sslcomrates.forexprostools.com Open in urlscan Pro
185.94.85.237 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sslcomrates.forexprostools.com/
Submission: On February 28 via manual (February 28th 2022, 7:28:32 pm UTC) from US — Scanned from NL

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 5 countries across 9 domains to perform 14 HTTP transactions. The main IP is 185.94.85.237, located in Amsterdam, Netherlands and belongs to FUSIONMEDIA, VG. The main domain is sslcomrates.forexprostools.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 23rd 2021. Valid for: a year.

This is the only time sslcomrates.forexprostools.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	185.94.85.237 185.94.85.237	56647 (FUSIONMEDIA) (FUSIONMEDIA)
2	2606:4700::68... 2606:4700::6812:ad7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:bd7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.94.85.240 185.94.85.240	56647 (FUSIONMEDIA) (FUSIONMEDIA)
2	2.18.233.88 2.18.233.88	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	185.168.113.105 185.168.113.105	56647 (FUSIONMEDIA) (FUSIONMEDIA)
1 1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
14	9

2 185.94.85.237 (Amsterdam, Netherlands)

ASN56647 (FUSIONMEDIA, VG)
PTR: 185-94-85-237.fusionmedialtd.com

sslcomrates.forexprostools.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:ad7 (United States)

ASN13335 (CLOUDFLARENET, US)

wmt-invdn-com.investing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:bd7 (United States)

ASN13335 (CLOUDFLARENET, US)

i-invdn-com.investing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.94.85.240 (Amsterdam, Netherlands)

ASN56647 (FUSIONMEDIA, VG)
PTR: 185-94-85-240.fusionmedialtd.com

streamjs.investing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.88 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-88.deploy.static.akamaitechnologies.com

92f8049275b46d631f32-c598b43a8fdedd4f0b9230706bd7ad18.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.168.113.105 (Virgin Islands (British))

ASN56647 (FUSIONMEDIA, VG)
PTR: 185-168-113-105.fusionmedialtd.com

stream305.forexpros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	investing.com wmt-invdn-com.investing.com — Cisco Umbrella Rank: 661246 i-invdn-com.investing.com — Cisco Umbrella Rank: 41317 streamjs.investing.com — Cisco Umbrella Rank: 503785	10 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 236	17 KB
2	rackcdn.com 92f8049275b46d631f32-c598b43a8fdedd4f0b9230706bd7ad18.ssl.cf1.rackcdn.com	71 KB
2	forexprostools.com sslcomrates.forexprostools.com	33 KB
1	google.nl www.google.nl — Cisco Umbrella Rank: 9098	501 B
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	578 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 67	473 B
1	forexpros.com stream305.forexpros.com	419 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 197	10 KB
14	9

	Domain	Requested by
3	i-invdn-com.investing.com	sslcomrates.forexprostools.com
2	ssl.google-analytics.com	1 redirects sslcomrates.forexprostools.com
2	92f8049275b46d631f32-c598b43a8fdedd4f0b9230706bd7ad18.ssl.cf1.rackcdn.com	wmt-invdn-com.investing.com
2	wmt-invdn-com.investing.com	sslcomrates.forexprostools.com
2	sslcomrates.forexprostools.com	sslcomrates.forexprostools.com
1	www.google.nl	sslcomrates.forexprostools.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	stream305.forexpros.com	cdnjs.cloudflare.com
1	streamjs.investing.com	sslcomrates.forexprostools.com
1	cdnjs.cloudflare.com	sslcomrates.forexprostools.com
14	11

This site contains no links.

Subject Issuer	Validity	Valid
*.forexprostools.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-23` - `2022-12-23`	a year	crt.sh
investing.com Cloudflare Inc ECC CA-3	`2021-09-01` - `2022-08-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.investing.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-25` - `2022-12-26`	a year	crt.sh
*.ssl.cf1.rackcdn.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.forexpros.com Sectigo RSA Domain Validation Secure Server CA	`2021-11-25` - `2022-12-26`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://sslcomrates.forexprostools.com/
Frame ID: 29F96957A3FF7A6300EF6E996760C7E5
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

