client-staging.connect.financial Open in urlscan Pro
104.26.2.194 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://client-staging.connect.financial/
Submission: On January 14 via automatic, source certstream-suspicious (January 14th 2025, 6:09:15 pm UTC) — Scanned from CA

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 14 HTTP transactions. The main IP is 104.26.2.194, located in and belongs to CLOUDFLARENET, US. The main domain is client-staging.connect.financial.
TLS certificate: Issued by WE1 on January 14th 2025. Valid for: 3 months.

This is the only time client-staging.connect.financial was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	104.26.2.194 104.26.2.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.253.63.95 172.253.63.95	15169 (GOOGLE) (GOOGLE)
2	104.26.1.5 104.26.1.5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.251.179.94 142.251.179.94	15169 (GOOGLE) (GOOGLE)
14	4

7 104.26.2.194 (None, )

ASN13335 (CLOUDFLARENET, US)

client-staging.connect.financial	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.63.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.1.5 (None, )

ASN13335 (CLOUDFLARENET, US)

yoga-staging.cnfi.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.179.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	connect.financial client-staging.connect.financial	2 MB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
2	gstatic.com fonts.gstatic.com	16 KB
2	cnfi.me yoga-staging.cnfi.me	706 B
14	4

	Domain	Requested by
7	client-staging.connect.financial	client-staging.connect.financial
3	fonts.googleapis.com	client-staging.connect.financial
2	fonts.gstatic.com	fonts.googleapis.com
2	yoga-staging.cnfi.me	client-staging.connect.financial
14	4

This site contains no links.

Subject Issuer	Validity	Valid
client-staging.connect.financial WE1	`2025-01-14` - `2025-04-14`	3 months	crt.sh
upload.video.google.com WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh
cnfi.me WE1	`2024-12-05` - `2025-03-05`	3 months	crt.sh
*.gstatic.com WR2	`2024-12-09` - `2025-03-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://client-staging.connect.financial/
Frame ID: 430DB3C0ED4BBD99E362C8FC3CF7FB02
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Connect Financial

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

2368 kB
Transfer

3176 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
client-staging.connect.financial/ 1 KB
1 KB 350ms
144ms Document
text/html 104.26.2.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client-staging.connect.financial/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.194 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3253638bd124cd719a279eb0a7a76b8c8659003bab736e3270f389cbdf9743c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 901f934e6bbaac8d-YYZ
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 14 Jan 2025 18:09:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D6OlUNjRbzYFAbQGrllGqQtMhhRO%2BqRlj2Gs5GQWXAZ4RfF0B0CD%2BdQjLq8Jx8JEpyieR9qTeH7v0944wroOLXoyE6hTOlUTVHjWW8vz1%2B%2Fk%2Byl6uXdQaSovcfQmLkS9j2bwIiWCJDZ9AwCo%2BOURr7p1jg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=23901&min_rtt=23798&rtt_var=3914&sent=7&recv=11&lost=0&retrans=0&sent_bytes=4353&recv_bytes=2313&delivery_rate=164301&cwnd=253&unsent_bytes=0&cid=6e3c1ba3552190b1&ts=154&x=0"
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 191ms
98ms Stylesheet
text/css 172.253.63.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,200;0,300;0,400;0,500;1,200;1,300;1,400;1,500&display=swap

Requested by

Host: client-staging.connect.financial
URL: https://client-staging.connect.financial/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f95.1e100.net

Software

ESF /

Resource Hash

b60e5264fe47ec9d1b5f9481627f6bc959a0af2dd7a01aca210a0db3aba8be7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://client-staging.connect.financial/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 14 Jan 2025 18:09:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 14 Jan 2025 18:09:09 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 14 Jan 2025 18:05:09 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 index-BqGAEXH7.css
client-staging.connect.financial/assets/ 58 KB
10 KB 68ms
67ms Stylesheet
text/css 104.26.2.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client-staging.connect.financial/assets/index-BqGAEXH7.css

Requested by

Host: client-staging.connect.financial
URL: https://client-staging.connect.financial/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.194 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33b567697ec57b850271fb2231da251a1779d1779107b728f2ddcccd411da078

