

https://www.corriganbenefits.com/ HTTP 301
https://corriganfinancial.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

scrollreveal (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-sr(?:-id)
scrollreveal(?:\.min)(?:\.js)

Page Statistics

67
Requests

73 %
HTTPS

32 %
IPv6

32
Domains

37
Subdomains

28
IPs

6
Countries

702 kB
Transfer

1212 kB
Size

27
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://portal.manulife.ca/manulifeinvestments
Title: Client Access

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CorriganFinancialGroup/

Search URL Search Domain Scan URL

URL: http://bit.ly/2bxe8Qg

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC1yNQCxC0BedHt_AZBAbx0g

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/a58T4nX89UWMNLs68
Title: 103-418 St Paul St, Kamloops, B.C.

Search URL Search Domain Scan URL

URL: https://freshbrand.ca/
Title: Fresh

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.corriganbenefits.com/ HTTP 301
https://corriganfinancial.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://um.simpli.fi/smaato HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=7912E4D979C54398A26EE2291E0933B2

Request Chain 44

https://um.simpli.fi/nexxen HTTP 302
https://sync.1rx.io/usersync/simplifi/7912E4D979C54398A26EE2291E0933B2 HTTP 302
https://sync.1rx.io/usersync/simplifi/7912E4D979C54398A26EE2291E0933B2?zcc=1&cb=1724340158045 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-3bd42b31-29dd-4423-9e19-201098c53181-003

Request Chain 45

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=7912E4D979C54398A26EE2291E0933B2&dongle=yf3

Request Chain 46

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=7912E4D979C54398A26EE2291E0933B2

Request Chain 47

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=7912E4D979C54398A26EE2291E0933B2 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=7912E4D979C54398A26EE2291E0933B2

Request Chain 48

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=7912E4D979C54398A26EE2291E0933B2 HTTP 302
https://d.agkn.com/pixel/10751/?che=1724340158042&ip=146.70.117.70&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216943104982002814346 HTTP 302
https://um.simpli.fi/aa_px?sk=216943104982002814346 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 49

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7912E4D979C54398A26EE2291E0933B2

Request Chain 52

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=7912E4D979C54398A26EE2291E0933B2;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=7912E4D979C54398A26EE2291E0933B2;mimetype=img;sr HTTP 302
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Ffei.pro-market.net%2Fengine%3Fsite%3D161185%26size%3D1x1%26du%3D36%26csync%3D[sas_uid] HTTP 302
https://sync.smartadserver.com/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1

Request Chain 53

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=7912E4D979C54398A26EE2291E0933B2&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=7912E4D979C54398A26EE2291E0933B2&j=0&xl8blockcheck=1

Request Chain 55

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=7912E4D979C54398A26EE2291E0933B2

Request Chain 56

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=7912E4D979C54398A26EE2291E0933B2

Request Chain 57

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=7912E4D979C54398A26EE2291E0933B2

Request Chain 58

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=7912E4D979C54398A26EE2291E0933B2

Request Chain 59

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=7912E4D979C54398A26EE2291E0933B2

Request Chain 60

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1724340157864&cv=7&fst=1724340157864&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1316494224&cv=7&fst=1724340157864&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIwITY1POIiAMVLIiDBx36FAUHMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh5odHRwczovL2NvcnJpZ2FuZmluYW5jaWFsLmNvbS8 HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=1316494224&cv=7&fst=1724340157864&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIwITY1POIiAMVLIiDBx36FAUHMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh5odHRwczovL2NvcnJpZ2FuZmluYW5jaWFsLmNvbS8&is_vtc=1&cid=CAQSGwDpaXnfDgFVW-6QqKiMiBW7Ahx22o8qyPi-VQ&random=4072237453 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=1316494224&cv=7&fst=1724340157864&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIwITY1POIiAMVLIiDBx36FAUHMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh5odHRwczovL2NvcnJpZ2FuZmluYW5jaWFsLmNvbS8&is_vtc=1&cid=CAQSGwDpaXnfDgFVW-6QqKiMiBW7Ahx22o8qyPi-VQ&random=4072237453&ipr=y

Request Chain 62

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=7912E4D979C54398A26EE2291E0933B2 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D7912E4D979C54398A26EE2291E0933B2

Request Chain 63

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7912E4D979C54398A26EE2291E0933B2&expires=365

Request Chain 64

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=7912E4D979C54398A26EE2291E0933B2

67 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
corriganfinancial.com/
Redirect Chain

https://www.corriganbenefits.com/
https://corriganfinancial.com/

13 KB
4 KB

793ms
173ms

Document
text/html

72.142.150.137
CFCS

General

Check archive.org

Show headers Download Go to

Full URL

https://corriganfinancial.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.142.150.137 Edmonton, Canada, ASN16583 (CFCS, CA),

Reverse DNS

bizz.tanglednetwork.com

Software

/ Adroit Technologies Ltd.

Resource Hash

e8592c39dacd0f80ce4d9b4b1df3196794893dab40c698ebbf2758dcd4c7112f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-length: 3833
content-type: text/html; charset=UTF-8
date: Thu, 22 Aug 2024 15:22:35 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-hosting-provider: Tangled Network
x-powered-by: Adroit Technologies Ltd.
x-region: CAL1
x-request-id: d7572bdaac602473a2eee52433bc4552

Redirect headers

Connection: close
Content-Length: 64
Content-Type: text/html; charset=utf-8
Date: Thu, 22 Aug 2024 15:22:34 GMT
Location: https://corriganfinancial.com
Server: ip-100-74-5-136.eu-west-2.compute.internal
Vary: Accept-Encoding
X-Request-Id: ff11fab6-eb8b-494d-b623-2f48dd952be5

GET
H2 200 jquery.min.js Show response
corriganfinancial.com/js/ 92 KB
33 KB 432ms
359ms Script
application/javascript 72.142.150.137
CFCS

General

Check archive.org

Show headers Download Go to

Full URL

https://corriganfinancial.com/js/jquery.min.js

Requested by

Host: corriganfinancial.com
URL: https://corriganfinancial.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.142.150.137 Edmonton, Canada, ASN16583 (CFCS, CA),

Reverse DNS

bizz.tanglednetwork.com

Software

/ Adroit Technologies Ltd.

Resource Hash

3739b485ac39b157caa066b883e4d9d3f74c50beff0b86cd8a24ce407b179a23

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:35 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 19 Feb 2020 16:11:43 GMT
etag: "16eab-59ef00b5c8446-gzip"
x-powered-by: Adroit Technologies Ltd.
vary: Accept-Encoding
x-hosting-provider: Tangled Network
content-type: application/javascript
x-region: CAL1
accept-ranges: bytes
content-length: 33132
x-request-id: ebb4536e4e47409916526a15eb3f1652

GET
H2 200 jquery.rotate.js Show response
corriganfinancial.com/js/ 1 KB
910 B 266ms
194ms Script
application/javascript 72.142.150.137
CFCS

General

Check archive.org

Show headers Download Go to

Full URL

https://corriganfinancial.com/js/jquery.rotate.js

Requested by

Host: corriganfinancial.com
URL: https://corriganfinancial.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.142.150.137 Edmonton, Canada, ASN16583 (CFCS, CA),

Reverse DNS

bizz.tanglednetwork.com

Software

/ Adroit Technologies Ltd.