93 %
HTTPS

64 %
IPv6

9
Domains

11
Subdomains

9
IPs

5
Countries

142 kB
Transfer

293 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1145988847&utmhn=sslcomrates.forexprostools.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=1667415919&utmr=-&utmp=%2F&utmht=1646076508398&utmac=UA-2555300-21&utmcc=__utma%3D67436307.444076219.1646076508.1646076508.1646076508.1%3B%2B__utmz%3D67436307.1646076508.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1353259850&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2555300-21&cid=444076219.1646076508&jid=1353259850&_v=5.7.2&z=1145988847 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2555300-21&cid=444076219.1646076508&jid=1353259850&_v=5.7.2&z=1145988847 HTTP 302
https://www.google.nl/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2555300-21&cid=444076219.1646076508&jid=1353259850&_v=5.7.2&z=1145988847&slf_rd=1&random=3912122892

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
sslcomrates.forexprostools.com/ 10 KB
3 KB 156ms
113ms Document
text/html 185.94.85.237
FUSIONMEDIA

General

Check archive.org

Show headers Download Go to

Full URL

https://sslcomrates.forexprostools.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.94.85.237 Amsterdam, Netherlands, ASN56647 (FUSIONMEDIA, VG),

Reverse DNS

185-94-85-237.fusionmedialtd.com

Software

nginx/1.16.1 / PHP/5.4.43

Resource Hash

5c8d9f66f72fbd5fa97bf0255e4806d23736a1a14a15c3244b067533427e4e0d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9

Response headers

Server: nginx/1.16.1
Date: Mon, 28 Feb 2022 19:28:28 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 2486
Connection: keep-alive
X-Powered-By: PHP/5.4.43
P3P: CP="CAO PSA OUR"
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Accept-Ranges: bytes
X-Varnish: 2022316317
Age: 0
Via: 1.1 varnish
Content-Security-Policy: upgrade-insecure-requests; block-all-mixed-content

GET
H2 200 sslwmtools_rates_v1d.css
wmt-invdn-com.investing.com/ 15 KB
4 KB 111ms
57ms Stylesheet
text/css 2606:4700::6812:ad7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wmt-invdn-com.investing.com/sslwmtools_rates_v1d.css
Requested by: Host: sslcomrates.forexprostools.com
URL: https://sslcomrates.forexprostools.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21f56d7cea84412e9f62958a03683d9c1681156c8048ff8a54fcb5fa997efdfe

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://sslcomrates.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 19:28:28 GMT
content-encoding: br
cf-cache-status: HIT
age: 11831
cf-polished: origSize=19750
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id: tx462e3e4c07c94007a6c8a-00612e886edfw1
last-modified: Wed, 25 May 2016 09:22:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
x-timestamp: 1464168157.12017
cache-control: public, max-age=37697
cf-ray: 6e4c0e6068a39174-FRA
expires: Tue, 01 Mar 2022 05:56:45 GMT

GET
H2 200 nyx_classes_75.css
i-invdn-com.investing.com/webmaster-tools/buttons-css/ 11 KB
2 KB 98ms
45ms Stylesheet
text/css 2606:4700::6812:bd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i-invdn-com.investing.com/webmaster-tools/buttons-css/nyx_classes_75.css
Requested by: Host: sslcomrates.forexprostools.com
URL: https://sslcomrates.forexprostools.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5272ebc76ee36a369f155347cb3da728eb1cdb0d3312b0aa062703d6f011b566

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://sslcomrates.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 19:28:28 GMT
content-encoding: br
origin: https://mycloud.rackspace.com
cf-cache-status: HIT
age: 34397
cf-polished: origSize=12753
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id: tx00d607cd1bcb49a49a5c4-0061e7a887dfw1
last-modified: Mon, 03 Apr 2017 05:11:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
x-timestamp: 1491196287.02982
cache-control: public, max-age=73016
cf-ray: 6e4c0e606e0091e1-FRA
expires: Tue, 01 Mar 2022 15:45:24 GMT

GET
H2 200 ads.js Show response
i-invdn-com.investing.com/js/ 73 B
231 B 119ms
66ms Script
application/x-javascript 2606:4700::6812:bd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i-invdn-com.investing.com/js/ads.js
Requested by: Host: sslcomrates.forexprostools.com
URL: https://sslcomrates.forexprostools.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a519b27a0b5a76d84f6abc48cb53662626cda81e843f723802145843134c8b9

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://sslcomrates.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 19:28:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 17 Dec 2015 10:31:34 GMT
server: cloudflare
age: 35032
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
x-timestamp: 1450348293.51193
cache-control: public, max-age=72988
cf-ray: 6e4c0e607e0391e1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id: tx1d500782be554b41ad029-0061e7a899dfw1
expires: Tue, 01 Mar 2022 15:44:56 GMT

