Submitted URL: https://cq4wg04.na1.hs-sales-engage.com/Ctc/RF+23284/cq4WG04/JjT5fj_kW50kH_H6lZ3pMW7TwDKz1CPSW-W1tgTYz6G_v4GW6yyvlX5DwHj0W7bMMxb6k7d3KW3...
Effective URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_med...
Submission: On January 04 via manual from IN — Scanned from DE

Summary

This website contacted 26 IPs in 3 countries across 28 domains to perform 107 HTTP transactions. The main IP is 2606:4700:20::681a:e15, located in United States and belongs to CLOUDFLARENET, US. The main domain is terranovasecurity.com.
TLS certificate: Issued by E1 on January 2nd 2024. Valid for: 3 months.
This is the only time terranovasecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
24 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
6 18.66.122.49 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:264... 16509 (AMAZON-02)
1 18.66.147.9 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
14 13.227.219.15 16509 (AMAZON-02)
1 5 2a05:d018:cc3... 16509 (AMAZON-02)
1 52.222.174.4 16509 (AMAZON-02)
2 2 142.250.186.130 15169 (GOOGLE)
12 2a04:4e42:400... 54113 (FASTLY)
1 2600:9000:209... 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42::644 54113 (FASTLY)
2 2600:9000:224... 16509 (AMAZON-02)
1 18.245.86.40 16509 (AMAZON-02)
107 26
Apex Domain
Subdomains
Transfer
24 terranovasecurity.com
terranovasecurity.com
988 KB
21 trustarc.com
consent.trustarc.com — Cisco Umbrella Rank: 4240
consent-pref.trustarc.com — Cisco Umbrella Rank: 17761
consent-st.trustarc.com — Cisco Umbrella Rank: 48236
225 KB
12 wistia.net
fast.wistia.net — Cisco Umbrella Rank: 21447
374 KB
8 hubspot.com
js.hubspot.com — Cisco Umbrella Rank: 11380
api.hubspot.com — Cisco Umbrella Rank: 10046
cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 11108
track.hubspot.com — Cisco Umbrella Rank: 5095
forms.hubspot.com — Cisco Umbrella Rank: 11250
29 KB
7 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 9216
forms-na1.hsforms.com — Cisco Umbrella Rank: 17099
perf-na1.hsforms.com — Cisco Umbrella Rank: 12287
22 KB
6 wistia.com
linoma.wistia.com
embed-ssl.wistia.com — Cisco Umbrella Rank: 19585
fast.wistia.com — Cisco Umbrella Rank: 11192
pipedream.wistia.com — Cisco Umbrella Rank: 16748
distillery.wistia.com — Cisco Umbrella Rank: 17080
27 KB
6 adroll.com
s.adroll.com — Cisco Umbrella Rank: 4806
d.adroll.com — Cisco Umbrella Rank: 2450
ipv4.d.adroll.com Failed
29 KB
3 gstatic.com
fonts.gstatic.com
24 KB
2 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 338
853 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 438
59 KB
2 hs-sales-engage.com
cq4wg04.na1.hs-sales-engage.com
3 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 5159
23 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 5122
20 KB
1 usemessages.com
js.usemessages.com — Cisco Umbrella Rank: 11386
24 KB
1 hsleadflows.net
js.hsleadflows.net — Cisco Umbrella Rank: 10691
88 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
99 KB
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 5454
1 KB
1 hsforms.net
js.hsforms.net — Cisco Umbrella Rank: 15786
154 KB
0 adnxs.com Failed
ib.adnxs.com Failed
0 3lift.com Failed
eb2.3lift.com Failed
0 taboola.com Failed
sync.taboola.com Failed
0 yahoo.com Failed
ups.analytics.yahoo.com Failed
0 pubmatic.com Failed
image2.pubmatic.com Failed
0 outbrain.com Failed
sync.outbrain.com Failed
0 openx.net Failed
us-u.openx.net Failed
0 rubiconproject.com Failed
pixel.rubiconproject.com Failed
0 casalemedia.com Failed
dsum-sec.casalemedia.com Failed
0 bidswitch.net Failed
x.bidswitch.net Failed
107 28
Domain Requested by
24 terranovasecurity.com cq4wg04.na1.hs-sales-engage.com
terranovasecurity.com
14 consent-pref.trustarc.com consent.trustarc.com
consent-pref.trustarc.com
terranovasecurity.com
12 fast.wistia.net linoma.wistia.com
fast.wistia.net
terranovasecurity.com
6 consent.trustarc.com terranovasecurity.com
consent.trustarc.com
5 d.adroll.com 1 redirects s.adroll.com
terranovasecurity.com
4 forms.hsforms.com js.hsforms.net
terranovasecurity.com
3 track.hubspot.com
3 fonts.gstatic.com terranovasecurity.com
2 pipedream.wistia.com fast.wistia.net
2 forms-na1.hsforms.com terranovasecurity.com
2 api.hubspot.com js.usemessages.com
2 cm.g.doubleclick.net 2 redirects
2 cdn.jsdelivr.net terranovasecurity.com
cdn.jsdelivr.net
2 cq4wg04.na1.hs-sales-engage.com 1 redirects
1 forms.hubspot.com js.hsleadflows.net
1 perf-na1.hsforms.com terranovasecurity.com
1 distillery.wistia.com fast.wistia.net
1 cta-service-cms2.hubspot.com js.hubspot.com
1 fast.wistia.com fast.wistia.net
1 js.hubspot.com js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 js.usemessages.com js.hs-scripts.com
1 js.hsleadflows.net js.hs-scripts.com
1 embed-ssl.wistia.com terranovasecurity.com
1 consent-st.trustarc.com consent-pref.trustarc.com
1 linoma.wistia.com terranovasecurity.com
1 s.adroll.com terranovasecurity.com
1 www.googletagmanager.com terranovasecurity.com
1 js.hs-scripts.com terranovasecurity.com
1 js.hsforms.net terranovasecurity.com
0 ipv4.d.adroll.com Failed terranovasecurity.com
0 ib.adnxs.com Failed terranovasecurity.com
0 eb2.3lift.com Failed terranovasecurity.com
0 sync.taboola.com Failed terranovasecurity.com
0 ups.analytics.yahoo.com Failed terranovasecurity.com
0 image2.pubmatic.com Failed terranovasecurity.com
0 sync.outbrain.com Failed terranovasecurity.com
0 us-u.openx.net Failed terranovasecurity.com
0 pixel.rubiconproject.com Failed terranovasecurity.com
0 dsum-sec.casalemedia.com Failed terranovasecurity.com
0 x.bidswitch.net Failed terranovasecurity.com
107 42

This site contains links to these domains. Also see Links.