Resource Hash

862f6068ab56d25f63f678d392ca31147ba0aa18febb883c6a3573e3a9b6c1ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:35 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 19 Feb 2020 16:11:43 GMT
etag: "5f5-59ef00b5f81e7-gzip"
x-powered-by: Adroit Technologies Ltd.
vary: Accept-Encoding
x-hosting-provider: Tangled Network
content-type: application/javascript
x-region: CAL1
accept-ranges: bytes
content-length: 574
x-request-id: 10a5ed31f06d4da016775454a38952ee

GET
H2 200 header.js Show response
corriganfinancial.com/js/ 2 KB
1 KB 264ms
192ms Script
application/javascript 72.142.150.137
CFCS

General

Check archive.org

Show headers Download Go to

Full URL

https://corriganfinancial.com/js/header.js

Requested by

Host: corriganfinancial.com
URL: https://corriganfinancial.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.142.150.137 Edmonton, Canada, ASN16583 (CFCS, CA),

Reverse DNS

bizz.tanglednetwork.com

Software

/ Adroit Technologies Ltd.

Resource Hash

984989f95e31d6e9dfb55f6214a8117148935def58a482263c0b1ed149d08733

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:35 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 19 Feb 2020 16:11:42 GMT
etag: "9b1-59ef00b5427a4-gzip"
x-powered-by: Adroit Technologies Ltd.
vary: Accept-Encoding
x-hosting-provider: Tangled Network
content-type: application/javascript
x-region: CAL1
accept-ranges: bytes
content-length: 870
x-request-id: 1a8eed2e4bc739ea0c3ef70385204dac

GET
H2 200 scrollreveal.min.js Show response
corriganfinancial.com/js/ 9 KB
3 KB 260ms
189ms Script
application/javascript 72.142.150.137
CFCS

General

Check archive.org

Show headers Download Go to

Full URL

https://corriganfinancial.com/js/scrollreveal.min.js

Requested by

Host: corriganfinancial.com
URL: https://corriganfinancial.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.142.150.137 Edmonton, Canada, ASN16583 (CFCS, CA),

Reverse DNS

bizz.tanglednetwork.com

Software

/ Adroit Technologies Ltd.

Resource Hash

4832831d4d25137435b5885ef31de7aab125d797708c0337b0420fd06e744417

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:35 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 19 Feb 2020 16:11:43 GMT
etag: "235d-59ef00b611827-gzip"
x-powered-by: Adroit Technologies Ltd.
vary: Accept-Encoding
x-hosting-provider: Tangled Network
content-type: application/javascript
x-region: CAL1
accept-ranges: bytes
content-length: 3101
x-request-id: 179a517ce2fbb9911757d6574dcc58c1

GET
H2 200 reset.css
corriganfinancial.com/css/ 1 KB
966 B 261ms
190ms Stylesheet
text/css 72.142.150.137
CFCS

General

Check archive.org

Show headers Download Go to

Full URL

https://corriganfinancial.com/css/reset.css

Requested by

Host: corriganfinancial.com
URL: https://corriganfinancial.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.142.150.137 Edmonton, Canada, ASN16583 (CFCS, CA),

Reverse DNS

bizz.tanglednetwork.com

Software

/ Adroit Technologies Ltd.

Resource Hash

43ab6627067993b62cfb8502997251eece4214157df8fbacd5d2e4093ed3ed22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:35 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 17 Dec 2020 23:19:42 GMT
etag: "46e-5b6b13a0c2223-gzip"
x-powered-by: Adroit Technologies Ltd.
vary: Accept-Encoding
x-hosting-provider: Tangled Network
content-type: text/css
x-region: CAL1
accept-ranges: bytes
content-length: 641
x-request-id: 96a2f90cc3b32aae1dbd9bac806de8e8

GET
H2 200 style.css
corriganfinancial.com/css/ 31 KB
6 KB 429ms
358ms Stylesheet
text/css 72.142.150.137
CFCS

General

Check archive.org

Show headers Download Go to

Full URL

https://corriganfinancial.com/css/style.css?v=1.3

Requested by

Host: corriganfinancial.com
URL: https://corriganfinancial.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.142.150.137 Edmonton, Canada, ASN16583 (CFCS, CA),

Reverse DNS

bizz.tanglednetwork.com

Software

/ Adroit Technologies Ltd.

Resource Hash

76c60a1c294a5be6b6b299af90a211c213a5aa17f78fd6aa94fda44c5147ad20

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:35 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 05 Oct 2022 17:08:39 GMT
etag: "7b7d-5ea4ca0caac83-gzip"
x-powered-by: Adroit Technologies Ltd.
vary: Accept-Encoding
x-hosting-provider: Tangled Network
content-type: text/css
x-region: CAL1
accept-ranges: bytes
content-length: 6048
x-request-id: 5e867c8a8448be900f4e36b3e82fd2db

GET
H2 200 67d82b20-7188-013a-c48c-06a60fe5fe77 Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 445ms
15ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/67d82b20-7188-013a-c48c-06a60fe5fe77
Requested by: Host: corriganfinancial.com
URL: https://corriganfinancial.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 220a77ea974804ad3a8064fee54c2389567154efc4787d63a4f39eda27ee01de

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Aug 2024 15:22:36 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id: F-4WPJmHHhGy_raxkx9C
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 logo-white.svg
corriganfinancial.com/img/ 2 KB
3 KB 260ms
190ms Image
image/svg+xml 72.142.150.137
CFCS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corriganfinancial.com/img/logo-white.svg

Requested by

Host: corriganfinancial.com
URL: https://corriganfinancial.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.142.150.137 Edmonton, Canada, ASN16583 (CFCS, CA),

Reverse DNS

bizz.tanglednetwork.com

Software

/ Adroit Technologies Ltd.

Resource Hash

8855a5192d755c97e73580a6b9ee653f45d2f229b6ad92b8ae660810a794922c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:35 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 19 Feb 2020 16:11:32 GMT
etag: "8fc-59ef00abad585"
x-powered-by: Adroit Technologies Ltd.
x-hosting-provider: Tangled Network
content-type: image/svg+xml
x-region: CAL1
accept-ranges: bytes
content-length: 2300
x-request-id: c3a939d32883e322a7eac9eb4534334a

GET
H2 200 logo-dark.svg
corriganfinancial.com/img/ 2 KB
3 KB 262ms
192ms Image
image/svg+xml 72.142.150.137
CFCS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corriganfinancial.com/img/logo-dark.svg

Requested by

Host: corriganfinancial.com
URL: https://corriganfinancial.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.142.150.137 Edmonton, Canada, ASN16583 (CFCS, CA),

Reverse DNS

bizz.tanglednetwork.com

Software

/ Adroit Technologies Ltd.

Resource Hash

a2b6e13f827f7cdb77c392a790376754b77b587638445c1fb29bc6736c0fd727

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:35 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 19 Feb 2020 16:11:32 GMT
etag: "911-59ef00aba8765"
x-powered-by: Adroit Technologies Ltd.
x-hosting-provider: Tangled Network
content-type: image/svg+xml
x-region: CAL1
accept-ranges: bytes
content-length: 2321
x-request-id: 4e14893142e88791f325356b13dfb3d3

GET
H2 200 home-employee.png
corriganfinancial.com/img/ 28 KB
28 KB 236ms
194ms Image
image/png 72.142.150.137
CFCS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corriganfinancial.com/img/home-employee.png

Requested by

Host: corriganfinancial.com
URL: https://corriganfinancial.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.142.150.137 Edmonton, Canada, ASN16583 (CFCS, CA),

Reverse DNS

bizz.tanglednetwork.com

Software

/ Adroit Technologies Ltd.