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://client-staging.connect.financial
Referer: https://client-staging.connect.financial/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"e19ed60b8a1a67c70cf8836b3bfae1f5"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e5Ny8SkzOtfSD9JG8956KG4n1r%2FF3311G7qiD1mlMaORrVyP7sFs5176fhoV10xNsxgOFrHRIO2pBdkwwDhPEDbqzsSZsdf6VbdNvqlUxGmYkoueR00c%2B3PrI6hkLWHeKoBqoqh2vAhdHivNThFAH3lP9g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=25335&min_rtt=23798&rtt_var=5044&sent=11&recv=13&lost=0&retrans=0&sent_bytes=5704&recv_bytes=2490&delivery_rate=164301&cwnd=256&unsent_bytes=0&cid=6e3c1ba3552190b1&ts=231&x=0"
date: Tue, 14 Jan 2025 18:09:09 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 901f934f5d31ac8d-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H2 200 rocket-loader.min.js Show response
client-staging.connect.financial/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 742ms
742ms Script
application/javascript 104.26.2.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client-staging.connect.financial/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: client-staging.connect.financial
URL: https://client-staging.connect.financial/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.194 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://client-staging.connect.financial/

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"677d3aee-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=en%2FZTqRLWzoAWOg6imZ3KDmX6YYyfyjiyySgfu6GCYx01BzDq6sVLeEirnAlOYfyf74VFXLJDPiLFXZh%2FHlYTEsrTwgkRXjnyv%2FR8Ur3Bvq7ZgFYWa3iKAf67IVco9c1TyXX0VXGqi2kkQUJzY8NZubD"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 901f934fbd7dac8d-YYZ
expires: Thu, 16 Jan 2025 18:09:09 GMT
date: Tue, 14 Jan 2025 18:09:09 GMT
content-type: application/javascript
last-modified: Tue, 07 Jan 2025 14:32:14 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
582 B 60ms
59ms Stylesheet
text/css 172.253.63.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,600;1,400;1,600&display=swap

Requested by

Host: client-staging.connect.financial
URL: https://client-staging.connect.financial/assets/index-BqGAEXH7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f95.1e100.net

Software

ESF /

Resource Hash

db708b1d949103b31944d87cb30d13ffcf6b6b3b6c40e969633451537f087fa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://client-staging.connect.financial/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 14 Jan 2025 18:09:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 14 Jan 2025 18:09:09 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 14 Jan 2025 18:08:26 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 index-DvFTflAZ.js Show response
client-staging.connect.financial/assets/ 1 MB
323 KB 153ms
152ms Script
application/javascript 104.26.2.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client-staging.connect.financial/assets/index-DvFTflAZ.js

Requested by

Host: client-staging.connect.financial
URL: https://client-staging.connect.financial/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.194 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3521f7e95394be45a373fc6991f69fb5bd0e967f6ae3adfef9cab553e69e8636

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://client-staging.connect.financial
Referer: https://client-staging.connect.financial/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"772cfb03d7acb2781b240b3215116cfb"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gs%2FjCy6FHjNDRhe5DUDTqim8U%2BM5vIjXKBvHZi5DklTpUDRjl26rV204q2EGas%2BU%2BnUcQcydbPGaSRpmxjEGcTsebOxID5XeJ8nfgru2vO%2Ff0XbjV85eTZxyP8MsZadJhTv9s9jNeJhHcIjT3MHBvKlF%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=25410&min_rtt=23000&rtt_var=2820&sent=38&recv=26&lost=0&retrans=5&sent_bytes=28847&recv_bytes=2796&delivery_rate=163478&cwnd=256&unsent_bytes=0&cid=6e3c1ba3552190b1&ts=1376&x=0"
date: Tue, 14 Jan 2025 18:09:10 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 901f9355fd1bac8d-YYZ
access-control-allow-origin: *
server: cloudflare

GET
H2 200 logo.svg
client-staging.connect.financial/ 1 KB
1 KB 89ms
88ms Other
image/svg+xml 104.26.2.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client-staging.connect.financial/logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.194 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4503d847dc09b3f1ccbb41776a4ccb926c99dbd45ce3cc100db4d2210d0fd245

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://client-staging.connect.financial/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"b5866448cc6f8345fa37baefdf1297a5"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QeG5zuqBhfA5bKeMVwP0xZNNb3gcuaDYWJHXjmLKv5WFhWlQKpJyiyv0DeQw%2B0vzoQYklC0iLiwyb2DOq9iTTGg9Eilk3TxQo%2FBxhO%2BPWElWLWTO%2BxSu%2FS%2FBI8nDsppb9x3Hk8VLBFQDorFHS%2FngYI2B3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=25590&min_rtt=23000&rtt_var=3279&sent=35&recv=25&lost=0&retrans=5&sent_bytes=27584&recv_bytes=2796&delivery_rate=4945&cwnd=256&unsent_bytes=0&cid=6e3c1ba3552190b1&ts=1312&x=0"
date: Tue, 14 Jan 2025 18:09:10 GMT
content-type: image/svg+xml
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 901f9355fd1cac8d-YYZ
access-control-allow-origin: *
server: cloudflare