GET
H/1.1 200
OK jquery.js Show response
sslcomrates.forexprostools.com/common/libs/ 98 KB
30 KB 41ms
40ms Script
text/javascript 185.94.85.237
FUSIONMEDIA

General

Check archive.org

Show headers Download Go to

Full URL

https://sslcomrates.forexprostools.com/common/libs/jquery.js

Requested by

Host: sslcomrates.forexprostools.com
URL: https://sslcomrates.forexprostools.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.94.85.237 Amsterdam, Netherlands, ASN56647 (FUSIONMEDIA, VG),

Reverse DNS

185-94-85-237.fusionmedialtd.com

Software

nginx/1.16.1 /

Resource Hash

3cc5c121471323b25de45fcab48631d4a09c78e76af21c10d747352682605587

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://sslcomrates.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 19:28:28 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Mar 2017 11:55:15 GMT
Server: nginx/1.16.1
Age: 0
ETag: "18764-54bc922086851-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/javascript
Via: 1.1 varnish
X-Varnish: 2022316509
Content-Security-Policy: upgrade-insecure-requests; block-all-mixed-content
Connection: keep-alive
Accept-Ranges: bytes, bytes
Content-Length: 30333

GET
H2 200 dlinks.js Show response
i-invdn-com.investing.com/js/ 361 B
377 B 100ms
47ms Script
application/x-javascript 2606:4700::6812:bd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i-invdn-com.investing.com/js/dlinks.js
Requested by: Host: sslcomrates.forexprostools.com
URL: https://sslcomrates.forexprostools.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:bd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f63f0d973b692bf5c0938f26dce888401ec8c5a0cb29cf6e15ce765e8974fb0c

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://sslcomrates.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 19:28:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Feb 2016 15:59:27 GMT
server: cloudflare
age: 33326
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
x-timestamp: 1456156766.46427
cache-control: public, max-age=212568
cf-ray: 6e4c0e607e0691e1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id: txf0208043b9154db282d91-0061e9ca0edfw1
expires: Thu, 03 Mar 2022 06:31:16 GMT

GET
H2 200 refresher_v10.js Show response
wmt-invdn-com.investing.com/js/ 4 KB
1 KB 92ms
40ms Script
application/x-javascript 2606:4700::6812:ad7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wmt-invdn-com.investing.com/js/refresher_v10.js
Requested by: Host: sslcomrates.forexprostools.com
URL: https://sslcomrates.forexprostools.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f67ff33d0f2a8202d620bb08ba797834c9f84aef45e0a2abaf17c45cba74b082

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://sslcomrates.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 19:28:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 04 Dec 2011 22:10:35 GMT
server: cloudflare
age: 47635
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
x-timestamp: 1323036634.22435
cache-control: public, max-age=38835
cf-ray: 6e4c0e6068a69174-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trans-id: txa89be03743b5464ba523c-00612b0a4cdfw1
expires: Tue, 01 Mar 2022 06:15:43 GMT

GET
H2 200 sockjs.min.js Show response
cdnjs.cloudflare.com/ajax/libs/sockjs-client/0.3.4/ 33 KB
10 KB 72ms
27ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/sockjs-client/0.3.4/sockjs.min.js

Requested by

Host: sslcomrates.forexprostools.com
URL: https://sslcomrates.forexprostools.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61c165fe7dec11d4716d084722a41e525a04857fb2529b9137aa13193ac0bbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://sslcomrates.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 19:28:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 358293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9551
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-8465"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3us2VihIl3GgLzPruPY7nIlMl%2F%2F3ZoO9w3Rzfl2H%2FApK1R3t%2BUQVCCM98cXenwwc1ywu17aMvvt9F0WGD1OmlhXudcAniabpx57mluDjxGUrC5E6RQo6Jdihqy%2F9BBMxyqHBI4AeewA%2Bn2Ctc8SFwECB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e4c0e6068889a12-FRA
expires: Sat, 18 Feb 2023 19:28:28 GMT

GET
H2 200 fxindex1.js Show response
streamjs.investing.com/tools/ 7 KB
2 KB 66ms
21ms Script
text/javascript 185.94.85.240
FUSIONMEDIA