Resource Hash

b50756921241a5b28783a06025a3ba16845ac3a73a851ac358c9dee3caf5de43

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 19 Feb 2020 16:11:29 GMT
etag: "6f1c-59ef00a89f1dc"
x-powered-by: Adroit Technologies Ltd.
x-hosting-provider: Tangled Network
content-type: image/png
x-region: CAL1
accept-ranges: bytes
content-length: 28444
x-request-id: 1f7c4663c7ca4a775bdeb515c766c6d7

GET
H2 200 home-finance.png
corriganfinancial.com/img/ 73 KB
73 KB 296ms
257ms Image
image/png 72.142.150.137
CFCS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corriganfinancial.com/img/home-finance.png

Requested by

Host: corriganfinancial.com
URL: https://corriganfinancial.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.142.150.137 Edmonton, Canada, ASN16583 (CFCS, CA),

Reverse DNS

bizz.tanglednetwork.com

Software

/ Adroit Technologies Ltd.

Resource Hash

0c1e4c42124cce9b65a94287481dd65b3e001fa620497fd260a1c8c4ef50906f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 19 Feb 2020 16:11:30 GMT
etag: "12399-59ef00a9c02df"
x-powered-by: Adroit Technologies Ltd.
x-hosting-provider: Tangled Network
content-type: image/png
x-region: CAL1
accept-ranges: bytes
content-length: 74649
x-request-id: a7bbcc20412af840e08c9130d8068c31

GET
H2 200 home-employee-2.png
corriganfinancial.com/img/ 64 KB
64 KB 241ms
157ms Image
image/png 72.142.150.137
CFCS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corriganfinancial.com/img/home-employee-2.png

Requested by

Host: corriganfinancial.com
URL: https://corriganfinancial.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.142.150.137 Edmonton, Canada, ASN16583 (CFCS, CA),

Reverse DNS

bizz.tanglednetwork.com

Software

/ Adroit Technologies Ltd.

Resource Hash

c2f5809e74088bc8f5c83a8795c774cc11579b739f5857fdf3828e052a3272f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 19 Feb 2020 16:11:29 GMT
etag: "fece-59ef00a8c14bc"
x-powered-by: Adroit Technologies Ltd.
x-hosting-provider: Tangled Network
content-type: image/png
x-region: CAL1
accept-ranges: bytes
content-length: 65230
x-request-id: 7231258cf12c6e461251fa04423750d5

GET
H2 200 financial-top-graphic.png
corriganfinancial.com/img/ 88 KB
88 KB 406ms
323ms Image
image/png 72.142.150.137
CFCS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corriganfinancial.com/img/financial-top-graphic.png

Requested by

Host: corriganfinancial.com
URL: https://corriganfinancial.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.142.150.137 Edmonton, Canada, ASN16583 (CFCS, CA),

Reverse DNS

bizz.tanglednetwork.com

Software

/ Adroit Technologies Ltd.

Resource Hash

6092361495e5738c9dd38be903441f3c46c30c3e7d51f700f11a300cc3321610

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 08 Jun 2021 22:57:25 GMT
etag: "15e38-5c44914e51f7c"
x-powered-by: Adroit Technologies Ltd.
x-hosting-provider: Tangled Network
content-type: image/png
x-region: CAL1
accept-ranges: bytes
content-length: 89656
x-request-id: 3ea5a24152584ee7586ecab9ee3d6ef5

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 435ms
20ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,700,900&display=swap

Requested by

Host: corriganfinancial.com
URL: https://corriganfinancial.com/css/style.css?v=1.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6613feeff6fb52a6d3f667c09273f6ab44695f0a0c8c1675fe34eeb3fdf1b259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 22 Aug 2024 15:22:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 22 Aug 2024 15:22:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Aug 2024 15:22:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 143ms
14ms Script
text/javascript 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: corriganfinancial.com
URL: https://corriganfinancial.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 22 Aug 2024 14:40:39 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2517
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 22 Aug 2024 16:40:39 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
60 KB 89ms
13ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: corriganfinancial.com
URL: https://corriganfinancial.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 22 Aug 2024 15:22:36 GMT
document-policy: force-load-at-top
x-fb-server-load: 52
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58912
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=15, rtx=0, c=12, mss=1368, tbw=2770, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: oyvfWIHYbV5lLS/AwRAOOpBBiWp/3CRkjLzRKMP5Ev4HwGKiTe8kNj0bTl53X/nC6PjM2TXWjkkhmTYKhUSHDg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 home-bottom.svg
corriganfinancial.com/img/ 581 B
873 B 193ms
181ms Image
image/svg+xml 72.142.150.137
CFCS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corriganfinancial.com/img/home-bottom.svg

Requested by

Host: corriganfinancial.com
URL: https://corriganfinancial.com/css/style.css?v=1.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.142.150.137 Edmonton, Canada, ASN16583 (CFCS, CA),

Reverse DNS

bizz.tanglednetwork.com

Software

/ Adroit Technologies Ltd.

Resource Hash

cc85ba8297032da6091c42d46de61e1464a10496d084ed8002ec5b5be074d2a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://corriganfinancial.com/css/style.css?v=1.3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 19 Feb 2020 16:11:29 GMT
etag: "245-59ef00a84e0fb"
x-powered-by: Adroit Technologies Ltd.
x-hosting-provider: Tangled Network
content-type: image/svg+xml
x-region: CAL1
accept-ranges: bytes
content-length: 581
x-request-id: 1f1b6ebcebe5f13fac14827586418ae9

GET
H2 200 life-is-better.png
corriganfinancial.com/img/ 80 KB
81 KB 198ms
186ms Image
image/png 72.142.150.137
CFCS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corriganfinancial.com/img/life-is-better.png

Requested by

Host: corriganfinancial.com
URL: https://corriganfinancial.com/css/style.css?v=1.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.142.150.137 Edmonton, Canada, ASN16583 (CFCS, CA),

Reverse DNS

bizz.tanglednetwork.com

Software

/ Adroit Technologies Ltd.

Resource Hash

56d8855f6bb172d11643a7b7305d0334532d7a2275d9e0143edc5af0709b7197

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://corriganfinancial.com/css/style.css?v=1.3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 19 Feb 2020 16:11:32 GMT
etag: "140b6-59ef00ab86485"
x-powered-by: Adroit Technologies Ltd.
x-hosting-provider: Tangled Network
content-type: image/png
x-region: CAL1
accept-ranges: bytes
content-length: 82102
x-request-id: 7766c7fa63f9f7384b3f47d22aa215c1

GET
H2 200 employee-thumb.png
corriganfinancial.com/img/ 12 KB
12 KB 195ms
182ms Image
image/png 72.142.150.137
CFCS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corriganfinancial.com/img/employee-thumb.png

Requested by

Host: corriganfinancial.com
URL: https://corriganfinancial.com/css/style.css?v=1.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.142.150.137 Edmonton, Canada, ASN16583 (CFCS, CA),

Reverse DNS

bizz.tanglednetwork.com

Software

/ Adroit Technologies Ltd.

Resource Hash

eec2ffba564f75aadf37de86dc656fe2f1a3d4fb94b4cd6da3f06e7cc60bec13

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://corriganfinancial.com/css/style.css?v=1.3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 08 Jun 2021 22:57:24 GMT
etag: "2fbe-5c44914d0cc5c"
x-powered-by: Adroit Technologies Ltd.
x-hosting-provider: Tangled Network
content-type: image/png
x-region: CAL1
accept-ranges: bytes
content-length: 12222
x-request-id: 7d980025fdcc4db424bc73d54a20ae60

GET
H2 200 financial-thumb.png
corriganfinancial.com/img/ 10 KB
11 KB 411ms
399ms Image
image/png 72.142.150.137
CFCS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corriganfinancial.com/img/financial-thumb.png

Requested by

Host: corriganfinancial.com
URL: https://corriganfinancial.com/css/style.css?v=1.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.142.150.137 Edmonton, Canada, ASN16583 (CFCS, CA),

Reverse DNS

bizz.tanglednetwork.com

Software

/ Adroit Technologies Ltd.