OPTIONS
H2 204 graphql
yoga-staging.cnfi.me/ 0
0 330ms
170ms Preflight
text/html 104.26.1.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yoga-staging.cnfi.me/graphql?query=routerMeQuery
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.1.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://client-staging.connect.financial
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://client-staging.connect.financial
cf-cache-status: DYNAMIC
cf-ray: 901f9359ad22b409-YYZ
content-type: text/html
date: Tue, 14 Jan 2025 18:09:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=stqUNNbQXx4bmU9FnEvCbXMHWVHBLSiuC7R3pRRYu1AogpKPT1wFGh%2BjywTFC0%2FTB%2FtaVBU1ayAeWn9rPSVLK1B1YhNmccmY5Vs1YPjsmvCaTF7mCrgwOnirtD8pdxo%2Bit92vus%2B"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=29459&min_rtt=23376&rtt_var=14773&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4320&recv_bytes=2411&delivery_rate=165986&cwnd=254&unsent_bytes=0&cid=a67f61b4efc9b718&ts=179&x=0"
vary: Access-Control-Request-Headers
via: 1.1 google
x-cloud-trace-context: fdfec582a6551b832c60aa531c1f9aea;o=1

POST
H2 200 graphql Show response
yoga-staging.cnfi.me/ 20 B
706 B 272ms
183ms Fetch
application/json 104.26.1.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yoga-staging.cnfi.me/graphql?query=routerMeQuery
Requested by: Host: client-staging.connect.financial
URL: https://client-staging.connect.financial/assets/index-DvFTflAZ.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.1.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88ecf92326f1ff8da3d81eb38e1a84528de5661b7ec30b895ba82c43118380af

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json; charset=utf-8
Referer: https://client-staging.connect.financial/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BifSSIRvCLdSVUSb%2F4hQ9aWUWCluVHns3FDopfCHmLRsQ0cNLgJkCOztvU3lFXakOs9FHK%2FtSW8%2Bvcy0rnSDbFBNnkSwLECB7gemjnT4SX1YPM9U3BLN11h0ClZ3UX5HbA98f3Te"}],"group":"cf-nel","max_age":604800}
via: 1.1 google
cf-ray: 901f935b4dada23b-YYZ
access-control-allow-origin: https://client-staging.connect.financial
server-timing: cfL4;desc="?proto=TCP&rtt=23632&min_rtt=23000&rtt_var=4433&sent=9&recv=12&lost=0&retrans=1&sent_bytes=5614&recv_bytes=2672&delivery_rate=53422&cwnd=253&unsent_bytes=0&cid=b9d6b81f05d9102b&ts=222&x=0"
content-length: 20
date: Tue, 14 Jan 2025 18:09:11 GMT
x-cloud-trace-context: 41aab7eab3d93c8bd105e87db9ae21f3
content-type: application/json; charset=utf-8
vary: Origin
server: cloudflare

GET
H2 200 login-background-DQIeLrTb.png
client-staging.connect.financial/assets/ 2 MB
2 MB 274ms
273ms Image
image/png 104.26.2.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://client-staging.connect.financial/assets/login-background-DQIeLrTb.png

Requested by

Host: client-staging.connect.financial
URL: https://client-staging.connect.financial/assets/index-BqGAEXH7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.194 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12de6407c942045d40987bda8419d0a1814d3cd3f5510ff7b6c47490fb86954f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://client-staging.connect.financial/assets/index-BqGAEXH7.css

Response headers

cf-cache-status: MISS
etag: "5d39ebeb1030b1b12d4429e9969613c7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QQEaBSz4wZ45enBomTj999aNXekys3m0lfJGvnfKxnEc42WbYLMznB%2ByGvMe8bHzozVmbdXraWXl7FGWIdMa6uZe9lh06FxXqUVDHnGcjkCv38dFCi%2B5kyyKU%2BP6nVD5TdWzYI7b%2FHtXKgzuRb4WB6%2FSVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server-timing: cfL4;desc="?proto=TCP&rtt=24516&min_rtt=23000&rtt_var=541&sent=335&recv=125&lost=0&retrans=39&sent_bytes=404807&recv_bytes=2924&delivery_rate=1251247&cwnd=162&unsent_bytes=0&cid=6e3c1ba3552190b1&ts=2557&x=0"
date: Tue, 14 Jan 2025 18:09:11 GMT
content-type: image/png
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 901f935c9d74ac8d-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2055351
server: cloudflare

GET
H3 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v22/ 8 KB
8 KB 201ms
54ms Font
font/woff2 142.251.179.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v22/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,600;1,400;1,600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f94.1e100.net