General

Check archive.org

Show headers Download Go to

Full URL

https://streamjs.investing.com/tools/fxindex1.js

Requested by

Host: sslcomrates.forexprostools.com
URL: https://sslcomrates.forexprostools.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.94.85.240 Amsterdam, Netherlands, ASN56647 (FUSIONMEDIA, VG),

Reverse DNS

185-94-85-240.fusionmedialtd.com

Software

nginx /

Resource Hash

cfde9f6b1360ad2477f08eb79b7b3a171baea13f8531faf2ced3d68ceb329f17

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://sslcomrates.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 19:28:28 GMT
content-encoding: gzip
last-modified: Mon, 28 May 2018 16:11:17 GMT
server: nginx
age: 0
etag: "1b6b-56d465e13e62d-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/javascript
content-security-policy: upgrade-insecure-requests; block-all-mixed-content
accept-ranges: bytes, bytes
content-length: 1856

GET
H/1.1 200
OK bg_grey_tools.gif
92f8049275b46d631f32-c598b43a8fdedd4f0b9230706bd7ad18.ssl.cf1.rackcdn.com/ 508 B
903 B 147ms
36ms Image
image/gif 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://92f8049275b46d631f32-c598b43a8fdedd4f0b9230706bd7ad18.ssl.cf1.rackcdn.com/bg_grey_tools.gif
Requested by: Host: wmt-invdn-com.investing.com
URL: https://wmt-invdn-com.investing.com/sslwmtools_rates_v1d.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d8f01d2edd0720a649fb7cc297a11931eef05630cfa78298ce8e67e2793b353f

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wmt-invdn-com.investing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 19:28:28 GMT
Last-Modified: Mon, 07 Jun 2010 14:52:43 GMT
X-Trans-Id: tx4c2d8011a4294e01b93f4-00605d4ddedfw1
ETag: 7e9b9e538ca2eecb45e7b07431e53ccc
Content-Type: image/gif
X-Timestamp: 1275922362.31467
Cache-Control: public, max-age=26218
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 508
Expires: Tue, 01 Mar 2022 02:45:26 GMT

GET
H/1.1 200
OK ce_flags_v9.png
92f8049275b46d631f32-c598b43a8fdedd4f0b9230706bd7ad18.ssl.cf1.rackcdn.com/ 69 KB
70 KB 142ms
31ms Image
image/png 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://92f8049275b46d631f32-c598b43a8fdedd4f0b9230706bd7ad18.ssl.cf1.rackcdn.com/ce_flags_v9.png
Requested by: Host: wmt-invdn-com.investing.com
URL: https://wmt-invdn-com.investing.com/sslwmtools_rates_v1d.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0d21eb8afae3a91462efa9e70849f525cad2a21683363d4283bfe30b7a797cb3

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://wmt-invdn-com.investing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Mon, 28 Feb 2022 19:28:28 GMT
Last-Modified: Wed, 25 May 2016 09:21:36 GMT
X-Trans-Id: tx91277bf1051749bcaf7d8-00605dcb36dfw1
ETag: 8bf06aad7c390fc8061db9e5a16a968b
Content-Type: image/png
X-Timestamp: 1464168095.23429
Cache-Control: public, max-age=23825
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70944
Expires: Tue, 01 Mar 2022 02:05:33 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 67ms
19ms Script
text/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: sslcomrates.forexprostools.com
URL: https://sslcomrates.forexprostools.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sslcomrates.forexprostools.com/
Accept-Language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3865
date: Mon, 28 Feb 2022 18:24:03 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Mon, 28 Feb 2022 20:24:03 GMT

GET
H/1.1 200
OK info Show response
stream305.forexpros.com/echo/ 77 B
419 B 66ms
13ms XHR
application/json 185.168.113.105
FUSIONMEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://stream305.forexpros.com/echo/info
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/sockjs-client/0.3.4/sockjs.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.168.113.105 , Virgin Islands (British), ASN56647 (FUSIONMEDIA, VG),
Reverse DNS: 185-168-113-105.fusionmedialtd.com
Software: /
Resource Hash: a5780f633bc51f556dd32205fdc842cd6418794215560e39bad67c6f105d0cfb

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://sslcomrates.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://sslcomrates.forexprostools.com
Date: Mon, 28 Feb 2022 19:28:28 GMT
Cache-Control: no-store, no-cache, no-transform, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8