Resource Hash

2b15c7d3ec594a37e3bf8e4dcf0d220851b01c9825c67a34f78250b19ca4ba7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://corriganfinancial.com/css/style.css?v=1.3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 19 Feb 2020 16:11:29 GMT
etag: "29c2-59ef00a7ffefa"
x-powered-by: Adroit Technologies Ltd.
x-hosting-provider: Tangled Network
content-type: image/png
x-region: CAL1
accept-ranges: bytes
content-length: 10690
x-request-id: 3902ce4852c9c4385f3cb37258ec941e

GET
H2 200 curve-white.svg
corriganfinancial.com/img/ 530 B
822 B 412ms
400ms Image
image/svg+xml 72.142.150.137
CFCS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corriganfinancial.com/img/curve-white.svg

Requested by

Host: corriganfinancial.com
URL: https://corriganfinancial.com/css/style.css?v=1.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.142.150.137 Edmonton, Canada, ASN16583 (CFCS, CA),

Reverse DNS

bizz.tanglednetwork.com

Software

/ Adroit Technologies Ltd.

Resource Hash

0d5dd6e09a6f3aa101debf82fd554eec091e355e60466fb2385c8f9d7d16212a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://corriganfinancial.com/css/style.css?v=1.3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 19 Feb 2020 16:11:25 GMT
etag: "212-59ef00a43634d"
x-powered-by: Adroit Technologies Ltd.
x-hosting-provider: Tangled Network
content-type: image/svg+xml
x-region: CAL1
accept-ranges: bytes
content-length: 530
x-request-id: 67dea514c911a37ca3d167b17a8175dd

GET
H2 200 seperator-1.svg
corriganfinancial.com/img/ 581 B
873 B 413ms
401ms Image
image/svg+xml 72.142.150.137
CFCS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corriganfinancial.com/img/seperator-1.svg

Requested by

Host: corriganfinancial.com
URL: https://corriganfinancial.com/css/style.css?v=1.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.142.150.137 Edmonton, Canada, ASN16583 (CFCS, CA),

Reverse DNS

bizz.tanglednetwork.com

Software

/ Adroit Technologies Ltd.

Resource Hash

6bc229da5f727808041d739e9067dd33f658b5f53f0c09332c88ac75d8f1521e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://corriganfinancial.com/css/style.css?v=1.3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 19 Feb 2020 16:11:33 GMT
etag: "245-59ef00aca7589"
x-powered-by: Adroit Technologies Ltd.
x-hosting-provider: Tangled Network
content-type: image/svg+xml
x-region: CAL1
accept-ranges: bytes
content-length: 581
x-request-id: 730df2096bf58b2c3028196bb9b12192

GET
H2 200 seperator-2.svg
corriganfinancial.com/img/ 581 B
873 B 432ms
421ms Image
image/svg+xml 72.142.150.137
CFCS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corriganfinancial.com/img/seperator-2.svg

Requested by

Host: corriganfinancial.com
URL: https://corriganfinancial.com/css/style.css?v=1.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.142.150.137 Edmonton, Canada, ASN16583 (CFCS, CA),

Reverse DNS

bizz.tanglednetwork.com

Software

/ Adroit Technologies Ltd.

Resource Hash

05557d8950857079267bbdc6bc803c02341a90e7d51ca1699bbffe48d1aec3a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://corriganfinancial.com/css/style.css?v=1.3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 19 Feb 2020 16:11:34 GMT
etag: "245-59ef00acd1569"
x-powered-by: Adroit Technologies Ltd.
x-hosting-provider: Tangled Network
content-type: image/svg+xml
x-region: CAL1
accept-ranges: bytes
content-length: 581
x-request-id: 682d64956def1dadffc6b620a9e7caea

GET
H2 200 curve-grey.svg
corriganfinancial.com/img/ 530 B
822 B 393ms
381ms Image
image/svg+xml 72.142.150.137
CFCS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corriganfinancial.com/img/curve-grey.svg

Requested by

Host: corriganfinancial.com
URL: https://corriganfinancial.com/css/style.css?v=1.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.142.150.137 Edmonton, Canada, ASN16583 (CFCS, CA),

Reverse DNS

bizz.tanglednetwork.com

Software

/ Adroit Technologies Ltd.

Resource Hash

953a6b794b7ccef0ab16b91e153d51cc8640c76c0edd48e5aa1536e4d42861ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://corriganfinancial.com/css/style.css?v=1.3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 19 Feb 2020 16:11:25 GMT
etag: "212-59ef00a42694d"
x-powered-by: Adroit Technologies Ltd.
x-hosting-provider: Tangled Network
content-type: image/svg+xml
x-region: CAL1
accept-ranges: bytes
content-length: 530
x-request-id: c1fa050be93da7ba4ef93ac908e7c614

GET
H2 200 quote-left.svg
corriganfinancial.com/img/ 1 KB
1 KB 409ms
397ms Image
image/svg+xml 72.142.150.137
CFCS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corriganfinancial.com/img/quote-left.svg

Requested by

Host: corriganfinancial.com
URL: https://corriganfinancial.com/css/style.css?v=1.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.142.150.137 Edmonton, Canada, ASN16583 (CFCS, CA),

Reverse DNS

bizz.tanglednetwork.com

Software

/ Adroit Technologies Ltd.

Resource Hash

6b43be98abc9bc9c0bc7daef612d6b58bbc504d685c75bdced0d1bd637241f79

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://corriganfinancial.com/css/style.css?v=1.3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 19 Feb 2020 16:11:33 GMT
etag: "432-59ef00ac25767"
x-powered-by: Adroit Technologies Ltd.
x-hosting-provider: Tangled Network
content-type: image/svg+xml
x-region: CAL1
accept-ranges: bytes
content-length: 1074
x-request-id: bf82215abc4ecae97166d6ae821e5fe5

GET
H2 200 quote-right.svg
corriganfinancial.com/img/ 1 KB
1 KB 549ms
540ms Image
image/svg+xml 72.142.150.137
CFCS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corriganfinancial.com/img/quote-right.svg

Requested by

Host: corriganfinancial.com
URL: https://corriganfinancial.com/css/style.css?v=1.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.142.150.137 Edmonton, Canada, ASN16583 (CFCS, CA),

Reverse DNS

bizz.tanglednetwork.com

Software

/ Adroit Technologies Ltd.

Resource Hash

d80d901f90d4d7045feccf2a3b732168fa7b8b86544f3c0661d2db458d2bbb15

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://corriganfinancial.com/css/style.css?v=1.3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 19 Feb 2020 16:11:33 GMT
etag: "427-59ef00ac6fae8"
x-powered-by: Adroit Technologies Ltd.
x-hosting-provider: Tangled Network
content-type: image/svg+xml
x-region: CAL1
accept-ranges: bytes
content-length: 1063
x-request-id: d555f103f088564a11e8f1a22235c3d1

GET
H2 200 curve-footer.svg
corriganfinancial.com/img/ 530 B
822 B 533ms
524ms Image
image/svg+xml 72.142.150.137
CFCS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corriganfinancial.com/img/curve-footer.svg

Requested by

Host: corriganfinancial.com
URL: https://corriganfinancial.com/css/style.css?v=1.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.142.150.137 Edmonton, Canada, ASN16583 (CFCS, CA),

Reverse DNS

bizz.tanglednetwork.com

Software

/ Adroit Technologies Ltd.