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://client-staging.connect.financial
Referer: https://fonts.googleapis.com/

Response headers

age: 368993
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 10 Jan 2026 11:39:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 11:39:18 GMT
last-modified: Wed, 04 Dec 2024 06:53:31 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8000
x-xss-protection: 0
server: sffe

GET
H3 200 css2
fonts.googleapis.com/ 2 KB
445 B 60ms
58ms Font
text/css 172.253.63.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;600&display=swap

Requested by

Host: client-staging.connect.financial
URL: https://client-staging.connect.financial/assets/index-BqGAEXH7.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f95.1e100.net

Software

ESF /

Resource Hash

919d078131766036ddacc4c838c200b09b14d827b21716a006525b04fd41329f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://client-staging.connect.financial
Referer: https://client-staging.connect.financial/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 14 Jan 2025 18:09:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 14 Jan 2025 18:09:11 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 14 Jan 2025 16:21:46 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 logo.svg
client-staging.connect.financial/ 1 KB
0 0ms
0ms Other
image/svg+xml 104.26.2.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client-staging.connect.financial/logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.194 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4503d847dc09b3f1ccbb41776a4ccb926c99dbd45ce3cc100db4d2210d0fd245

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://client-staging.connect.financial/login?returnTo=%2F

Response headers

cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"b5866448cc6f8345fa37baefdf1297a5"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QeG5zuqBhfA5bKeMVwP0xZNNb3gcuaDYWJHXjmLKv5WFhWlQKpJyiyv0DeQw%2B0vzoQYklC0iLiwyb2DOq9iTTGg9Eilk3TxQo%2FBxhO%2BPWElWLWTO%2BxSu%2FS%2FBI8nDsppb9x3Hk8VLBFQDorFHS%2FngYI2B3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
cf-ray: 901f9355fd1cac8d-YYZ
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=25590&min_rtt=23000&rtt_var=3279&sent=35&recv=25&lost=0&retrans=5&sent_bytes=27584&recv_bytes=2796&delivery_rate=4945&cwnd=256&unsent_bytes=0&cid=6e3c1ba3552190b1&ts=1312&x=0"
date: Tue, 14 Jan 2025 18:09:10 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: cloudflare

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v22/ 8 KB
8 KB 120ms
46ms Font
font/woff2 142.251.179.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v22/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,200;0,300;0,400;0,500;1,200;1,300;1,400;1,500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

pd-in-f94.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://client-staging.connect.financial
Referer: https://fonts.googleapis.com/

Response headers

age: 358663
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 10 Jan 2026 14:31:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 10 Jan 2025 14:31:28 GMT
last-modified: Wed, 04 Dec 2024 06:53:08 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7884
x-xss-protection: 0
server: sffe

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __cfQR boolean| __cfRLUnblockHandlers object| __TSR__ROUTER__ object| __TSR_ROUTER_CONTEXT__

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://client-staging.connect.financial/login?returnTo=%2F Message: Failed to decode downloaded font: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600&display=swap
other	warning	URL: https://client-staging.connect.financial/login?returnTo=%2F Message: OTS parsing error: invalid sfntVersion: 791289964
recommendation	verbose	URL: https://client-staging.connect.financial/login?returnTo=%2F Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

client-staging.connect.financial
fonts.googleapis.com
fonts.gstatic.com
yoga-staging.cnfi.me
104.26.1.5
104.26.2.194
142.251.179.94
172.253.63.95
12de6407c942045d40987bda8419d0a1814d3cd3f5510ff7b6c47490fb86954f
3253638bd124cd719a279eb0a7a76b8c8659003bab736e3270f389cbdf9743c3
33b567697ec57b850271fb2231da251a1779d1779107b728f2ddcccd411da078
3521f7e95394be45a373fc6991f69fb5bd0e967f6ae3adfef9cab553e69e8636
4503d847dc09b3f1ccbb41776a4ccb926c99dbd45ce3cc100db4d2210d0fd245
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
88ecf92326f1ff8da3d81eb38e1a84528de5661b7ec30b895ba82c43118380af
919d078131766036ddacc4c838c200b09b14d827b21716a006525b04fd41329f
b60e5264fe47ec9d1b5f9481627f6bc959a0af2dd7a01aca210a0db3aba8be7a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
db708b1d949103b31944d87cb30d13ffcf6b6b3b6c40e969633451537f087fa4
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

client-staging.connect.financial Open in urlscan Pro 104.26.2.194 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

2368 kBTransfer

3176 kBSize

0 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

3 Console Messages

Security Headers

Indicators

client-staging.connect.financial Open in urlscan Pro
104.26.2.194 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

2368 kB
Transfer

3176 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions