heratradinggroup.com Open in urlscan Pro
192.124.249.158 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.heratradinggroup.com/
Effective URL:
https://heratradinggroup.com/
Submission: On March 09 via automatic, source certstream-suspicious (March 9th 2020, 8:22:11 pm UTC)

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 25 HTTP transactions. The main IP is 192.124.249.158, located in United States and belongs to SUCURI-SEC, US. The main domain is heratradinggroup.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 17th 2019. Valid for: a year.

This is the only time heratradinggroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	192.124.249.158 192.124.249.158	30148 (SUCURI-SEC) (SUCURI-SEC)
1	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE)
1	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE)
1 1	2a02:26f0:6c0... 2a02:26f0:6c00:18d::6719	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	64.191.16.85 64.191.16.85	18915 (MONKEY-US-01) (MONKEY-US-01)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
25	6

18 192.124.249.158 (United States) 1 redirects

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10158.sucuri.net

www.heratradinggroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
heratradinggroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:18d::6719 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, US)

www.wufoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.191.16.85 (United States) 1 redirects

ASN18915 (MONKEY-US-01, US)

secure.wufoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gate39media.wufoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	heratradinggroup.com 1 redirects www.heratradinggroup.com heratradinggroup.com	909 KB
4	wufoo.com 2 redirects www.wufoo.com secure.wufoo.com gate39media.wufoo.com	4 KB
3	gstatic.com fonts.gstatic.com	35 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	30 KB
1	fontawesome.com use.fontawesome.com	9 KB
25	5

	Domain	Requested by
17	heratradinggroup.com	heratradinggroup.com ajax.googleapis.com
3	fonts.gstatic.com	ajax.googleapis.com
2	gate39media.wufoo.com	1 redirects secure.wufoo.com
1	secure.wufoo.com	heratradinggroup.com
1	www.wufoo.com	1 redirects
1	ajax.googleapis.com	heratradinggroup.com
1	use.fontawesome.com	heratradinggroup.com
1	fonts.googleapis.com	heratradinggroup.com
1	www.heratradinggroup.com	1 redirects
25	9

This site contains no links.

Subject Issuer	Validity	Valid
heratradinggroup.com Go Daddy Secure Certificate Authority - G2	`2019-08-17` - `2020-08-17`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2019-10-28` - `2020-12-23`	a year	crt.sh
*.wufoo.com DigiCert SHA2 Secure Server CA	`2017-03-14` - `2020-05-15`	3 years	crt.sh
*.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://heratradinggroup.com/
Frame ID: 30D6B64CD1B424BD6F3BA93E6A7D3672
Requests: 24 HTTP requests in this frame

Frame: https://gate39media.wufoo.com/forms/?formname=s1n8gmpz1hz2yqs&embed=1&embedKey=s1n8gmpz1hz2yqs770822&entsource=&referrer=
Frame ID: 7693802174B3DCC4B5E7C3F8B30910B4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.heratradinggroup.com/ HTTP 301
https://heratradinggroup.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

25
Requests

100 %
HTTPS

57 %
IPv6

5
Domains

9
Subdomains

6
IPs

3
Countries

987 kB
Transfer

1725 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.heratradinggroup.com/ HTTP 301
https://heratradinggroup.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://www.wufoo.com/scripts/embed/form.js HTTP 301
https://secure.wufoo.com/scripts/embed/form.js

Request Chain 23

https://gate39media.wufoo.com/embed/s1n8gmpz1hz2yqs/def/embedKey=s1n8gmpz1hz2yqs770822&entsource=&referrer= HTTP 301
https://gate39media.wufoo.com/forms/?formname=s1n8gmpz1hz2yqs&embed=1&embedKey=s1n8gmpz1hz2yqs770822&entsource=&referrer=

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
heratradinggroup.com/
Redirect Chain

https://www.heratradinggroup.com/
https://heratradinggroup.com/

29 KB
7 KB

34ms
22ms

Document
text/html

192.124.249.158
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heratradinggroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.158 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10158.sucuri.net