Resource Hash

155acd7ea1b54a574f64a84fac48106576481e70d2cbed2bfaa6aba6e2661619

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://corriganfinancial.com/css/style.css?v=1.3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 19 Feb 2020 16:11:24 GMT
etag: "212-59ef00a40272d"
x-powered-by: Adroit Technologies Ltd.
x-hosting-provider: Tangled Network
content-type: image/svg+xml
x-region: CAL1
accept-ranges: bytes
content-length: 530
x-request-id: fd3c286363ed4596f7a3b965afe6feb9

GET
H2 200 footer-logo.svg
corriganfinancial.com/img/ 693 B
985 B 564ms
555ms Image
image/svg+xml 72.142.150.137
CFCS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corriganfinancial.com/img/footer-logo.svg

Requested by

Host: corriganfinancial.com
URL: https://corriganfinancial.com/css/style.css?v=1.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.142.150.137 Edmonton, Canada, ASN16583 (CFCS, CA),

Reverse DNS

bizz.tanglednetwork.com

Software

/ Adroit Technologies Ltd.

Resource Hash

07aa1b9bec7e043596ba82dc3c6eab5a41bbf8982221cb303609c9395ac239a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://corriganfinancial.com/css/style.css?v=1.3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 19 Feb 2020 16:11:29 GMT
etag: "2b5-59ef00a83b81a"
x-powered-by: Adroit Technologies Ltd.
x-hosting-provider: Tangled Network
content-type: image/svg+xml
x-region: CAL1
accept-ranges: bytes
content-length: 693
x-request-id: 2972f1109805a7900ee3b6043a27e887

GET
H2 200 facebook-icon.svg
corriganfinancial.com/img/ 617 B
908 B 536ms
527ms Image
image/svg+xml 72.142.150.137
CFCS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corriganfinancial.com/img/facebook-icon.svg

Requested by

Host: corriganfinancial.com
URL: https://corriganfinancial.com/css/style.css?v=1.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.142.150.137 Edmonton, Canada, ASN16583 (CFCS, CA),

Reverse DNS

bizz.tanglednetwork.com

Software

/ Adroit Technologies Ltd.

Resource Hash

9a7b1529958810ea3a558e5cb19a8194c5697d133e65ab607fcb402d85e63d68

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://corriganfinancial.com/css/style.css?v=1.3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 19 Feb 2020 16:11:27 GMT
etag: "269-59ef00a6aa235"
x-powered-by: Adroit Technologies Ltd.
x-hosting-provider: Tangled Network
content-type: image/svg+xml
x-region: CAL1
accept-ranges: bytes
content-length: 617
x-request-id: 83eeda01e6d9ec246680fb04122cecbe

GET
H2 200 linkedin-icon.svg
corriganfinancial.com/img/ 781 B
1 KB 544ms
535ms Image
image/svg+xml 72.142.150.137
CFCS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corriganfinancial.com/img/linkedin-icon.svg

Requested by

Host: corriganfinancial.com
URL: https://corriganfinancial.com/css/style.css?v=1.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.142.150.137 Edmonton, Canada, ASN16583 (CFCS, CA),

Reverse DNS

bizz.tanglednetwork.com

Software

/ Adroit Technologies Ltd.

Resource Hash

21bbdf1cf96479951914149e6a3932167de4c35bc2b743c8baa92ebec6d8eda7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://corriganfinancial.com/css/style.css?v=1.3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 19 Feb 2020 16:11:32 GMT
etag: "30d-59ef00ab7b8a5"
x-powered-by: Adroit Technologies Ltd.
x-hosting-provider: Tangled Network
content-type: image/svg+xml
x-region: CAL1
accept-ranges: bytes
content-length: 781
x-request-id: 43c65f7b159b9ebcf799ce327c7f1541

GET
H2 200 youtube-icon.svg
corriganfinancial.com/img/ 870 B
1 KB 534ms
525ms Image
image/svg+xml 72.142.150.137
CFCS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://corriganfinancial.com/img/youtube-icon.svg

Requested by

Host: corriganfinancial.com
URL: https://corriganfinancial.com/css/style.css?v=1.3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.142.150.137 Edmonton, Canada, ASN16583 (CFCS, CA),

Reverse DNS

bizz.tanglednetwork.com

Software

/ Adroit Technologies Ltd.

Resource Hash

0132f01bdee34a3491c5b4e9df7fd739c20135b5d0c725e2683ff68ec1eb9634

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://corriganfinancial.com/css/style.css?v=1.3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 19 Feb 2020 16:11:34 GMT
etag: "366-59ef00ad7854b"
x-powered-by: Adroit Technologies Ltd.
x-hosting-provider: Tangled Network
content-type: image/svg+xml
x-region: CAL1
accept-ranges: bytes
content-length: 870
x-request-id: ba87ff19f6d194b227d199ceb7abc00d

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 115ms
32ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://corriganfinancial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 14:58:07 GMT
x-content-type-options: nosniff
age: 260670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18536
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Aug 2025 14:58:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
19 KB 112ms
30ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://corriganfinancial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:13:05 GMT
x-content-type-options: nosniff
age: 176972
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18596
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:13:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 159ms
78ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b150c409df2cca1e55ffc6e55b649980f9a282bb6b25da6186d5ed55741141b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://corriganfinancial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:08:05 GMT
x-content-type-options: nosniff
age: 177272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18436
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:08:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 169ms
88ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://corriganfinancial.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 13:56:27 GMT
x-content-type-options: nosniff
age: 177970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18492
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 13:56:27 GMT

GET
H2 200 804704480022413 Show response
connect.facebook.net/signals/config/ 62 KB
13 KB 278ms
252ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/804704480022413?v=2.9.165&r=stable&domain=corriganfinancial.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

afe6f5f8fa44f69b533f479479baeed40444e6d9f31348487c7db27c90113c14

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 22 Aug 2024 15:22:37 GMT
document-policy: force-load-at-top
x-fb-server-load: 52
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=48, mss=1368, tbw=64445, tp=-1, tpl=-1, uplat=221, ullat=0
pragma: public
x-fb-debug: cAHr3JSdXQ7woAJpyZQ2NH8oUJL90kPypbQ9QBpoU4YMzUtops3AAf+5YFIOPC7GlMjrrEBbKq5eQLp3lQFZcg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
225 B 112ms
8ms XHR
text/plain 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=54366691&t=pageview&_s=1&dl=https%3A%2F%2Fcorriganfinancial.com%2F&ul=de-de&de=UTF-8&dt=Corrigan%20Financial%20%7C%20Employee%20and%20Group%20Benefits%20-%20Kamloops%2C%20B.C.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAACAAI~&jid=1748788288&gjid=1291247695&cid=1025476284.1724340157&tid=UA-23849962-40&_gid=1333959783.1724340157&_r=1&_slc=1&z=2038333839

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fbaa96c87dfeb7a1569af42388560039bcf70adce298b8a194606fd8d3fae524

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Aug 2024 15:22:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://corriganfinancial.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
95 KB 83ms
29ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P62QFN6X89&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

36f74154b23f45bfa8130f14474b2b5815f66d0dbe3b41d0bfab5dbc343d29b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96817
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 22 Aug 2024 15:22:37 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 28ms
6ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=804704480022413&ev=PageView&dl=https%3A%2F%2Fcorriganfinancial.com&rl=&if=false&ts=1724340157561&sw=1600&sh=1200&v=2.9.165&r=stable&ec=0&o=4124&fbp=fb.1.1724340157548.556128245123693003&pm=1&hrl=26ae0a&ler=empty&cdl=API_unavailable&it=1724340157118&coo=false&cs_cc=1&rqm=GET

Requested by

Host: corriganfinancial.com
URL: https://corriganfinancial.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1368, tbw=2785, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 22 Aug 2024 15:22:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 234ms
212ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=804704480022413&ev=PageView&dl=https%3A%2F%2Fcorriganfinancial.com&rl=&if=false&ts=1724340157561&sw=1600&sh=1200&v=2.9.165&r=stable&ec=0&o=4124&fbp=fb.1.1724340157548.556128245123693003&pm=1&hrl=26ae0a&ler=empty&cdl=API_unavailable&it=1724340157118&coo=false&cs_cc=1&rqm=FGET