Domain
learn.microsoft.com
www.fortra.com
Subject Issuer Validity Valid
hs-sales-engage.com
Cloudflare Inc ECC CA-3
2023-05-23 -
2024-05-21
a year crt.sh
terranovasecurity.com
E1
2024-01-02 -
2024-04-01
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-02 -
2024-05-01
a year crt.sh
*.trustarc.com
Amazon RSA 2048 M02
2023-04-17 -
2024-05-14
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
s.adroll.com
Amazon RSA 2048 M01
2023-06-03 -
2024-07-01
a year crt.sh
webservices-production-com-cloudfront-app-cname.wistia.com
Amazon RSA 2048 M02
2023-05-16 -
2024-06-13
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
d.adroll.com
Amazon RSA 2048 M01
2023-10-09 -
2024-11-07
a year crt.sh
fast.wistia.net
GlobalSign Atlas R3 DV TLS CA 2023 Q2
2023-07-02 -
2024-08-02
a year crt.sh
*.wistia.com
Amazon RSA 2048 M02
2024-01-01 -
2025-01-28
a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3
2023-02-05 -
2024-02-05
a year crt.sh
fast.wistia.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2
2023-07-02 -
2024-08-02
a year crt.sh
pipedream-production-cloudfront-app-cname.wistia.com
Amazon RSA 2048 M03
2023-09-11 -
2024-10-09
a year crt.sh
stats-tap-production-cloudfront-app-cname.wistia.com
Amazon RSA 2048 M01
2023-09-13 -
2024-10-11
a year crt.sh

This page contains 5 frames:

Primary Page: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Frame ID: 72B51026A799BA483C7E64A217A2D016
Requests: 71 HTTP requests in this frame

Frame: https://linoma.wistia.com/embed/iframe/i12p9inb16
Frame ID: A0ADB2661DAD59E1CB752550A24CC092
Requests: 19 HTTP requests in this frame

Frame: https://consent.trustarc.com/get?name=crossdomain.html&domain=helpsystems.com
Frame ID: BADACD182906D57DFA697CAC0F695F4C
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=notice&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.fortra.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.fortra.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=e904d75e-49c2-44da-8bb1-d1e909d13966&userType=NEW
Frame ID: 3748551CE5C8F3F84C8613EAE54C213E
Requests: 15 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/defaultpreferencemanager/53754F6B83F1077EA08A2F9035B0EEBF.cache.html
Frame ID: 7692603B516E65E5448AF9F7A89FD255
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Gone Phishing Tournament | Terranova Security

Page URL History Show full URLs

  1. https://cq4wg04.na1.hs-sales-engage.com/Ctc/RF+23284/cq4WG04/JjT5fj_kW50kH_H6lZ3pMW7TwDKz1CPSW-W1tgTYz6G_v4GW6yyvlX5... Page URL
  2. https://cq4wg04.na1.hs-sales-engage.com/events/public/v1/encoded/track/tc/RF+23284/cq4WG04/JjT5fj_kW50kH_H6lZ3pMW7Tw... HTTP 307
    https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-g... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics

Overall confidence: 100%
Detected patterns
  • consent\.trustarc\.com

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

107
Requests

89 %
HTTPS

77 %
IPv6

28
Domains

42
Subdomains

26
IPs

3
Countries

2190 kB
Transfer

7360 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cq4wg04.na1.hs-sales-engage.com/Ctc/RF+23284/cq4WG04/JjT5fj_kW50kH_H6lZ3pMW7TwDKz1CPSW-W1tgTYz6G_v4GW6yyvlX5DwHj0W7bMMxb6k7d3KW35FHqm8s61b-Mjq-wcGGw0YN6dBcdQl4VvlN7Gjys9mr78bW1pLvh56WjkZvW4dqWCz76tNmCVNNMrj8Dy1m4N6Y1SvQBTl43N80LV8PRxLFMN3YSw7-zY4fpW3yncNK688QHDW6y7Gjp3Dhvc9VZVQhX4Hr8bmW5hwpqt4xZVjhW6wnDV71Qh0B0W5LlFkD6GQ07bW4LxK613cpCCgF2_jjb7VsLNW1SbWc-70LKyFW4c9zxJ2gFHtVW8jT8pn7F9jVDW1XHjW1690yCDW1d_pmS7K1Mk5N4bFTqymh3McW5zD6962mqZlGW7qLTd_7x_6BGW939cQt86YJfkW95GZQH5tMS0tf2-LF-s04 Page URL
  2. https://cq4wg04.na1.hs-sales-engage.com/events/public/v1/encoded/track/tc/RF+23284/cq4WG04/JjT5fj_kW50kH_H6lZ3pMW7TwDKz1CPSW-W1tgTYz6G_v4GW6yyvlX5DwHj0W7bMMxb6k7d3KW35FHqm8s61b-Mjq-wcGGw0YN6dBcdQl4VvlN7Gjys9mr78bW1pLvh56WjkZvW4dqWCz76tNmCVNNMrj8Dy1m4N6Y1SvQBTl43N80LV8PRxLFMN3YSw7-zY4fpW3yncNK688QHDW6y7Gjp3Dhvc9VZVQhX4Hr8bmW5hwpqt4xZVjhW6wnDV71Qh0B0W5LlFkD6GQ07bW4LxK613cpCCgF2_jjb7VsLNW1SbWc-70LKyFW4c9zxJ2gFHtVW8jT8pn7F9jVDW1XHjW1690yCDW1d_pmS7K1Mk5N4bFTqymh3McW5zD6962mqZlGW7qLTd_7x_6BGW939cQt86YJfkW95GZQH5tMS0tf2-LF-s04?_ud=c6795a8a-b31e-4580-9b1c-a839f3083486&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
    https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46
  • https://d.adroll.com/cm/b/out?adroll_fpc=bb08f355c0286366c458d88078c19ccc-1704398199656&pv=13576817922.274942&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&advertisable=YZJZ3MVNCZDDFHWIXHLWUO HTTP 0
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE
Request Chain 47
  • https://d.adroll.com/cm/g/out?adroll_fpc=bb08f355c0286366c458d88078c19ccc-1704398199656&pv=13576817922.274942&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&advertisable=YZJZ3MVNCZDDFHWIXHLWUO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=sv8d8k4eViia7L6i0qek6g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=sv8d8k4eViia7L6i0qek6g&google_tc= HTTP 302
  • https://d.adroll.com/cm/g/in
Request Chain 48
  • https://d.adroll.com/cm/index/out?adroll_fpc=bb08f355c0286366c458d88078c19ccc-1704398199656&pv=13576817922.274942&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&advertisable=YZJZ3MVNCZDDFHWIXHLWUO HTTP 0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE&expiration=1735934199
Request Chain 50
  • https://d.adroll.com/cm/n/out?adroll_fpc=bb08f355c0286366c458d88078c19ccc-1704398199656&pv=13576817922.274942&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&advertisable=YZJZ3MVNCZDDFHWIXHLWUO HTTP 0
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE&expires=365
Request Chain 51
  • https://d.adroll.com/cm/o/out?adroll_fpc=bb08f355c0286366c458d88078c19ccc-1704398199656&pv=13576817922.274942&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&advertisable=YZJZ3MVNCZDDFHWIXHLWUO HTTP 0
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=b2ff1df24e1e56289aecbea2d2a7a4ea&gdpr=1&gdpr_consent=
Request Chain 52
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=bb08f355c0286366c458d88078c19ccc-1704398199656&pv=13576817922.274942&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&advertisable=YZJZ3MVNCZDDFHWIXHLWUO HTTP 0
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE&gdpr=1&gdpr_consent=&us_privacy=1---
Request Chain 53
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=bb08f355c0286366c458d88078c19ccc-1704398199656&pv=13576817922.274942&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&advertisable=YZJZ3MVNCZDDFHWIXHLWUO HTTP 0
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Request Chain 54
  • https://d.adroll.com/cm/r/out?adroll_fpc=bb08f355c0286366c458d88078c19ccc-1704398199656&pv=13576817922.274942&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&advertisable=YZJZ3MVNCZDDFHWIXHLWUO HTTP 0
  • https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Request Chain 55
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=bb08f355c0286366c458d88078c19ccc-1704398199656&pv=13576817922.274942&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&advertisable=YZJZ3MVNCZDDFHWIXHLWUO HTTP 0
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE
Request Chain 56
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=bb08f355c0286366c458d88078c19ccc-1704398199656&pv=13576817922.274942&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&advertisable=YZJZ3MVNCZDDFHWIXHLWUO HTTP 0
  • https://eb2.3lift.com/xuid?mid=4714&xuid=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE&dongle=c85e
Request Chain 57
  • https://d.adroll.com/cm/x/out?adroll_fpc=bb08f355c0286366c458d88078c19ccc-1704398199656&pv=13576817922.274942&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&advertisable=YZJZ3MVNCZDDFHWIXHLWUO HTTP 0
  • https://ib.adnxs.com/setuid?entity=172&code=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE

107 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
JjT5fj_kW50kH_H6lZ3pMW7TwDKz1CPSW-W1tgTYz6G_v4GW6yyvlX5DwHj0W7bMMxb6k7d3KW35FHqm8s61b-Mjq-wcGGw0YN6dBcdQl4VvlN7Gjys9mr78bW1pLvh56WjkZvW4dqWCz76tNmCVNNMrj8Dy1m4N6Y1SvQBTl43N80LV8PRxLFMN3YSw7-zY4fpW3...
cq4wg04.na1.hs-sales-engage.com/Ctc/RF+23284/cq4WG04/
8 KB
3 KB
Document
General
Full URL
https://cq4wg04.na1.hs-sales-engage.com/Ctc/RF+23284/cq4WG04/JjT5fj_kW50kH_H6lZ3pMW7TwDKz1CPSW-W1tgTYz6G_v4GW6yyvlX5DwHj0W7bMMxb6k7d3KW35FHqm8s61b-Mjq-wcGGw0YN6dBcdQl4VvlN7Gjys9mr78bW1pLvh56WjkZvW4dqWCz76tNmCVNNMrj8Dy1m4N6Y1SvQBTl43N80LV8PRxLFMN3YSw7-zY4fpW3yncNK688QHDW6y7Gjp3Dhvc9VZVQhX4Hr8bmW5hwpqt4xZVjhW6wnDV71Qh0B0W5LlFkD6GQ07bW4LxK613cpCCgF2_jjb7VsLNW1SbWc-70LKyFW4c9zxJ2gFHtVW8jT8pn7F9jVDW1XHjW1690yCDW1d_pmS7K1Mk5N4bFTqymh3McW5zD6962mqZlGW7qLTd_7x_6BGW939cQt86YJfkW95GZQH5tMS0tf2-LF-s04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:265b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
false
cf-cache-status
DYNAMIC
cf-ray
84060bc24a16036e-FRA
content-encoding
br
content-type
text/html;charset=utf-8
date
Thu, 04 Jan 2024 19:56:38 GMT
referrer-policy
no-referrer
server
cloudflare
vary
origin
x-content-type-options
nosniff
x-envoy-upstream-service-time
13
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/event-tracking-td/envoy-proxy-cb48dccbd-29755
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
cd11af03-a4de-45c2-9742-7d2df14dc3d4
x-request-id
cd11af03-a4de-45c2-9742-7d2df14dc3d4
x-robots-tag
none
Primary Request /
terranovasecurity.com/gone-phishing-tournament/
Redirect Chain
  • https://cq4wg04.na1.hs-sales-engage.com/events/public/v1/encoded/track/tc/RF+23284/cq4WG04/JjT5fj_kW50kH_H6lZ3pMW7TwDKz1CPSW-W1tgTYz6G_v4GW6yyvlX5DwHj0W7bMMxb6k7d3KW35FHqm8s61b-Mjq-wcGGw0YN6dBcdQl4...
  • https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
237 KB
35 KB
Document
General
Full URL
https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Requested by
Host: cq4wg04.na1.hs-sales-engage.com
URL: https://cq4wg04.na1.hs-sales-engage.com/Ctc/RF+23284/cq4WG04/JjT5fj_kW50kH_H6lZ3pMW7TwDKz1CPSW-W1tgTYz6G_v4GW6yyvlX5DwHj0W7bMMxb6k7d3KW35FHqm8s61b-Mjq-wcGGw0YN6dBcdQl4VvlN7Gjys9mr78bW1pLvh56WjkZvW4dqWCz76tNmCVNNMrj8Dy1m4N6Y1SvQBTl43N80LV8PRxLFMN3YSw7-zY4fpW3yncNK688QHDW6y7Gjp3Dhvc9VZVQhX4Hr8bmW5hwpqt4xZVjhW6wnDV71Qh0B0W5LlFkD6GQ07bW4LxK613cpCCgF2_jjb7VsLNW1SbWc-70LKyFW4c9zxJ2gFHtVW8jT8pn7F9jVDW1XHjW1690yCDW1d_pmS7K1Mk5N4bFTqymh3McW5zD6962mqZlGW7qLTd_7x_6BGW939cQt86YJfkW95GZQH5tMS0tf2-LF-s04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Next.js
Resource Hash
dee0df4033fccdefe604c08abcabfcb051cd399297a062bf06bd7e31f81ffb16
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cq4wg04.na1.hs-sales-engage.com/Ctc/RF+23284/cq4WG04/JjT5fj_kW50kH_H6lZ3pMW7TwDKz1CPSW-W1tgTYz6G_v4GW6yyvlX5DwHj0W7bMMxb6k7d3KW35FHqm8s61b-Mjq-wcGGw0YN6dBcdQl4VvlN7Gjys9mr78bW1pLvh56WjkZvW4dqWCz76tNmCVNNMrj8Dy1m4N6Y1SvQBTl43N80LV8PRxLFMN3YSw7-zY4fpW3yncNK688QHDW6y7Gjp3Dhvc9VZVQhX4Hr8bmW5hwpqt4xZVjhW6wnDV71Qh0B0W5LlFkD6GQ07bW4LxK613cpCCgF2_jjb7VsLNW1SbWc-70LKyFW4c9zxJ2gFHtVW8jT8pn7F9jVDW1XHjW1690yCDW1d_pmS7K1Mk5N4bFTqymh3McW5zD6962mqZlGW7qLTd_7x_6BGW939cQt86YJfkW95GZQH5tMS0tf2-LF-s04
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
s-maxage=31536000, stale-while-revalidate
cf-cache-status
DYNAMIC
cf-ray
84060bc5fe1b18c9-FRA
content-encoding
br
content-security-policy
default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
content-type
text/html; charset=utf-8
date
Thu, 04 Jan 2024 19:56:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=() accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
referrer-policy
strict-origin-when-cross-origin strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sAd6sIHqkNiMkto6nzxFjwqy5R47%2FFkJ8FfheofLX9wLLYzVkSbWYRjAGPmy10Fk4aVvBZ8AkZN4LHaPyOXEqCqJUEmBjfB7FqwFLtyDbOLigvL%2F1wv7Q0u4EF9DA9k4C%2FG1EmjUZ5BQ3yZqXka7N%2B56%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubdomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-nextjs-cache
HIT
x-powered-by
Next.js
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-credentials
false
cf-cache-status
DYNAMIC
cf-ray
84060bc47cec036e-FRA
date
Thu, 04 Jan 2024 19:56:38 GMT
link
<https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot>; rel="canonical"
location
https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
referrer-policy
no-referrer
server
cloudflare
vary
origin
x-content-type-options
nosniff
x-envoy-upstream-service-time
38
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/event-tracking-td/envoy-proxy-cb48dccbd-5klft
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
508ae02e-45a4-446b-b330-f421dfddd2b5
x-request-id
508ae02e-45a4-446b-b330-f421dfddd2b5
x-robots-tag
none
themify-icons.css
cdn.jsdelivr.net/themify-icons/0.1.2/css/
16 KB
3 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/themify-icons/0.1.2/css/themify-icons.css
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f20e3068b2556a765a281d38b6fca12aed826607acea90394947a5640bb1ff55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4638863
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230131-FRA
server
cloudflare
etag
W/"4013-0RRdO5d1h6ftOnc3gS/c8qeWiyM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xJ6Gs9DNeNNTYG3OuC0uPgEqc3xSKbnxqozFd4PUNg5VuknQcPIpjtb5DZ0ygXEigk%2BOry2eQu94glfgnKZG7Jzc%2F1JlLMJQhDtOjqw9t4UUy8xxOT0l7pNlj1BZQTNOaLhE6llqKIl3nq7tocs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
84060bc92c7f3667-FRA
notice
consent.trustarc.com/
14 KB
6 KB
Script
General
Full URL
https://consent.trustarc.com/notice?domain=helpsystems.com&c=teconsent&gtm=1&text=true&pn=1-0&cookieLink=https://www.fortra.com/cookie-policy&privacypolicylink=https://www.fortra.com/privacy-policy
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-49.fra60.r.cloudfront.net
Software
/
Resource Hash
8f1204818d886023bc6c9bf15eb8827ffe983fe3f48a3784ac52fda86ec0083c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:42:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
820
x-cache
Hit from cloudfront
cloudfront-viewer-country
DE
content-length
5428
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
text/javascript;charset=UTF-8
cache-control
max-age=3600
timing-allow-origin
*
x-amz-cf-id
WXfLwV2K470nz7icQPXJadymC2V52MIzY_AU6h-4pvldZpO_OOLQpA==
expires
Thu, 04 Jan 2024 20:42:59 GMT
f85e205b9211a305.css
terranovasecurity.com/_next/static/css/
1 MB
161 KB
Stylesheet
General
Full URL
https://terranovasecurity.com/_next/static/css/f85e205b9211a305.css
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f60fef6529a81a918a89aeb56613e47bf51742e811700402c178f354ddd73368
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy
default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
age
2575528
