thefinancialhq.com Open in urlscan Pro
18.219.129.243 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://medicarewithralph.com/
Effective URL:
https://thefinancialhq.com/medicare-ralphgale
Submission: On July 20 via api (July 20th 2024, 2:37:23 am UTC) from HK — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 14 HTTP transactions. The main IP is 18.219.129.243, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is thefinancialhq.com.
TLS certificate: Issued by E6 on July 9th 2024. Valid for: 3 months.

This is the only time thefinancialhq.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	66.96.162.247 66.96.162.247	29873 (BIZLAND-SD) (BIZLAND-SD)
3	18.219.129.243 18.219.129.243	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700:10:... 2606:4700:10::6816:1490	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	2606:4700::68... 2606:4700::6811:f8cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.92.228.202 52.92.228.202	16509 (AMAZON-02) (AMAZON-02)
1	52.92.137.225 52.92.137.225	16509 (AMAZON-02) (AMAZON-02)
1	18.219.143.210 18.219.143.210	16509 (AMAZON-02) (AMAZON-02)
1	162.159.138.60 162.159.138.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
14	11

2 66.96.162.247 (United States)

ASN29873 (BIZLAND-SD, US)
PTR: 247.162.96.66.static.eigbox.net

medicarewithralph.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.219.129.243 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-219-129-243.us-east-2.compute.amazonaws.com

thefinancialhq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1490 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn.tailwindcss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:f8cb (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.92.228.202 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com

comra.s3.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.137.225 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-w.amazonaws.com

comra.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.219.143.210 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-219-143-210.us-east-2.compute.amazonaws.com

leadify.gradientps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	amazonaws.com comra.s3.us-west-2.amazonaws.com comra.s3.amazonaws.com	755 KB
3	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 1314	20 KB
3	thefinancialhq.com thefinancialhq.com	6 KB
2	tailwindcss.com 1 redirects cdn.tailwindcss.com — Cisco Umbrella Rank: 23119	129 KB
2	medicarewithralph.com medicarewithralph.com	617 B
1	gstatic.com fonts.gstatic.com	38 KB
1	vimeo.com player.vimeo.com — Cisco Umbrella Rank: 3381
1	gradientps.com leadify.gradientps.com	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1006 B
14	9

	Domain	Requested by
3	unpkg.com	2 redirects thefinancialhq.com
3	thefinancialhq.com	thefinancialhq.com
2	comra.s3.us-west-2.amazonaws.com	thefinancialhq.com
2	cdn.tailwindcss.com	1 redirects thefinancialhq.com
2	medicarewithralph.com
1	fonts.gstatic.com	fonts.googleapis.com
1	player.vimeo.com	thefinancialhq.com
1	leadify.gradientps.com	thefinancialhq.com
1	comra.s3.amazonaws.com	thefinancialhq.com
1	fonts.googleapis.com	thefinancialhq.com
14	10

This site contains no links.

Subject Issuer	Validity	Valid
*.bizland.com Sectigo RSA Domain Validation Secure Server CA	`2023-08-02` - `2024-09-01`	a year	crt.sh
thefinancialhq.com E6	`2024-07-09` - `2024-10-07`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2024-05-15` - `2025-05-13`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh
leadify.gradientps.com E6	`2024-06-13` - `2024-09-11`	3 months	crt.sh
player.vimeo.com E1	`2024-05-27` - `2024-08-25`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://thefinancialhq.com/medicare-ralphgale
Frame ID: E417F5402842D516F94E10BB3F22FE59
Requests: 14 HTTP requests in this frame

Frame: https://player.vimeo.com/video/330504071
Frame ID: 2F107FF5E44030BBABBE2BDD0D46E651
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Medicare

Page URL History Show full URLs

http://medicarewithralph.com/ HTTP 307
https://medicarewithralph.com/ Page URL
https://thefinancialhq.com/medicare-ralphgale Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

14
Requests

71 %
HTTPS

40 %
IPv6

9
Domains

10
Subdomains

11
IPs

3
Countries

950 kB
Transfer

1327 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://medicarewithralph.com/ HTTP 307
https://medicarewithralph.com/ Page URL
https://thefinancialhq.com/medicare-ralphgale Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://medicarewithralph.com/ HTTP 307
https://medicarewithralph.com/

Request Chain 3

https://cdn.tailwindcss.com/?plugins=forms,typography,aspect-ratio,line-clamp HTTP 302
https://cdn.tailwindcss.com/3.4.5?plugins=forms@0.5.7,typography@0.5.13,aspect-ratio@0.4.2,line-clamp@0.4.4

Request Chain 5

https://unpkg.com/alpinejs HTTP 302
https://unpkg.com/alpinejs@3.14.1 HTTP 302
https://unpkg.com/alpinejs@3.14.1/dist/cdn.min.js

14 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
medicarewithralph.com/
Redirect Chain

http://medicarewithralph.com/
https://medicarewithralph.com/

119 B
432 B

792ms
130ms

Document
text/html

66.96.162.247
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://medicarewithralph.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.96.162.247 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 247.162.96.66.static.eigbox.net
Software: Apache /
Resource Hash: 5b630fc5a1cb41ca232aa79311fa253a7966d556c28797a6fce7bc4738582fbc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 119
Content-Type: text/html
Date: Sat, 20 Jul 2024 02:37:16 GMT
Etag: "77-61d748e74c67a"
Expires: Sat, 20 Jul 2024 03:37:16 GMT
Last-Modified: Wed, 17 Jul 2024 17:11:43 GMT
Server: Apache

Redirect headers

Location: https://medicarewithralph.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 Primary Request medicare-ralphgale Show response
thefinancialhq.com/ 19 KB
5 KB 1096ms
698ms Document
text/html 18.219.129.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thefinancialhq.com/medicare-ralphgale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.219.129.243 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-219-129-243.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

99423958ff1ef7eeab34cf99708948bf6bf4c0b5522fadfad9b6672b534bfa55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://medicarewithralph.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 20 Jul 2024 02:37:17 GMT
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK favicon.ico
medicarewithralph.com/ 0
185 B 96ms
96ms Other
image/x-icon 66.96.162.247
BIZLAND-SD

General

Check archive.org

Show headers Download Go to

Full URL: https://medicarewithralph.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.96.162.247 , United States, ASN29873 (BIZLAND-SD, US),
Reverse DNS: 247.162.96.66.static.eigbox.net
Software: Apache /
Resource Hash

Request headers

Referer: https://medicarewithralph.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date: Sat, 20 Jul 2024 02:37:16 GMT
Cache-Control: max-age=86400
Server: Apache
Connection: keep-alive
Age: 29642
Content-Length: 0
Content-Type: image/x-icon

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1006 B 37ms
15ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Playfair+Display:wght@400;500;600;700&display=swap

Requested by

Host: thefinancialhq.com
URL: https://thefinancialhq.com/medicare-ralphgale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7fdaa97146d2b53972d1b15bf0fab8fc3696810bfb60f9ce8943f75287cc93de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://thefinancialhq.com/medicare-ralphgale
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 Jul 2024 02:37:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 20 Jul 2024 02:37:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Jul 2024 02:37:17 GMT

GET
H2

200

3.4.5 Show response
cdn.tailwindcss.com/
Redirect Chain

https://cdn.tailwindcss.com/?plugins=forms,typography,aspect-ratio,line-clamp
https://cdn.tailwindcss.com/3.4.5?plugins=forms@0.5.7,typography@0.5.13,aspect-ratio@0.4.2,line-clamp@0.4.4

459 KB
128 KB

17ms
16ms

Script
text/javascript

2606:4700:10::6816:1490
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tailwindcss.com/3.4.5?plugins=forms@0.5.7,typography@0.5.13,aspect-ratio@0.4.2,line-clamp@0.4.4

Requested by

Host: thefinancialhq.com
URL: https://thefinancialhq.com/medicare-ralphgale

Protocol

Server

2606:4700:10::6816:1490 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e80453eaf72f3902e2568354892c7b55595b75f775ed547bfcf9149b17f8a6f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://thefinancialhq.com/medicare-ralphgale
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sat, 20 Jul 2024 02:37:17 GMT
content-encoding: br
strict-transport-security: max-age=63072000
last-modified: Mon, 15 Jul 2024 15:34:59 GMT
x-vercel-id: cle1::iad1::z7rqs-1721057698650-0a5af75095d0
cf-cache-status: HIT
age: 384206
server: cloudflare
x-vercel-cache: MISS
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31536000
cf-ray: 8a5f918a9b3b2c5b-FRA

Redirect headers

date: Sat, 20 Jul 2024 02:37:17 GMT
strict-transport-security: max-age=63072000
cf-cache-status: HIT
x-vercel-id: cle1::iad1::4mjxn-1721442673416-8953ee607a6d
server: cloudflare
x-vercel-cache: MISS
vary: Accept-Encoding
location: /3.4.5?plugins=forms@0.5.7,typography@0.5.13,aspect-ratio@0.4.2,line-clamp@0.4.4
cache-control: max-age=14400
cf-ray: 8a5f9189aac52c5b-FRA
content-length: 0

GET
H2 404 app.css
thefinancialhq.com/css/ 0
0 607ms
606ms Stylesheet
text/html 18.219.129.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://thefinancialhq.com/css/app.css
Requested by: Host: thefinancialhq.com
URL: https://thefinancialhq.com/medicare-ralphgale
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.219.129.243 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-219-129-243.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://thefinancialhq.com/medicare-ralphgale
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sat, 20 Jul 2024 02:37:18 GMT
cache-control: no-cache, private
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2

200

cdn.min.js Show response
unpkg.com/alpinejs@3.14.1/dist/
Redirect Chain

https://unpkg.com/alpinejs
https://unpkg.com/alpinejs@3.14.1
https://unpkg.com/alpinejs@3.14.1/dist/cdn.min.js

44 KB
19 KB

18ms
17ms

Script
application/javascript

2606:4700::6811:f8cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/alpinejs@3.14.1/dist/cdn.min.js

Requested by

Host: thefinancialhq.com
URL: https://thefinancialhq.com/medicare-ralphgale

Protocol

Server

2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

358d9afbb1ab5befa2f48061a30776e5bcd7707f410a606ba985f98bc3b1c034

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://thefinancialhq.com/medicare-ralphgale
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sat, 20 Jul 2024 02:37:18 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2733979
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J0NGNZTJC8Z1Q9ZD4BVZD694-fra
server: cloudflare
etag: "ae73-fuiCb+eWgx0z9GRcxLGUK6suxFo"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a5f918bd99c9016-FRA

Redirect headers

date: Sat, 20 Jul 2024 02:37:18 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01J33GE9GN9MWHVTMYA98XDPA9-fra
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 116985
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /alpinejs@3.14.1/dist/cdn.min.js
cache-control: public, max-age=31536000
cf-ray: 8a5f918bb98f9016-FRA

GET
H/1.1 200
OK circle-group.png
comra.s3.us-west-2.amazonaws.com/templates/medicare/ 354 KB
354 KB 656ms
260ms Image
image/png 52.92.228.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comra.s3.us-west-2.amazonaws.com/templates/medicare/circle-group.png
Requested by: Host: thefinancialhq.com
URL: https://thefinancialhq.com/medicare-ralphgale
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.92.228.202 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 12693c57d48785d00593ea74c4d30c6b48222adcf86267eba3fb6df1c68bcada

Request headers

Referer: https://thefinancialhq.com/medicare-ralphgale
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date: Sat, 20 Jul 2024 02:37:19 GMT
Last-Modified: Tue, 30 Aug 2022 21:07:07 GMT
Server: AmazonS3
x-amz-request-id: S1W4Y8YKN73AZG8A
ETag: "94f24fe88084a9c2f7fb280b4be95302"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 362431
x-amz-id-2: jzWRftF1NDdnYZAy2q+DBs8VfjD+pFb6Xa7NwT8GtOoGyR/gCBQqW6LNWZmK4FN0t94YzWNS+AQ=

GET
H/1.1 200
OK couple-smile.png
comra.s3.us-west-2.amazonaws.com/templates/medicare/ 349 KB
349 KB 658ms
261ms Image
image/png 52.92.228.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comra.s3.us-west-2.amazonaws.com/templates/medicare/couple-smile.png
Requested by: Host: thefinancialhq.com
URL: https://thefinancialhq.com/medicare-ralphgale
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.92.228.202 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 59d144a51cef879d13a06ad3babec875f1f6131c3c3a64932f6ef874c3f8456f

Request headers

Referer: https://thefinancialhq.com/medicare-ralphgale
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date: Sat, 20 Jul 2024 02:37:19 GMT
Last-Modified: Tue, 30 Aug 2022 21:07:08 GMT
Server: AmazonS3
x-amz-request-id: S1WA579TS3Q2Q4KV
ETag: "2ccc3ba00adc70ac051a92cdcb71d024"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 357305
x-amz-id-2: mDKSiCGqicGjsxYqCR8mU2Nf73zbQpFymr0GVt3QGNX7rDzOO7966rCnJdP0b9jrmLeUFtXXntg=