Software

nginx /

Resource Hash

9ac2c5c416a95f3edb004bfc6e98d7f1d9352ffd67db19877c763cadfb5073f8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: heratradinggroup.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
server: nginx
date: Mon, 09 Mar 2020 20:21:49 GMT
content-type: text/html; charset=UTF-8
content-length: 6746
x-sucuri-id: 13008
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
link: <https://heratradinggroup.com/wp-json/>; rel="https://api.w.org/", <https://heratradinggroup.com/>; rel=shortlink
content-encoding: gzip
vary: Accept-Encoding,Cookie
x-sucuri-cache: HIT

Redirect headers

status: 301
server: nginx
date: Mon, 09 Mar 2020 20:21:49 GMT
content-type: text/html; charset=UTF-8
location: https://heratradinggroup.com/
x-sucuri-id: 13008
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding,Cookie
x-redirect-by: WordPress
x-sucuri-cache: MISS

GET
H2 200 style.min.css
heratradinggroup.com/wp-includes/css/dist/block-library/ 40 KB
8 KB 100ms
98ms Stylesheet
text/css 192.124.249.158
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heratradinggroup.com/wp-includes/css/dist/block-library/style.min.css?ver=5.3.2

Requested by

Host: heratradinggroup.com
URL: https://heratradinggroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.158 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10158.sucuri.net

Software

nginx /

Resource Hash

d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heratradinggroup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 09 Mar 2020 20:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: MISS
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Nov 2019 21:57:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5dd5b6d8-a1fb"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 13008
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Barlow+Condensed:300,400,600,700|Roboto:300,400,700

Requested by

Host: heratradinggroup.com
URL: https://heratradinggroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

08dabb0736abf5b6573af8313de6adba1eddc17418d0fa8f6b2fa68fe47732c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://heratradinggroup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 09 Mar 2020 20:21:49 GMT
server: ESF
date: Mon, 09 Mar 2020 20:21:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Mar 2020 20:21:49 GMT

GET
H2 200 toolkit.min.css
heratradinggroup.com/wp-content/themes/gate39media/library/dist/ 152 KB
34 KB 395ms
394ms Stylesheet
text/css 192.124.249.158
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heratradinggroup.com/wp-content/themes/gate39media/library/dist/toolkit.min.css

Requested by

Host: heratradinggroup.com
URL: https://heratradinggroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.158 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10158.sucuri.net

Software

nginx /

Resource Hash

891f5d0ede63a2bf85dac614329bf6e6601f59268755f88c6bd873acc4ee0b8f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heratradinggroup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 09 Mar 2020 20:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: MISS
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Aug 2018 19:03:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5b6c9008-25eb3"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 13008
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.0.10/css/ 36 KB
9 KB 64ms
21ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.10/css/all.css
Requested by: Host: heratradinggroup.com
URL: https://heratradinggroup.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae

Request headers

Referer: https://heratradinggroup.com/
Origin: https://heratradinggroup.com
Sec-Fetch-Dest: style
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Mar 2020 20:21:49 GMT
content-encoding: gzip
last-modified: Tue, 10 Apr 2018 23:10:22 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"d1acb8ad33b1526acbfd3f0028b859b0"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
status: 200
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 gate39media-app.css
heratradinggroup.com/wp-content/themes/gate39media/ 10 KB
3 KB 320ms
319ms Stylesheet
text/css 192.124.249.158
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heratradinggroup.com/wp-content/themes/gate39media/gate39media-app.css?ver=2.0.0

Requested by

Host: heratradinggroup.com
URL: https://heratradinggroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.158 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10158.sucuri.net

Software

nginx /

Resource Hash

a9a0e799f21b278ada629629e43b8d9346f9b7f7644dae3a57c3a776f99498cb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heratradinggroup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 09 Mar 2020 20:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: MISS
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Aug 2018 19:02:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5b6c8fc4-27c6"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 13008
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js_composer.min.css
heratradinggroup.com/wp-content/plugins/js_composer/assets/css/ 473 KB
58 KB 413ms
412ms Stylesheet
text/css 192.124.249.158
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heratradinggroup.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.6

Requested by

Host: heratradinggroup.com
URL: https://heratradinggroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.158 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10158.sucuri.net

Software

nginx /

Resource Hash

18fd322583b992be8df5cc0713fee5fc2ec1f43004f1d838cfe1a76d49cb8f4a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heratradinggroup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Mon, 09 Mar 2020 20:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: MISS
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Jan 2019 16:54:06 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5c3778ae-76596"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 13008
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo-white.png
heratradinggroup.com/wp-content/themes/gate39media/img/ 5 KB
5 KB 323ms
323ms Image
image/png 192.124.249.158
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heratradinggroup.com/wp-content/themes/gate39media/img/logo-white.png