Requested by

Host: corriganfinancial.com
URL: https://corriganfinancial.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Thu, 22 Aug 2024 15:22:37 GMT
document-policy: force-load-at-top
x-fb-server-load: 50
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7405984582022634497", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=14, mss=1368, tbw=3137, tp=-1, tpl=-1, uplat=203, ullat=0
pragma: no-cache
x-fb-debug: aZpCucjk5Ify01kiUowYCCpDh2R2EQhUfm3kYm2+OgHj8EQS0X0vHiL6UhP9oQlszTtY7a01dLmqgheL5cOYgQ==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7405984582022634497"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 57ms
16ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-P62QFN6X89&gtm=45je48j0v9125524711za200&_p=1724340157517&gcd=13l3l3l2l2l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=0&ul=de-de&sr=1600x1200&cid=1025476284.1724340157&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fcorriganfinancial.com%2F&dt=Corrigan%20Financial%20%7C%20Employee%20and%20Group%20Benefits%20-%20Kamloops%2C%20B.C.&sid=1724340157&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3387
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P62QFN6X89&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Aug 2024 15:22:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://corriganfinancial.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p Show response
i.simpli.fi/ 809 B
770 B 68ms
34ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=360066&cb=sifi_att_1288601839115550._hp
Requested by: Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/67d82b20-7188-013a-c48c-06a60fe5fe77
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 620060bd661269340bf9a96b925e4e6500731d1754bc599867f63e10be133539

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Aug 2024 15:22:37 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 favicon-32x32.png
corriganfinancial.com/img/icons/ 1 KB
2 KB 179ms
178ms Other
image/png 72.142.150.137
CFCS

General

Check archive.org

Show headers Download Go to

Full URL

https://corriganfinancial.com/img/icons/favicon-32x32.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.142.150.137 Edmonton, Canada, ASN16583 (CFCS, CA),

Reverse DNS

bizz.tanglednetwork.com

Software

/ Adroit Technologies Ltd.

Resource Hash

4098de01dcd776de55261e38199f68e0588b9770625a62938825d89bcb91a3f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:37 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 19 Feb 2020 16:11:38 GMT
etag: "52f-59ef00b163438"
x-powered-by: Adroit Technologies Ltd.
x-hosting-provider: Tangled Network
content-type: image/png
x-region: CAL1
accept-ranges: bytes
content-length: 1327
x-request-id: 7b069a15671c7b9ad7588845cd27f6a7

GET
H2

204

/
s.ad.smaato.net/c/
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=7912E4D979C54398A26EE2291E0933B2

0
236 B

84ms
29ms

Image
text/plain

2600:9000:211e:e200:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=7912E4D979C54398A26EE2291E0933B2
Protocol: H2
Server: 2600:9000:211e:e200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:38 GMT
cache-control: no-cache, must-revalidate
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: VABFqsj5pVQMWiWtPRne3ymIh8gLyMHi5eOKIgiKvF3AjF4JcU2B8A==
x-cache: Miss from cloudfront

Redirect headers

date: Thu, 22 Aug 2024 15:22:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=7912E4D979C54398A26EE2291E0933B2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 21 Aug 2024 15:22:37 GMT

GET
H2

200

RX-3bd42b31-29dd-4423-9e19-201098c53181-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/7912E4D979C54398A26EE2291E0933B2
https://sync.1rx.io/usersync/simplifi/7912E4D979C54398A26EE2291E0933B2?zcc=1&cb=1724340158045
https://sync.targeting.unrulymedia.com/csync/RX-3bd42b31-29dd-4423-9e19-201098c53181-003

43 B
378 B

104ms
21ms

Image
image/gif

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-3bd42b31-29dd-4423-9e19-201098c53181-003
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:38 GMT
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

content-type: text/html
pragma: no-cache
date: Thu, 22 Aug 2024 15:22:38 GMT
cache-control: no-store, no-cache, must-revalidate
location: https://sync.targeting.unrulymedia.com/csync/RX-3bd42b31-29dd-4423-9e19-201098c53181-003
expires: 0

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=7912E4D979C54398A26EE2291E0933B2&dongle=yf3

37 B
140 B

64ms
10ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=7912E4D979C54398A26EE2291E0933B2&dongle=yf3
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

date: Thu, 22 Aug 2024 15:22:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://eb2.3lift.com/xuid?mid=7969&xuid=7912E4D979C54398A26EE2291E0933B2&dongle=yf3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 21 Aug 2024 15:22:37 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=7912E4D979C54398A26EE2291E0933B2

43 B
175 B

393ms
96ms

Image
image/gif

2600:1f18:612b:4232:85db:a4bc:3306:7fe9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=7912E4D979C54398A26EE2291E0933B2
Protocol: H2
Server: 2600:1f18:612b:4232:85db:a4bc:3306:7fe9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 22 Aug 2024 15:22:38 GMT
server: nginx
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

Redirect headers

date: Thu, 22 Aug 2024 15:22:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://simplifi.partners.tremorhub.com/sync?UISF=7912E4D979C54398A26EE2291E0933B2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 21 Aug 2024 15:22:37 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=7912E4D979C54398A26EE2291E0933B2
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=7912E4D979C54398A26EE2291E0933B2

95 B
427 B

44ms
39ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=7912E4D979C54398A26EE2291E0933B2

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:38 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Thu, 22 Aug 2024 15:22:38 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=7912E4D979C54398A26EE2291E0933B2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

empty.gif
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=7912E4D979C54398A26EE2291E0933B2
https://d.agkn.com/pixel/10751/?che=1724340158042&ip=146.70.117.70&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216943104982002814346
https://um.simpli.fi/aa_px?sk=216943104982002814346
https://um.simpli.fi/empty.gif

43 B
361 B

41ms
13ms

Image
image/gif

34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Protocol

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

date: Thu, 22 Aug 2024 15:22:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: /empty.gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142

GET

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7912E4D979C54398A26EE2291E0933B2

0
0

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 16ms
14ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 21 Aug 2024 15:22:37 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 20ms
18ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 21 Aug 2024 15:22:37 GMT

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=7912E4D979C54398A26EE2291E0933B2;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=7912E4D979C54398A26EE2291E0933B2;mimetype=img;sr
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Ffei.pro-market.net%2Fengine%3Fsite%3D161185%26size%3D1x1%26du%3D36%26csync%3D[sas_uid]
https://sync.smartadserver.com/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1

0
75 B

14ms
14ms

Image
text/plain

89.149.193.88
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1
Protocol: HTTP/1.1
Server: 89.149.193.88 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:38 GMT
content-length: 0

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1
pragma: no-cache
date: Thu, 22 Aug 2024 15:22:38 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=7912E4D979C54398A26EE2291E0933B2&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=7912E4D979C54398A26EE2291E0933B2&j=0&xl8blockcheck=1

0
771 B

44ms
42ms

Image
text/plain

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=7912E4D979C54398A26EE2291E0933B2&j=0&xl8blockcheck=1
Protocol: H2
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:38 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Thu, 22 Aug 2024 15:22:38 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=7912E4D979C54398A26EE2291E0933B2&j=0&xl8blockcheck=1
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 28ms
26ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 21 Aug 2024 15:22:37 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=7912E4D979C54398A26EE2291E0933B2

0
421 B

455ms
96ms

Image
text/plain

52.207.159.248
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=7912E4D979C54398A26EE2291E0933B2
Protocol: HTTP/1.1
Server: 52.207.159.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-159-248.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Date: Thu, 22 Aug 2024 15:22:37 GMT