GET
H/1.1 200
OK Q4hzjn07jIDe5j58PZpTxteeDCD5D6IcLnwrjBOu.png
comra.s3.amazonaws.com/uploads/ 52 KB
52 KB 600ms
218ms Image
image/png 52.92.137.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comra.s3.amazonaws.com/uploads/Q4hzjn07jIDe5j58PZpTxteeDCD5D6IcLnwrjBOu.png
Requested by: Host: thefinancialhq.com
URL: https://thefinancialhq.com/medicare-ralphgale
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.92.137.225 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8b6f033fd16c534eb09e5c91ea435bef40d34a4549ba0fbfda33b34f487fa503

Request headers

Referer: https://thefinancialhq.com/medicare-ralphgale
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Date: Sat, 20 Jul 2024 02:37:19 GMT
Last-Modified: Thu, 08 Sep 2022 13:51:47 GMT
Server: AmazonS3
x-amz-request-id: S1W4C6STNQA9PWQP
ETag: "3ed4ca5b1f5d5f430fb46e7446cda4eb"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 52815
x-amz-id-2: Ssa7XhO8BX0eqkLcFe/+j9WtZD7XHCBxe+qsQ+bJkepWCh5XXzmaOy+/SUZefNO9bGAHy50LQIc=

GET
H2 200 leadify-vanilla Show response
leadify.gradientps.com/api/ 6 KB
2 KB 370ms
137ms Script
application/javascript 18.219.143.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://leadify.gradientps.com/api/leadify-vanilla

Requested by

Host: thefinancialhq.com
URL: https://thefinancialhq.com/medicare-ralphgale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.219.143.210 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-219-143-210.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

d14b3499026b113e8a727e673cbed3681237739aa781cdc19c16e8efc95cace4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thefinancialhq.com/medicare-ralphgale
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sat, 20 Jul 2024 02:37:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
x-ratelimit-remaining: 59
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, private
x-ratelimit-limit: 60
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H/1.1 429
Too Many Requests 330504071
player.vimeo.com/video/ Frame 2F10 0
0 558ms
535ms Document
text/html 162.159.138.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.vimeo.com/video/330504071
Requested by: Host: thefinancialhq.com
URL: https://thefinancialhq.com/medicare-ralphgale
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://thefinancialhq.com/medicare-ralphgale
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

CF-RAY: 8a5f918b3cbb368b-FRA
Connection: keep-alive
Content-Length: 5164
Content-Type: text/html;charset=UTF-8
Date: Sat, 20 Jul 2024 02:37:18 GMT
Server: cloudflare
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 185 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92c2683be6b442107242edb6de07ac4c349abdbee834ef7c46af6ec7d46c2eb8

Request headers

Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgEM86xQ.woff2
fonts.gstatic.com/s/playfairdisplay/v37/ 37 KB
38 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgEM86xQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Playfair+Display:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d700c3704d0bc47784014976d40d39c099481996f94881b94974724e3e02d1c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://thefinancialhq.com
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Tue, 16 Jul 2024 12:20:29 GMT
x-content-type-options: nosniff
age: 310609
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38340
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 23:13:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Jul 2025 12:20:29 GMT