Requested by

Host: heratradinggroup.com
URL: https://heratradinggroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.158 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10158.sucuri.net

Software

nginx /

Resource Hash

b76b76a16379ae0721e2ad5bed1592303a21327d20b320c1aafe751779a7f46f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heratradinggroup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 20:21:49 GMT
x-content-type-options: nosniff
status: 200
x-sucuri-cache: MISS
content-length: 4846
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Aug 2018 19:02:32 GMT
server: nginx
etag: "5b6c8fc8-12ee"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 13008
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 home-objective-top-markets-icon.png
heratradinggroup.com/wp-content/uploads/2018/05/ 6 KB
7 KB 326ms
325ms Image
image/png 192.124.249.158
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heratradinggroup.com/wp-content/uploads/2018/05/home-objective-top-markets-icon.png

Requested by

Host: heratradinggroup.com
URL: https://heratradinggroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.158 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10158.sucuri.net

Software

nginx /

Resource Hash

21855e91745eb4881f13becd077378634ef02e7c77615fc5305884ccc8b39605

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heratradinggroup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 20:21:49 GMT
x-content-type-options: nosniff
status: 200
x-sucuri-cache: MISS
content-length: 6637
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Aug 2018 18:14:23 GMT
server: nginx
etag: "5b6c847f-19ed"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 13008
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 home-objective-risk-management-icon-1.png
heratradinggroup.com/wp-content/uploads/2018/05/ 4 KB
4 KB 102ms
102ms Image
image/png 192.124.249.158
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heratradinggroup.com/wp-content/uploads/2018/05/home-objective-risk-management-icon-1.png

Requested by

Host: heratradinggroup.com
URL: https://heratradinggroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.158 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10158.sucuri.net

Software

nginx /

Resource Hash

68363ff99047de7f121144f0d01c3ffc0e492aa569c0c0c40dada87a9b0d1183

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heratradinggroup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 20:21:49 GMT
x-content-type-options: nosniff
status: 200
x-sucuri-cache: MISS
content-length: 4050
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Aug 2018 18:14:22 GMT
server: nginx
etag: "5b6c847e-fd2"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 13008
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 home-objective-consistent-returns-icon-1.png
heratradinggroup.com/wp-content/uploads/2018/05/ 3 KB
3 KB 101ms
100ms Image
image/png 192.124.249.158
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heratradinggroup.com/wp-content/uploads/2018/05/home-objective-consistent-returns-icon-1.png

Requested by

Host: heratradinggroup.com
URL: https://heratradinggroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.158 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10158.sucuri.net

Software

nginx /

Resource Hash

f8c8edc21d9a9438ded11a4e829044b9cf2e11d77301f6addd39a834e600552d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heratradinggroup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 20:21:49 GMT
x-content-type-options: nosniff
status: 200
x-sucuri-cache: MISS
content-length: 3168
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Aug 2018 18:14:21 GMT
server: nginx
etag: "5b6c847d-c60"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 13008
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 home-about-hera-trading-group-submark.png
heratradinggroup.com/wp-content/uploads/2018/05/ 2 KB
3 KB 96ms
95ms Image
image/png 192.124.249.158
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heratradinggroup.com/wp-content/uploads/2018/05/home-about-hera-trading-group-submark.png

Requested by

Host: heratradinggroup.com
URL: https://heratradinggroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.158 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10158.sucuri.net

Software

nginx /

Resource Hash

c83b1c714a63529de33c138aa9e198fe0690460766b3945dfe08681cabd9d088

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heratradinggroup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 20:21:49 GMT
x-content-type-options: nosniff
status: 200
x-sucuri-cache: MISS
content-length: 2415
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Aug 2018 18:14:20 GMT
server: nginx
etag: "5b6c847c-96f"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 13008
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ 82 KB
29 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js

Requested by

Host: heratradinggroup.com
URL: https://heratradinggroup.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://heratradinggroup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 27 Feb 2020 11:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 982481
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29725
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Feb 2021 11:27:08 GMT

GET
H2 200 toolkit.min.js Show response
heratradinggroup.com/wp-content/themes/gate39media/library/dist/ 47 KB
15 KB 99ms
99ms Script
application/javascript 192.124.249.158
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heratradinggroup.com/wp-content/themes/gate39media/library/dist/toolkit.min.js

Requested by

Host: heratradinggroup.com
URL: https://heratradinggroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.158 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10158.sucuri.net

Software

nginx /

Resource Hash

fb83d6d700d1b60fcf1407c3dfe027dca6c71a77791107772e8704efb534cf84

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heratradinggroup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 09 Mar 2020 20:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: MISS
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Aug 2018 19:03:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5b6c9008-bbe3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 13008
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gate39media-site.min.js Show response
heratradinggroup.com/wp-content/themes/gate39media/js/ 38 B
382 B 95ms
95ms Script
application/javascript 192.124.249.158
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heratradinggroup.com/wp-content/themes/gate39media/js/gate39media-site.min.js

Requested by

Host: heratradinggroup.com
URL: https://heratradinggroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.158 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10158.sucuri.net

Software

nginx /

Resource Hash

25bf40064888964eb06e0980211b378b28d210737786e3d10546da7013398899

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heratradinggroup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 09 Mar 2020 20:21:49 GMT
x-content-type-options: nosniff
status: 200
x-sucuri-cache: MISS
content-length: 38
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Aug 2018 19:02:31 GMT
server: nginx
etag: "5b6c8fc7-26"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 13008
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-embed.min.js Show response
heratradinggroup.com/wp-includes/js/ 1 KB
1 KB 111ms
111ms Script
application/javascript 192.124.249.158
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heratradinggroup.com/wp-includes/js/wp-embed.min.js?ver=5.3.2

Requested by

Host: heratradinggroup.com
URL: https://heratradinggroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.158 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10158.sucuri.net

Software

nginx /

Resource Hash

0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heratradinggroup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 09 Mar 2020 20:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: MISS
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Nov 2019 21:57:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5dd5b6d8-577"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 13008
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js_composer_front.min.js Show response
heratradinggroup.com/wp-content/plugins/js_composer/assets/js/dist/ 19 KB
7 KB 105ms
105ms Script
application/javascript 192.124.249.158
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heratradinggroup.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.6

Requested by

Host: heratradinggroup.com
URL: https://heratradinggroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.158 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10158.sucuri.net

Software

nginx /

Resource Hash

2c0bcb73a9ca9483f3d74255ce1a77f5fbc491f09a5516929e55b4c38c2e9ecd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heratradinggroup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 09 Mar 2020 20:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: MISS
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Jan 2019 16:54:06 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5c3778ae-4cfa"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 13008
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-emoji-release.min.js Show response
heratradinggroup.com/wp-includes/js/ 14 KB
5 KB 96ms
95ms Script
application/javascript 192.124.249.158
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://heratradinggroup.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.2

Requested by

Host: heratradinggroup.com
URL: https://heratradinggroup.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.158 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10158.sucuri.net

Software

nginx /

Resource Hash

1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heratradinggroup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 09 Mar 2020 20:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-sucuri-cache: MISS
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Nov 2019 21:57:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"5dd5b6d8-362a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 13008
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1

200
OK

form.js Show response
secure.wufoo.com/scripts/embed/
Redirect Chain

https://www.wufoo.com/scripts/embed/form.js
https://secure.wufoo.com/scripts/embed/form.js

6 KB
3 KB

684ms
171ms

Script
text/javascript

64.191.16.85
MONKEY-US-01

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.wufoo.com/scripts/embed/form.js

Requested by

Host: heratradinggroup.com
URL: https://heratradinggroup.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.191.16.85 , United States, ASN18915 (MONKEY-US-01, US),

Reverse DNS

Software

/ Bananas and Rum

Resource Hash

95f7eb413ba818c687458b8a6726bac17b4dd7c2f0cd122e48f14e0feddec296

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://heratradinggroup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 09 Mar 2020 20:21:50 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: Bananas and Rum
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: origin, x-requested-with, content-type

Redirect headers

Date: Mon, 09 Mar 2020 20:21:50 GMT
Server: AkamaiGHost
X-N: S
Location: https://secure.wufoo.com/scripts/embed/form.js
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 0
Expires: Mon, 09 Mar 2020 20:21:50 GMT