Redirect headers

date: Thu, 22 Aug 2024 15:22:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.bfmio.com/sync?pid=141&uid=7912E4D979C54398A26EE2291E0933B2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 21 Aug 2024 15:22:37 GMT

GET
H2

200

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=7912E4D979C54398A26EE2291E0933B2

62 B
479 B

280ms
192ms

Image
image/gif

72.246.169.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=7912E4D979C54398A26EE2291E0933B2
Protocol: H2
Server: 72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 22 Aug 2024 15:22:38 GMT
content-length: 62
x-request-id: fae6afff089f52ec16a7ab8141a06c7d
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

date: Thu, 22 Aug 2024 15:22:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://stags.bluekai.com/site/29931?id=7912E4D979C54398A26EE2291E0933B2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 21 Aug 2024 15:22:37 GMT

GET
H2

404

tpid=7912E4D979C54398A26EE2291E0933B2
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=7912E4D979C54398A26EE2291E0933B2

49 B
266 B

136ms
48ms

Image
image/gif

54.72.42.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=7912E4D979C54398A26EE2291E0933B2
Protocol: H2
Server: 54.72.42.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-42-145.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Aug 2024 15:22:38 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.30.219
content-length: 49
expires: 0

Redirect headers

date: Thu, 22 Aug 2024 15:22:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=7912E4D979C54398A26EE2291E0933B2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 21 Aug 2024 15:22:37 GMT

GET
H2

204

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=7912E4D979C54398A26EE2291E0933B2

0
223 B

207ms
59ms

Image
text/plain

34.250.173.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=7912E4D979C54398A26EE2291E0933B2
Protocol: H2
Server: 34.250.173.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-173-246.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
date: Thu, 22 Aug 2024 15:22:38 GMT
x-merge: GDPR Optout true
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
vary: Accept-Encoding
expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Thu, 22 Aug 2024 15:22:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=7912E4D979C54398A26EE2291E0933B2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 21 Aug 2024 15:22:37 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=7912E4D979C54398A26EE2291E0933B2

0
98 B

80ms
30ms

Image
text/plain

35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=7912E4D979C54398A26EE2291E0933B2
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 22 Aug 2024 15:22:38 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Thu, 22 Aug 2024 15:22:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://idsync.rlcdn.com/419566.gif?partner_uid=7912E4D979C54398A26EE2291E0933B2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 21 Aug 2024 15:22:37 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1724340157864&cv=7&fst=1724340157864&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1316494224&cv=7&fst=1724340157864&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLH...
https://www.google.com/pagead/1p-conversion/1026675585/?random=1316494224&cv=7&fst=1724340157864&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&psc...
https://www.google.de/pagead/1p-conversion/1026675585/?random=1316494224&cv=7&fst=1724340157864&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&pscr...

42 B
64 B

113ms
64ms

Image
image/gif

142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=1316494224&cv=7&fst=1724340157864&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIwITY1POIiAMVLIiDBx36FAUHMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh5odHRwczovL2NvcnJpZ2FuZmluYW5jaWFsLmNvbS8&is_vtc=1&cid=CAQSGwDpaXnfDgFVW-6QqKiMiBW7Ahx22o8qyPi-VQ&random=4072237453&ipr=y

Protocol

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Aug 2024 15:22:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Aug 2024 15:22:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=1316494224&cv=7&fst=1724340157864&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMIwITY1POIiAMVLIiDBx36FAUHMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOh5odHRwczovL2NvcnJpZ2FuZmluYW5jaWFsLmNvbS8&is_vtc=1&cid=CAQSGwDpaXnfDgFVW-6QqKiMiBW7Ahx22o8qyPi-VQ&random=4072237453&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 spotx_match
um.simpli.fi/ 0
272 B 30ms
28ms Image
text/plain 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/spotx_match

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 22 Aug 2024 15:22:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=7912E4D979C54398A26EE2291E0933B2
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D7912E4D979C54398A26EE2291E0933B2

43 B
1 KB

46ms
45ms

Image
image/gif

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D7912E4D979C54398A26EE2291E0933B2

Protocol

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Aug 2024 15:22:38 GMT
an-x-request-uuid: 6b646e03-75c6-4d05-8223-9658d312dcbc
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 146.70.117.70; 146.70.117.70; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Aug 2024 15:22:38 GMT
an-x-request-uuid: bd59be6c-382c-4d3d-8692-ee5933badc9a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D7912E4D979C54398A26EE2291E0933B2
cache-control: no-store, no-cache, private
x-proxy-origin: 146.70.117.70; 146.70.117.70; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7912E4D979C54398A26EE2291E0933B2&expires=365

0
239 B

76ms
10ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7912E4D979C54398A26EE2291E0933B2&expires=365
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 14d90060180bca4b3b64f131b647e645
Expires: 0

Redirect headers

date: Thu, 22 Aug 2024 15:22:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=7912E4D979C54398A26EE2291E0933B2&expires=365
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 21 Aug 2024 15:22:37 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=7912E4D979C54398A26EE2291E0933B2

43 B
264 B

86ms
17ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=7912E4D979C54398A26EE2291E0933B2
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Aug 2024 15:22:38 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Thu, 22 Aug 2024 15:22:37 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=7912E4D979C54398A26EE2291E0933B2
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 21 Aug 2024 15:22:37 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
409 B 68ms
33ms Image
image/png 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://corriganfinancial.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Aug 2024 15:22:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.intentiq.com
URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=7912E4D979C54398A26EE2291E0933B2

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.simpli.fi/	1970-01-21 07:46:02	Name: suid Value: 7912E4D979C54398A26EE2291E0933B2
.corriganfinancial.com/	1970-01-21 08:35:00	Name: _ga Value: GA1.2.1025476284.1724340157
.corriganfinancial.com/	1970-01-20 23:00:26	Name: _gid Value: GA1.2.1333959783.1724340157
.corriganfinancial.com/	1970-01-20 22:59:00	Name: _gat Value: 1
.corriganfinancial.com/	1970-01-21 01:08:36	Name: _fbp Value: fb.1.1724340157548.556128245123693003
.corriganfinancial.com/	1970-01-21 08:35:00	Name: _ga_P62QFN6X89 Value: GS1.2.1724340157.1.0.1724340157.0.0.0
.simpli.fi/	1970-01-20 23:09:04	Name: uid_syncd_secure Value: true
.doubleclick.net/	1970-01-20 22:59:01	Name: test_cookie Value: CheckForPermission
.agkn.com/	1970-01-21 07:44:36	Name: ab Value: 0001%3ANeHneVEyj6exCNeZ4NLZEzBLlAS6h5gP
.1rx.io/	1970-01-21 07:44:36	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-3bd42b31-29dd-4423-9e19-201098c53181-003%22%7D
.adnxs.com/	1970-01-21 01:08:36	Name: XANDR_PANID Value: _mQXjROE7oKxbTPLMExZVo6zBBwiQbieYAHz0gT7qT-4C23Gvvo_BlZJt_FJkqxeKacUwUzBSr8nF2vd_irFSOS93zWBB74n3j0eiHjk1Z8.
.adnxs.com/	1970-01-21 08:35:00	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 01:08:36	Name: uuid2 Value: 1993002894343878096
.pro-market.net/	1970-01-21 03:18:12	Name: anProfile Value: "-gma9tzj88jcf+1+1f=1+1g=1+1j=41+rs=s+rt=20010AC800200271000000000000001E+s2=(simldq)+vm=24-7912E4D979C54398A26EE2291E0933B2"
.pro-market.net/	1970-01-20 23:42:12	Name: anHistory Value: "-gma9tzj88jcf+2+!#6wM$]!Npz"
.tapad.com/	1970-01-21 00:25:24	Name: TapAd_TS Value: 1724340158084
.tapad.com/	1970-01-21 00:25:24	Name: TapAd_DID Value: a1eb789d-af57-4f73-a760-53b585ed36c8
.adnxs.com/	1970-01-21 01:08:36	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2In8mUEj#!]tbPl1N!7On*M$=BXI6i+fgYeV@Tnl!rxridfHUglp:gfS<Khcxcqkf`klxvVTE8/X%W#.wL4W1Qw2HX.y[6
.tapad.com/	1970-01-21 00:25:24	Name: TapAd_3WAY_SYNCS Value:
.agkn.com/	1970-01-21 07:44:36	Name: u Value: C\|0AAAAAAAALloUPgAAAAAA
.targeting.unrulymedia.com/	1970-01-21 07:44:36	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-3bd42b31-29dd-4423-9e19-201098c53181-003%22%7D
.bluekai.com/	1970-01-21 03:23:57	Name: bku Value: blx99n8UhtRFVO/2
.bluekai.com/	1970-01-21 03:23:57	Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwEz81EJaBWx8BpkeBExpmECO1MjaHE/0mEaa1eAp16/09y9ZSx+l
.bfmio.com/	1970-01-21 07:44:36	Name: __141_cid Value: 7912E4D979C54398A26EE2291E0933B2
.bfmio.com/	1970-01-21 07:44:36	Name: __io_cid Value: 6a5628ea48bddc74f697e450a8b24359db700e71
.exelator.com/	1970-01-21 01:51:48	Name: EE Value: "e784840f558a47ea507cd74ee32fc91f"
.exelator.com/	1970-01-21 01:51:48	Name: ud Value: "eJxrXxzq6XKLQSHV3MLEwsQgzdTUItHEPDXR1MA8OcXcJDXV2Cgt2dIwbXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIYkl%252BUWb6IhfXxUUpaQyLSopPBZ%252FYGw4Ao44qiA%253D%253D"

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=7912E4D979C54398A26EE2291E0933B2 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=7912E4D979C54398A26EE2291E0933B2 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
bcp.crwdcntrl.net
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
corriganfinancial.com
d.agkn.com
eb2.3lift.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
loadm.exelator.com
pixel.rubiconproject.com
pixel.tapad.com
region1.google-analytics.com
s.ad.smaato.net
simplifi.partners.tremorhub.com
stags.bluekai.com
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.smartadserver.com
sync.targeting.unrulymedia.com
tag.simpli.fi
um.simpli.fi
us-u.openx.net
www.corriganbenefits.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
sync.intentiq.com
142.250.185.194
142.250.185.227
15.197.225.128
172.217.16.194
185.89.210.141
2001:4860:4802:32::36
216.58.206.66
2600:1901:0:8eee::
2600:1f18:612b:4232:85db:a4bc:3306:7fe9
2600:9000:211e:e200:1b:5138:8a40:93a1
2a00:1450:4001:80f::2003
2a00:1450:4001:813::200a
2a00:1450:4001:81d::200e
2a00:1450:4001:82a::2004
2a00:1450:4001:830::2008
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.67.218.153
34.111.113.62
34.250.173.246
34.91.62.186
35.159.3.140
35.234.162.151
35.244.159.8
35.244.174.68
46.228.174.117
52.207.159.248
54.72.42.145
54.78.254.47
69.173.144.138
72.142.150.137
72.246.169.24
76.223.111.18
89.149.193.88
0132f01bdee34a3491c5b4e9df7fd739c20135b5d0c725e2683ff68ec1eb9634
05557d8950857079267bbdc6bc803c02341a90e7d51ca1699bbffe48d1aec3a5
07aa1b9bec7e043596ba82dc3c6eab5a41bbf8982221cb303609c9395ac239a9
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1e4c42124cce9b65a94287481dd65b3e001fa620497fd260a1c8c4ef50906f
0d5dd6e09a6f3aa101debf82fd554eec091e355e60466fb2385c8f9d7d16212a
155acd7ea1b54a574f64a84fac48106576481e70d2cbed2bfaa6aba6e2661619
1b150c409df2cca1e55ffc6e55b649980f9a282bb6b25da6186d5ed55741141b
21bbdf1cf96479951914149e6a3932167de4c35bc2b743c8baa92ebec6d8eda7
220a77ea974804ad3a8064fee54c2389567154efc4787d63a4f39eda27ee01de
2b15c7d3ec594a37e3bf8e4dcf0d220851b01c9825c67a34f78250b19ca4ba7c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
36f74154b23f45bfa8130f14474b2b5815f66d0dbe3b41d0bfab5dbc343d29b2
3739b485ac39b157caa066b883e4d9d3f74c50beff0b86cd8a24ce407b179a23
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4098de01dcd776de55261e38199f68e0588b9770625a62938825d89bcb91a3f8
43ab6627067993b62cfb8502997251eece4214157df8fbacd5d2e4093ed3ed22
4832831d4d25137435b5885ef31de7aab125d797708c0337b0420fd06e744417
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
56d8855f6bb172d11643a7b7305d0334532d7a2275d9e0143edc5af0709b7197
6092361495e5738c9dd38be903441f3c46c30c3e7d51f700f11a300cc3321610
620060bd661269340bf9a96b925e4e6500731d1754bc599867f63e10be133539
6613feeff6fb52a6d3f667c09273f6ab44695f0a0c8c1675fe34eeb3fdf1b259
6b43be98abc9bc9c0bc7daef612d6b58bbc504d685c75bdced0d1bd637241f79
6bc229da5f727808041d739e9067dd33f658b5f53f0c09332c88ac75d8f1521e
76c60a1c294a5be6b6b299af90a211c213a5aa17f78fd6aa94fda44c5147ad20
82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62
862f6068ab56d25f63f678d392ca31147ba0aa18febb883c6a3573e3a9b6c1ae
8855a5192d755c97e73580a6b9ee653f45d2f229b6ad92b8ae660810a794922c
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
953a6b794b7ccef0ab16b91e153d51cc8640c76c0edd48e5aa1536e4d42861ba
984989f95e31d6e9dfb55f6214a8117148935def58a482263c0b1ed149d08733
9a7b1529958810ea3a558e5cb19a8194c5697d133e65ab607fcb402d85e63d68
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2b6e13f827f7cdb77c392a790376754b77b587638445c1fb29bc6736c0fd727
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
afe6f5f8fa44f69b533f479479baeed40444e6d9f31348487c7db27c90113c14
b50756921241a5b28783a06025a3ba16845ac3a73a851ac358c9dee3caf5de43
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c2f5809e74088bc8f5c83a8795c774cc11579b739f5857fdf3828e052a3272f9
cc85ba8297032da6091c42d46de61e1464a10496d084ed8002ec5b5be074d2a2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d80d901f90d4d7045feccf2a3b732168fa7b8b86544f3c0661d2db458d2bbb15
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8592c39dacd0f80ce4d9b4b1df3196794893dab40c698ebbf2758dcd4c7112f
eec2ffba564f75aadf37de86dc656fe2f1a3d4fb94b4cd6da3f06e7cc60bec13
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fbaa96c87dfeb7a1569af42388560039bcf70adce298b8a194606fd8d3fae524

corriganfinancial.com Open in urlscan Pro 72.142.150.137 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

73 %HTTPS

32 %IPv6

32 Domains

37 Subdomains

28 IPs

6 Countries

702 kBTransfer

1212 kBSize

27 Cookies

6 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

corriganfinancial.com Open in urlscan Pro
72.142.150.137 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

73 %
HTTPS

32 %
IPv6

32
Domains

37
Subdomains

28
IPs

6
Countries

702 kB
Transfer

1212 kB
Size

27
Cookies

67 HTTP transactions
0 data transactions