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified
Tue, 05 Dec 2023 22:26:50 GMT
server
cloudflare
etag
W/"13d9a2-18c3c17535d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mklTPu7SVONd6pXEwWFz3Qbf63cGKUaiykzS4i%2FnXbz9zInUSAiZ60BXi7tIwgo3fW5Wr1BwSreO2FO8bFBAabnT5PLjzJXHOY%2F2FBOJkvX7jVjwnk5MVjpVi2Ij0wYM0tIOreN6K0yYTySslBsBSiZxGA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
cf-ray
84060bc8d8dc18c9-FRA
d2ff839667d4002a.css
terranovasecurity.com/_next/static/css/
13 KB
4 KB
Stylesheet
General
Full URL
https://terranovasecurity.com/_next/static/css/d2ff839667d4002a.css
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8007583d9447b0cdcc4f56931c615aace3a71b19702231bcfb16e4ecab02b265
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy
default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
age
2575528
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified
Tue, 05 Dec 2023 22:26:50 GMT
server
cloudflare
etag
W/"34d0-18c3c17535d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=35qZ5ncS76y%2FV04ztSdtM%2B%2FI%2Fl7shVQrMBKKaFAigEFT%2FIH4lxaJYHVBZtz0hZnMy0c4IEXFXAjKV6%2FFBdBSqNgrE3VWBSjzsnyBNtHodBBN%2BPXIS3iho%2FtG9%2BgjJMqhsgmODHwuPm02d%2BNVHQvRcJAJMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
cf-ray
84060bc8d8df18c9-FRA
webpack-38cee4c0e358b1a3.js
terranovasecurity.com/_next/static/chunks/
2 KB
3 KB
Script
General
Full URL
https://terranovasecurity.com/_next/static/chunks/webpack-38cee4c0e358b1a3.js
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e92a1c5827b02b976fdd931b13ee9f09d45d31db0edbaadf03ca82b96e9a5a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy
default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
age
2575528
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified
Tue, 05 Dec 2023 22:26:50 GMT
server
cloudflare
etag
W/"6a4-18c3c175361"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pTV9VhA%2BdF9wtbvAs%2B6YJiFIDs%2BXhQznp35E%2FBWAmlt1e%2FCtwo3HIr9Ry8iFjfkHQGDbwn9vdF231ZqkrI%2FDewj9SgCUbJjCWidMisTyItjGjYtBmy7AW1ySPo2KRDOXhXE9syxyIGmu4cHEuzHT9sl76g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
cf-ray
84060bc99fd4190b-FRA
framework-caa50651a91d07b1.js
terranovasecurity.com/_next/static/chunks/
127 KB
45 KB
Script
General
Full URL
https://terranovasecurity.com/_next/static/chunks/framework-caa50651a91d07b1.js
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3707b6549f3877b7397dd6b4b168742deaccaf321dc930704c1843228fba2a4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy
default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
age
2575527
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified
Tue, 05 Dec 2023 22:26:50 GMT
server
cloudflare
etag
W/"1fc11-18c3c175361"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJ4c0Alo%2BRBh%2F7t%2BMR1A4XcuI0dr8E95T9GLTCGm3VGKn6gmOuknAc1ix9MzqzP0XEAJDiQtjAZBD6TvxeCc9Lkez0D0P7McLbn5OIOzkt%2FiJF21rT4whFVJiELuPAXy%2Filti2YE5MA9QzT90KdfOTt7hw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
cf-ray
84060bc99fd5190b-FRA
main-ec88316ff67b2a6d.js
terranovasecurity.com/_next/static/chunks/
117 KB
38 KB
Script
General
Full URL
https://terranovasecurity.com/_next/static/chunks/main-ec88316ff67b2a6d.js
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cce1bef48b3bf7fd4bfdd0cad214e7aff14758b79cbef56537fbc9bbf7dddc7
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy
default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
age
2575527
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified
Tue, 05 Dec 2023 22:26:50 GMT
server
cloudflare
etag
W/"1d5c7-18c3c17535d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWhGtakJPCFjAep1SNsyr0DV1Uc%2BHVyzBNm4F7j%2FdntazAoWOeatcaftodfV3os2Rw1Cw9%2BXokboyHJaEvXeZFQ%2B%2FLA2BOAC7RrrELFo9UcrpbtWqaBEzu7DXnbv6P7YzcgL0cUNMQJ4%2Bmr7jJYSiOy8OA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
cf-ray
84060bc99fd6190b-FRA
_app-638328fc91092ed1.js
terranovasecurity.com/_next/static/chunks/pages/
62 KB
23 KB
Script
General
Full URL
https://terranovasecurity.com/_next/static/chunks/pages/_app-638328fc91092ed1.js
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41fb8d5a1d31b2c1414f677d1e6e5b6dc0163818018b5a0c1a094ca8ac3064c8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy
default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
age
2575528
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified
Tue, 05 Dec 2023 22:26:50 GMT
server
cloudflare
etag
W/"f715-18c3c17535d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1n2Q0B14EO8xGnFvMr5Upa9Us%2FyCcqCqXtPTKqGCjnbRNThwagmaIvws65zdW9EflrDCPKrjzu9O0%2BjWFFJeNULengMR8q2kQdl748lPbATFmyq5BjPNc9vjNXZgQZOtyJXHT%2BH0o3uNTUOwwLj7sZJILA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
cf-ray
84060bc99fd8190b-FRA
363-e1e6bada824b96ac.js
terranovasecurity.com/_next/static/chunks/
572 KB
155 KB
Script
General
Full URL
https://terranovasecurity.com/_next/static/chunks/363-e1e6bada824b96ac.js
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf8b177dd324a72d23a77126badfdc81f18b7a59c7f7c4ba1e9f3c96a71fd531
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy
default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
age
2575528
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified
Tue, 05 Dec 2023 22:26:50 GMT
server
cloudflare
etag
W/"8f1d2-18c3c175361"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nuZPzOtLZE5AzlgnzKGzgsEJsqi32%2BppRy9xtxy1gt83MDA9ITvslqhzFo0inT6PThf833kt4PIJAmfWT9AUs8pk3dVDkZfnZrberorq%2B%2FBnxypkt5Bd6SN6ml%2BZw82dpPEPefZynr60Wf5XI6HJh%2FkHAw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
cf-ray
84060bc99fd9190b-FRA
%5B%5B...page%5D%5D-d72f473945786026.js
terranovasecurity.com/_next/static/chunks/pages/
162 KB
39 KB
Script
General
Full URL
https://terranovasecurity.com/_next/static/chunks/pages/%5B%5B...page%5D%5D-d72f473945786026.js
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39a1a1948bd1639798e87cd62a7375f5c0393ea7f2b76f3137db58b8817cd873
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy
default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
age
824476
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified
Mon, 25 Dec 2023 15:52:05 GMT
server
cloudflare
etag
W/"28775-18ca1ad1b82"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PqQBcpKBDXc2fMdBKFErxO4rpW7DPetetNXXv86OLtMAv4CdZFserpYuCrttddZEPw8Mm7j1eE4sy7dI2Dm5%2FohUFvsilG%2BeP19xr7LzXKeCrdue3JSW%2BQxzXbPZp1eMD8aC7RfOZt%2B0G2%2FD3joUHxSZSg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
cf-ray
84060bc99fda190b-FRA
_buildManifest.js
terranovasecurity.com/_next/static/x3BA_F7w7Ycm7SusPftQ0/
862 B
3 KB
Script
General
Full URL
https://terranovasecurity.com/_next/static/x3BA_F7w7Ycm7SusPftQ0/_buildManifest.js