GET
H2 200 home-hero-bg.jpg
heratradinggroup.com/wp-content/themes/gate39media/img/ 538 KB
539 KB 169ms
169ms Image
image/jpeg 192.124.249.158
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heratradinggroup.com/wp-content/themes/gate39media/img/home-hero-bg.jpg

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.158 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10158.sucuri.net

Software

nginx /

Resource Hash

9ec2b1d5ac0c1ff8366bcf86bc952107d4df07c0391b6ac15e1176bbdda2e9ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heratradinggroup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 20:21:50 GMT
x-content-type-options: nosniff
status: 200
x-sucuri-cache: MISS
content-length: 551115
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Aug 2018 19:02:33 GMT
server: nginx
etag: "5b6c8fc9-868cb"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 13008
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 home-about-hera-trading-group-bg.jpg
heratradinggroup.com/wp-content/uploads/2018/05/ 209 KB
210 KB 173ms
172ms Image
image/jpeg 192.124.249.158
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heratradinggroup.com/wp-content/uploads/2018/05/home-about-hera-trading-group-bg.jpg?id=15

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.158 , United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10158.sucuri.net

Software

nginx /

Resource Hash

d8e09cc0343f6848cbc01d942eaf9d445c25d2fa6738e13443b1c1c639ee367c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://heratradinggroup.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 09 Mar 2020 20:21:50 GMT
x-content-type-options: nosniff
status: 200
x-sucuri-cache: MISS
content-length: 214268
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Aug 2018 18:14:23 GMT
server: nginx
etag: "5b6c847f-344fc"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 13008
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 HTxwL3I-JCGChYJ8VI-L6OO_au7B4873z3bWuYMBYro.woff2
fonts.gstatic.com/s/barlowcondensed/v4/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlowcondensed/v4/HTxwL3I-JCGChYJ8VI-L6OO_au7B4873z3bWuYMBYro.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c00bc75e7ed1d4b905a2481ff7995f6ce97c45e317aa14ad08176e7fdb382a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Barlow+Condensed:300,400,600,700|Roboto:300,400,700
Origin: https://heratradinggroup.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 25 Feb 2020 02:22:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 23:49:03 GMT
server: sffe
age: 1187940
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13260
x-xss-protection: 0
expires: Wed, 24 Feb 2021 02:22:50 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Barlow+Condensed:300,400,600,700|Roboto:300,400,700
Origin: https://heratradinggroup.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 19:10:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 3978679
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Fri, 22 Jan 2021 19:10:31 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Barlow+Condensed:300,400,600,700|Roboto:300,400,700
Origin: https://heratradinggroup.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 10:12:15 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 4010975
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11180
x-xss-protection: 0
expires: Fri, 22 Jan 2021 10:12:15 GMT

GET
H/1.1

200
OK

Cookie set /
gate39media.wufoo.com/forms/ Frame 7693
Redirect Chain

https://gate39media.wufoo.com/embed/s1n8gmpz1hz2yqs/def/embedKey=s1n8gmpz1hz2yqs770822&entsource=&referrer=
https://gate39media.wufoo.com/forms/?formname=s1n8gmpz1hz2yqs&embed=1&embedKey=s1n8gmpz1hz2yqs770822&entsource=&referrer=

0
0

283ms
283ms

Document
text/html

64.191.16.85
MONKEY-US-01

General

Check archive.org

Show headers Download Go to

Full URL: https://gate39media.wufoo.com/forms/?formname=s1n8gmpz1hz2yqs&embed=1&embedKey=s1n8gmpz1hz2yqs770822&entsource=&referrer=
Requested by: Host: secure.wufoo.com
URL: https://secure.wufoo.com/scripts/embed/form.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.191.16.85 , United States, ASN18915 (MONKEY-US-01, US),
Reverse DNS
Software: / Bananas and Rum
Resource Hash

Request headers

Host: gate39media.wufoo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://heratradinggroup.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ep201=4hJ71po6rHjzT5fSuEKXvdMw3FM=; ep202=1HiK5kWC5t38mown0KEAogSUN88=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://heratradinggroup.com/