GET
H2

200

ga-audiences
www.google.nl/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1145988847&utmhn=sslcomrates.forexprostools.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utm...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2555300-21&cid=444076219.1646076508&jid=1353259850&_v=5.7.2&z=1145988847
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2555300-21&cid=444076219.1646076508&jid=1353259850&_v=5.7.2&z=1145988847
https://www.google.nl/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2555300-21&cid=444076219.1646076508&jid=1353259850&_v=5.7.2&z=1145988847&slf_rd=1&random=3912122892

42 B
501 B

102ms
55ms

Image
image/gif

2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2555300-21&cid=444076219.1646076508&jid=1353259850&_v=5.7.2&z=1145988847&slf_rd=1&random=3912122892

Requested by

Host: sslcomrates.forexprostools.com
URL: https://sslcomrates.forexprostools.com/

Protocol

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://sslcomrates.forexprostools.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Feb 2022 19:28:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Feb 2022 19:28:28 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.nl/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2555300-21&cid=444076219.1646076508&jid=1353259850&_v=5.7.2&z=1145988847&slf_rd=1&random=3912122892
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sslcomrates.forexprostools.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: gfeucv94luc4tmcbguk9q1nfa3
.sslcomrates.forexprostools.com/	1970-01-20 18:45:48	Name: __utma Value: 67436307.444076219.1646076508.1646076508.1646076508.1
.sslcomrates.forexprostools.com/	1969-12-31 23:59:59	Name: __utmc Value: 67436307
.sslcomrates.forexprostools.com/	1970-01-20 05:37:24	Name: __utmz Value: 67436307.1646076508.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.sslcomrates.forexprostools.com/	1970-01-20 01:14:37	Name: __utmt Value: 1
.sslcomrates.forexprostools.com/	1970-01-20 01:14:38	Name: __utmb Value: 67436307.1.10.1646076508

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://sslcomrates.forexprostools.com/(Line 93) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://sslcomrates.forexprostools.com/(Line 93) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests; block-all-mixed-content

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

92f8049275b46d631f32-c598b43a8fdedd4f0b9230706bd7ad18.ssl.cf1.rackcdn.com
cdnjs.cloudflare.com
i-invdn-com.investing.com
ssl.google-analytics.com
sslcomrates.forexprostools.com
stats.g.doubleclick.net
stream305.forexpros.com
streamjs.investing.com
wmt-invdn-com.investing.com
www.google.com
www.google.nl
185.168.113.105
185.94.85.237
185.94.85.240
2.18.233.88
2606:4700::6810:135e
2606:4700::6812:ad7
2606:4700::6812:bd7
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2004
2a00:1450:400c:c06::9a
0d21eb8afae3a91462efa9e70849f525cad2a21683363d4283bfe30b7a797cb3
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
21f56d7cea84412e9f62958a03683d9c1681156c8048ff8a54fcb5fa997efdfe
3cc5c121471323b25de45fcab48631d4a09c78e76af21c10d747352682605587
5272ebc76ee36a369f155347cb3da728eb1cdb0d3312b0aa062703d6f011b566
5c8d9f66f72fbd5fa97bf0255e4806d23736a1a14a15c3244b067533427e4e0d
61c165fe7dec11d4716d084722a41e525a04857fb2529b9137aa13193ac0bbfe
8a519b27a0b5a76d84f6abc48cb53662626cda81e843f723802145843134c8b9
a5780f633bc51f556dd32205fdc842cd6418794215560e39bad67c6f105d0cfb
cfde9f6b1360ad2477f08eb79b7b3a171baea13f8531faf2ced3d68ceb329f17
d8f01d2edd0720a649fb7cc297a11931eef05630cfa78298ce8e67e2793b353f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f63f0d973b692bf5c0938f26dce888401ec8c5a0cb29cf6e15ce765e8974fb0c
f67ff33d0f2a8202d620bb08ba797834c9f84aef45e0a2abaf17c45cba74b082

sslcomrates.forexprostools.com Open in urlscan Pro 185.94.85.237 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

14 Requests

93 %HTTPS

64 %IPv6

9 Domains

11 Subdomains

9 IPs

5 Countries

142 kBTransfer

293 kBSize

6 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

6 Cookies

2 Console Messages

Security Headers

Indicators

sslcomrates.forexprostools.com Open in urlscan Pro
185.94.85.237 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

93 %
HTTPS

64 %
IPv6

9
Domains

11
Subdomains

9
IPs

5
Countries

142 kB
Transfer

293 kB
Size

6
Cookies

14 HTTP transactions
0 data transactions