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c339c3965ea8715fb47e9087f632ceff2769a8c41ea49098ae02a02394aa46ea
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy
default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
age
85418
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified
Wed, 03 Jan 2024 19:59:57 GMT
server
cloudflare
etag
W/"35e-18cd0e944fa"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GBLCfHiorEH1VV9rPTLHkz%2FmoCh991F1fcMGT2Uh5B8X%2BqcMu%2BuYBOAN2iIQtb2YU28YUujS4I8likymxDVfBdTnJ0caiVZhUDEEmhR93xkCA8%2FVHLTLWjD0TPLci7xtrvpuQ55aB03KjoY204BKIEfqmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
cf-ray
84060bc99fdb190b-FRA
_ssgManifest.js
terranovasecurity.com/_next/static/x3BA_F7w7Ycm7SusPftQ0/
99 B
2 KB
Script
General
Full URL
https://terranovasecurity.com/_next/static/x3BA_F7w7Ycm7SusPftQ0/_ssgManifest.js
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
110d161aa5999066042d12f7cd25b37043af32363e703125ccb5d03f0f27fa60
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy
default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
age
85418
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified
Wed, 03 Jan 2024 20:05:35 GMT
server
cloudflare
etag
W/"63-18cd0ee6aec"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XcXY19fXHmEBn7hB9C1mxOoGyo19i5sP9%2FjNIcWa2e1iPDH%2BHTWbd9F4n4IJAFLjLGZ4whtQhpv3IeXTge%2FjANnI8tk2%2B4%2Fim4pcY7HLiJF08PA6GIU1YpEIe67ulevkMBY08XO7B4ay5ReEnKQ9zcOuNA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
cf-ray
84060bc99fdc190b-FRA
fta-terranova-security-light-no-padding.png
terranovasecurity.com/wp-content/uploads/2023/05/
7 KB
9 KB
Image
General
Full URL
https://terranovasecurity.com/wp-content/uploads/2023/05/fta-terranova-security-light-no-padding.png
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1feb1702e51b432160dcfb04b2c55eb6822cc0d77f13a0273f41d60d96d6853
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy
default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
age
4175
cf-polished
origFmt=png, origSize=16161
content-disposition
inline; filename="fta-terranova-security-light-no-padding.webp"
alt-svc
h3=":443"; ma=86400
content-length
6994
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified
Thu, 04 May 2023 20:39:37 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"64541809-3f21"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13wM5aa0JhMmQnrr4ATy8MsHDCE6rbUJT1nw%2BwvWr5j5GOA3YVLGj5bjbkKqAusiMlGiT6uWTTQ%2BV5HzBsJ8W98ECBw5RC3hyyZeoz2N6jDxGle1EeudbmGm1xNkM3GyJF8jFEBSMrwWa1j9Obf%2B2Wdmfg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=16070400
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges
bytes
cf-ray
84060bc8d8e118c9-FRA
bars-solid.svg
terranovasecurity.com/images/
569 B
662 B
Image
General
Full URL
https://terranovasecurity.com/images/bars-solid.svg
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1846f7f9ed8915e7c3c7741661a7e58fbfa5faf95070c18fcc70333542bce6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
820
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified
Fri, 28 May 2021 15:30:42 GMT
server
cloudflare
etag
W/"60b10ca2-239"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jdzP1IAfNJP256HIFQEccHRxJ1njxloP3Uq3bpyI%2BSLR4LzF0D89iqf7fmQPmPFPkUgKAAWPMdN8KBS1ckXbSaxs0VeCbk3%2F06t%2BRPi%2BQzCHKNwzzjxmy%2B89yoyBAlPjn5DFEdkDHQf3CC2TANrfr%2F0IyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=16070400
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
cf-ray
84060bc8d8e218c9-FRA
GPT-logo-Dark.png
terranovasecurity.com/wp-content/uploads/2023/06/
5 KB
8 KB
Image
General
Full URL
https://terranovasecurity.com/wp-content/uploads/2023/06/GPT-logo-Dark.png
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2947b7c9d5a0b64a03dc4e7740d819db8d6ce3203a0a056a05c7f456cffc7cd3
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy
default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
age
617
cf-polished
origFmt=png, origSize=12175
content-disposition
inline; filename="GPT-logo-Dark.webp"
alt-svc
h3=":443"; ma=86400
content-length
5410
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified
Wed, 14 Jun 2023 15:42:13 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"6489dfd5-2f8f"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e5w0%2FcJqoNZDLe9mC36%2F%2FukPGiLYBOxNsWTz2pXQyFmWEkJEYpW8%2BstLZUk1m7Lc3GjiC6wKLk6trhVrb6X1EI5YLpy%2BDyjhKMLbYt0yowTvIQtvf%2Bgbwwk0KH1kZ9X3HVq0lDk2CX9npkOChnSy9AotYA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=16070400
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges
bytes
cf-ray
84060bc93f88190b-FRA
Microsoft-smaller-300x134.png
terranovasecurity.com/wp-content/uploads/2020/04/
2 KB
5 KB
Image
General
Full URL
https://terranovasecurity.com/wp-content/uploads/2020/04/Microsoft-smaller-300x134.png
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5ba900cd5cf929170a2faa841b526060c9004467d21a16a8ae044bd340b60b9
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy
default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
cf-polished
origFmt=png, origSize=2841
content-disposition
inline; filename="Microsoft-smaller-300x134.webp"
alt-svc
h3=":443"; ma=86400
content-length
2414
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified
Thu, 16 Sep 2021 12:31:41 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"6143392d-b19"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lqcv9sJOk9pX6ZP2YSjSvF5f8vYrvh%2B%2BZ%2BP7ImMMpHs8lpwpvKChLuL2R6%2Fht3GQQDomgdZF5O0RhiVewJeEVok0C%2Fwm9ucfvWO7QJWO%2Fyy205PkrLEulqH9Pg80oQ8TFFf70TTb1VNVN9RheCfE0eMhZA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=16070400
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges
bytes
cf-ray
84060bc96fa7190b-FRA
Email-phishing.png
terranovasecurity.com/wp-content/uploads/2023/03/
726 B
3 KB
Image
General
Full URL
https://terranovasecurity.com/wp-content/uploads/2023/03/Email-phishing.png
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ce2638addfb0f00f88b2a05d5d420c535045d0d52d30ec9d278242858142e30
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy
default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
cf-polished
origFmt=png, origSize=1886
content-disposition
inline; filename="Email-phishing.webp"
alt-svc
h3=":443"; ma=86400
content-length
726
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified
Thu, 23 Mar 2023 15:35:36 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"641c71c8-75e"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ukc3NPGnjUIqkIGvy%2BLOSuLIQ36vbE9W9VE1CFIHPgd%2Btjnb48fuCGENpbpQiZcNrtz5Jrz9tRFua%2FXn5iKoz7mjA6iWrRE1azh%2Bd%2B4fsqoGodLHSbTY8qN%2BhVrwg4xzdt8eeBwZ3mQJeRFfDZssPuuw6w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=16070400
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges
bytes
cf-ray
84060bc99fdf190b-FRA
discovery.png
terranovasecurity.com/wp-content/uploads/2023/06/
638 B
3 KB
Image
General
Full URL
https://terranovasecurity.com/wp-content/uploads/2023/06/discovery.png
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddb3630a75fbd3d11638406782bc5794dc9b688e6d507687ac32ec0d1dcf98b8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy
default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
cf-polished
origFmt=png, origSize=1550
content-disposition
inline; filename="discovery.webp"
alt-svc
h3=":443"; ma=86400
content-length
638
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified
Thu, 15 Jun 2023 14:56:52 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"648b26b4-60e"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tk%2FWlXvVEyBkRx1hvSpNFMnf4V1YBsFQUIKQxzDNh5ig%2B9Xzf0mBCt5%2B5ffxIofVAeHky1lruOsJN3GqJpCiayaAxwfQkQW7ub0A6WTff6dtXNteVQSeGiL5NZIrmKFUUBFj0zQJ96ibQnmdTJw%2FrCqBEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=16070400
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges
bytes
cf-ray
84060bc99fe0190b-FRA
compare.png
terranovasecurity.com/wp-content/uploads/2023/06/
1010 B
3 KB
Image
General
Full URL
https://terranovasecurity.com/wp-content/uploads/2023/06/compare.png
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe6b0268fa234e4e2daef6e97043f6e1bd5715563c15b168f8cd2b1275b0044e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy
default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
cf-polished
origFmt=png, origSize=2398
content-disposition
inline; filename="compare.webp"
alt-svc
h3=":443"; ma=86400
content-length
1010
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified
Thu, 15 Jun 2023 14:52:11 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"648b259b-95e"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJHaQrMzFXcu6jDKPBHeQerJH3NMDIcfoAYHloQeCC5cRy%2F%2BJ060gLpj9eGTusoyIFPb9f%2FB05w988UkNtMPNr3LEna1h%2FAdRmj%2BIhIzO%2B7FAyR4p4Ip1cus02WnuS9noZ0Un0uxjDXc%2FPmNsthFBAkT%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=16070400
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges
bytes
cf-ray
84060bc99fe2190b-FRA
v2.js
js.hsforms.net/forms/embed/
485 KB
154 KB
Script
General
Full URL
https://js.hsforms.net/forms/embed/v2.js
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc2e1c7db0ffa63e5333bc3771c96bf5c5d704332d79dfcfbff8bc16187b1abf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-encoding
br
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.4371/bundles/project-v2.js&cfRay=84060bc9ef096913-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"982d8d22d576c26eb044b0e746926bef"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
forms-embed/static-1.4371/bundles/project-v2.js
date
Thu, 04 Jan 2024 19:56:39 GMT
x-amz-version-id
wkCPEW5SoVMi9CoHH5BglhAxVEpTVVPC
via
1.1 36b04143ac1626bb30bb225fb2cccb1e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
1bb7b1d7-e281-4bd4-ba93-01b147da5b85
x-cache
Hit from cloudfront
cache-tag
staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
1bb7b1d7-e281-4bd4-ba93-01b147da5b85
last-modified
Wed, 20 Dec 2023 09:57:15 UTC
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v5dR9w6Z96PK1R4mKMqLRvo507z3hYKlUlzSh2zp1v%2FCD%2B48qQNnz6GpfkLKVyDrYOKln4riEI7YM0kV%2BOxaLfeIMg7%2B9sPfLu7DQ7JqXDC8FinMRK8voekTZBCkhLnBz0cEUo6PkvvwrGLR"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-798df77cc5-qqq7r
cf-ray
84060bc9ef096913-FRA
x-amz-cf-id
vxe2GJjuZgTe4fsgb4cXs3cf4Drb6vZs95a_gC5WE0jWTXwlcTxKxw==
3478499.js
js.hs-scripts.com/
2 KB
1 KB
Script
General
Full URL
https://js.hs-scripts.com/3478499.js
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:bd59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2445c90e6572ef480b5559f6a4f1e0f6535ea625557d26887bfe3291c6b5abd2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
d358527d-312c-4f16-afa1-d8c2f93442c3
x-envoy-upstream-service-time
161
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
d358527d-312c-4f16-afa1-d8c2f93442c3
last-modified
Thu, 04 Jan 2024 19:14:27 GMT
server
cloudflare
x-trace
2BC343DC33CF2E18F4B42539DF99858AA177FED29C000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://terranovasecurity.com
x-evy-trace-virtual-host
all
cache-control
public, max-age=60
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-57d4fb94bb-whxnj
cf-ray
84060bc9ef2c4dcb-FRA
expires
Thu, 04 Jan 2024 19:57:39 GMT
v1.7-4543
consent.trustarc.com/asset/notice.js/v/
89 KB
26 KB
Script
General
Full URL
https://consent.trustarc.com/asset/notice.js/v/v1.7-4543
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=helpsystems.com&c=teconsent&gtm=1&text=true&pn=1-0&cookieLink=https://www.fortra.com/cookie-policy&privacypolicylink=https://www.fortra.com/privacy-policy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-49.fra60.r.cloudfront.net
Software
/
Resource Hash
8f4a6fb3381557f58b402871de7c549a784aaffc6b4306825570c4013c406c01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://terranovasecurity.com/
Origin
https://terranovasecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:33:44 GMT
content-encoding
gzip
via
1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P2
age
1375
x-cache
Hit from cloudfront
pragma
public
last-modified
Tue, 12 Dec 2023 03:59:38 GMT
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
UlmvH21WfXRzNJcSW_CjJTkZ4tGjcljLWCw_sJ6ArTFQAbJIJ6o54Q==
expires
Sat, 03 Feb 2024 19:33:44 GMT
log
consent.trustarc.com/
43 B
429 B
Image
General
Full URL
https://consent.trustarc.com/log?domain=helpsystems.com&country=de&state=&behavior=expressed&session=e904d75e-49c2-44da-8bb1-d1e909d13966&userType=NEW&c=53e2&referer=https://terranovasecurity.com
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-49.fra60.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 19:56:39 GMT
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P2
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
uEpl7aoDasqpND7GmL1yUJCbSpr7ika2HMVMKco5Bpe4Mivf8MKPAQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
gtm.js
www.googletagmanager.com/
300 KB
99 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KVH26CK
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
85d0155fde780562199bb733cb6a02ad9dbcaabb99b3c5f134499e11fc0cfbac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100854
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 04 Jan 2024 19:56:39 GMT
roundtrip.js
s.adroll.com/j/YZJZ3MVNCZDDFHWIXHLWUO/
84 KB
26 KB
Script
General
Full URL
https://s.adroll.com/j/YZJZ3MVNCZDDFHWIXHLWUO/roundtrip.js
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:f800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d8d5dc8bc1a7fd19740f0b72b44c0054d53a693d9887f01b2b50924dc74ef7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