Response headers

Date: Mon, 09 Mar 2020 20:21:51 GMT
Content-Type: text/html;charset=UTF-8
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Set-Cookie: ep201=4hJ71po6rHjzT5fSuEKXvdMw3FM=;Path=/;Domain=.wufoo.com;Expires=Mon, 09-Mar-2020 20:51:51 GMT ep202=1HiK5kWC5t38mown0KEAogSUN88=;Path=/;Domain=.wufoo.com;Expires=Wed, 10-Mar-2021 02:10:37 GMT
X-Powered-By: Bananas and Rum
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked

Redirect headers

Date: Mon, 09 Mar 2020 20:21:51 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://gate39media.wufoo.com/forms/?formname=s1n8gmpz1hz2yqs&embed=1&embedKey=s1n8gmpz1hz2yqs770822&entsource=&referrer=
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Set-Cookie: ep201=4hJ71po6rHjzT5fSuEKXvdMw3FM=;Path=/;Domain=.wufoo.com;Expires=Mon, 09-Mar-2020 20:51:51 GMT ep202=1HiK5kWC5t38mown0KEAogSUN88=;Path=/;Domain=.wufoo.com;Expires=Wed, 10-Mar-2021 02:10:37 GMT
X-Powered-By: Bananas and Rum
Vary: Accept-Encoding

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.wufoo.com/	1970-01-19 16:42:22	Name: ep202 Value: 1HiK5kWC5t38mown0KEAogSUN88=
			.wufoo.com/	1970-01-19 07:56:27	Name: ep201 Value: 4hJ71po6rHjzT5fSuEKXvdMw3FM=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
gate39media.wufoo.com
heratradinggroup.com
secure.wufoo.com
use.fontawesome.com
www.heratradinggroup.com
www.wufoo.com
192.124.249.158
23.111.9.35
2a00:1450:4001:800::2003
2a00:1450:4001:814::200a
2a00:1450:4001:816::200a
2a02:26f0:6c00:18d::6719
64.191.16.85
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
08dabb0736abf5b6573af8313de6adba1eddc17418d0fa8f6b2fa68fe47732c3
18fd322583b992be8df5cc0713fee5fc2ec1f43004f1d838cfe1a76d49cb8f4a
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
21855e91745eb4881f13becd077378634ef02e7c77615fc5305884ccc8b39605
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
25bf40064888964eb06e0980211b378b28d210737786e3d10546da7013398899
2c0bcb73a9ca9483f3d74255ce1a77f5fbc491f09a5516929e55b4c38c2e9ecd
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
68363ff99047de7f121144f0d01c3ffc0e492aa569c0c0c40dada87a9b0d1183
891f5d0ede63a2bf85dac614329bf6e6601f59268755f88c6bd873acc4ee0b8f
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
95f7eb413ba818c687458b8a6726bac17b4dd7c2f0cd122e48f14e0feddec296
9ac2c5c416a95f3edb004bfc6e98d7f1d9352ffd67db19877c763cadfb5073f8
9ec2b1d5ac0c1ff8366bcf86bc952107d4df07c0391b6ac15e1176bbdda2e9ce
a9a0e799f21b278ada629629e43b8d9346f9b7f7644dae3a57c3a776f99498cb
b76b76a16379ae0721e2ad5bed1592303a21327d20b320c1aafe751779a7f46f
c00bc75e7ed1d4b905a2481ff7995f6ce97c45e317aa14ad08176e7fdb382a05
c83b1c714a63529de33c138aa9e198fe0690460766b3945dfe08681cabd9d088
cfac6241dd3aabb5f1552c17501790093015c006a8e13671823c1ff4872beaae
d8e09cc0343f6848cbc01d942eaf9d445c25d2fa6738e13443b1c1c639ee367c
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
f8c8edc21d9a9438ded11a4e829044b9cf2e11d77301f6addd39a834e600552d
fb83d6d700d1b60fcf1407c3dfe027dca6c71a77791107772e8704efb534cf84

heratradinggroup.com Open in urlscan Pro 192.124.249.158 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

100 %HTTPS

57 %IPv6

5 Domains

9 Subdomains

6 IPs

3 Countries

987 kBTransfer

1725 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

heratradinggroup.com Open in urlscan Pro
192.124.249.158 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

57 %
IPv6

5
Domains

9
Subdomains

6
IPs

3
Countries

987 kB
Transfer

1725 kB
Size

2
Cookies

25 HTTP transactions
0 data transactions