GET
H2 200 favicon.ico
thefinancialhq.com/ 0
182 B 99ms
99ms Other
image/x-icon 18.219.129.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thefinancialhq.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.219.129.243 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-219-129-243.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thefinancialhq.com/medicare-ralphgale
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Sat, 20 Jul 2024 02:37:19 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 Feb 2024 23:49:54 GMT
server: nginx
etag: "65cff4a2-0"
x-frame-options: SAMEORIGIN
content-type: image/x-icon
accept-ranges: bytes
content-length: 0
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
thefinancialhq.com/	1970-01-20 22:10:50	Name: XSRF-TOKEN Value: eyJpdiI6IkxZTjJpT0J1aFhpcE1ndTdDV3A2YWc9PSIsInZhbHVlIjoiTjV5OXFmYTI5NjNWdWo3Y1RyM3lWaXRZd1h2L085WThyYklldXp3TDNERlZkcVN0Mm8zNjhhVS9ETVZ6OEJZdjUwZnNndnRZTWI1ZVdFWCs0bFFIRXJ3bk85dW9XRUs3YUZYUi80dHdIUU82SFRiNDN3bFpVZEh4eEc3K2xXY0QiLCJtYWMiOiJhNDNkZWZiZmI5OWNkNjRiNmFjMTIwYzg4YzQxOWJlNmQyMTFkYzhiMGZkYjY4ZDY1MmM3NGI1ODE3NDYyODQ5IiwidGFnIjoiIn0%3D
thefinancialhq.com/	1970-01-20 22:10:50	Name: free_sites_session Value: eyJpdiI6IkxPUVVHZlk4SjlNUTdHa001S1JBSkE9PSIsInZhbHVlIjoiU0xMalY1K1F0M2NET3cvZXN3Q2plVnVVUlQxbXFiOHZIMkljODNQSW5hV0RtMThqUFhSM1JDcXg3OWJhUnBmbmRRYkJBTDlZNXZYMTE4TXhFeU5mZnVoWHhRYTR2SEZiSU1kaE1PWDU5MGQrb2xWWlRRcFlSdFFiK09HRGJjWFEiLCJtYWMiOiIxMDliMDNhYjU3NTBjYTUxYzM2MzQxOGRiZDQyZmM0OWU5Y2QyMzc5NTE4NzRiOTExMGFkMWU0NTExN2Q5NzU5IiwidGFnIjoiIn0%3D
.vimeo.com/	1970-01-20 22:10:44	Name: __cf_bm Value: F6Z5hbpKlvMY0g5RSUL.uhI7oMQdl58L6iqGeLq8cvw-1721443038-1.0.1.1-kDhIutz.ECypcrERxjyhHN1Fcj.CSF1D2oo.QSdIFbYCaTjpoXWHF3XH1AeSKs4S
.vimeo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: WLigzgqcF8LOeTtDNVX7bdQO1hwDpSq9LcZO9EFMTbc-1721443038481-0.0.1.1-604800000

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://thefinancialhq.com/css/app.css Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.tailwindcss.com
comra.s3.amazonaws.com
comra.s3.us-west-2.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
leadify.gradientps.com
medicarewithralph.com
player.vimeo.com
thefinancialhq.com
unpkg.com
162.159.138.60
18.219.129.243
18.219.143.210
2606:4700:10::6816:1490
2606:4700::6811:f8cb
2a00:1450:4001:811::200a
2a00:1450:4001:82f::2003
52.92.137.225
52.92.228.202
66.96.162.247
12693c57d48785d00593ea74c4d30c6b48222adcf86267eba3fb6df1c68bcada
358d9afbb1ab5befa2f48061a30776e5bcd7707f410a606ba985f98bc3b1c034
59d144a51cef879d13a06ad3babec875f1f6131c3c3a64932f6ef874c3f8456f
5b630fc5a1cb41ca232aa79311fa253a7966d556c28797a6fce7bc4738582fbc
7fdaa97146d2b53972d1b15bf0fab8fc3696810bfb60f9ce8943f75287cc93de
8b6f033fd16c534eb09e5c91ea435bef40d34a4549ba0fbfda33b34f487fa503
92c2683be6b442107242edb6de07ac4c349abdbee834ef7c46af6ec7d46c2eb8
99423958ff1ef7eeab34cf99708948bf6bf4c0b5522fadfad9b6672b534bfa55
d14b3499026b113e8a727e673cbed3681237739aa781cdc19c16e8efc95cace4
d700c3704d0bc47784014976d40d39c099481996f94881b94974724e3e02d1c3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e80453eaf72f3902e2568354892c7b55595b75f775ed547bfcf9149b17f8a6f0

thefinancialhq.com Open in urlscan Pro 18.219.129.243 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

71 %HTTPS

40 %IPv6

9 Domains

10 Subdomains

11 IPs

3 Countries

950 kBTransfer

1327 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

4 Cookies

1 Console Messages

Indicators

thefinancialhq.com Open in urlscan Pro
18.219.129.243 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

71 %
HTTPS

40 %
IPv6

9
Domains

10
Subdomains

11
IPs

3
Countries

950 kB
Transfer

1327 kB
Size

4
Cookies

14 HTTP transactions
1 data transactions