X-Amz-Version-Id
x9xtsH4gP0WtsYyHtz86gT6eGTED4X6L
Content-Encoding
gzip
Via
1.1 fca814089bc9a82fba87ce0548f9f358.cloudfront.net (CloudFront)
Date
Thu, 04 Jan 2024 19:29:33 GMT
Age
1627
X-Amz-Cf-Pop
FRA60-P6
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Tue, 02 Jan 2024 12:02:42 GMT
Server
AmazonS3
Etag
W/"3cdb6ef605bb7e35e771d9f76f84bc59"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
CQ5cfKk1sz6-9mQxvleFRVguj5kJuWJ6wWmfmo_DREzxdnUSFXuXPQ==
i12p9inb16
linoma.wistia.com/embed/iframe/ Frame A0AD
10 KB
4 KB
Document
General
Full URL
https://linoma.wistia.com/embed/iframe/i12p9inb16
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-9.fra60.r.cloudfront.net
Software
envoy /
Resource Hash
03e94e0bf26854c84af27e8d35f0802ed296a20e53930a321fb5eed3ad296bac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://terranovasecurity.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
public, no-cache
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 04 Jan 2024 19:56:39 GMT
etag
W/"03e94e0bf26854c84af27e8d35f0802e"
server
envoy
surrogate-control
max-age=89692, stale-while-revalidate=2629746, stale-if-error=2629746
surrogate-key
account_33597 media_i12p9inb16 git-sha_f152eaaf3213294469c8e6bd097b537fa3ac56a3
timing-allow-origin
*
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
via
1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-amz-cf-id
x4nt4D0zV2V1AroDlCtjnmgWGa4Dalh5yCXjN0AqZ2ZxNUcWuZGmZA==
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-envoy-upstream-service-time
83
x-permitted-cross-domain-policies
none
x-request-id
fae41798-01a0-4ea3-b63b-b3d010a51878
x-runtime
0.081055
get
consent.trustarc.com/ Frame BADA
2 KB
1 KB
Document
General
Full URL
https://consent.trustarc.com/get?name=crossdomain.html&domain=helpsystems.com
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=helpsystems.com&c=teconsent&gtm=1&text=true&pn=1-0&cookieLink=https://www.fortra.com/cookie-policy&privacypolicylink=https://www.fortra.com/privacy-policy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-49.fra60.r.cloudfront.net
Software
/
Resource Hash
093d12d8b3568fe7d205eab6a5ceb766772d6018aebe44d3e16f9e85fb7ab68e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://terranovasecurity.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2109
cache-control
max-age=2592000
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 04 Jan 2024 19:21:30 GMT
expires
Sat, 03 Feb 2024 19:21:30 GMT
pragma
public
strict-transport-security
max-age=31536000; includeSubDomains
timing-allow-origin
*
vary
Origin
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
x-amz-cf-id
QABHZplPsun9QJjPJrwfvzQ-bOb8pob7esGnaewdke88hIX3oKk1Uw==
x-amz-cf-pop
FRA60-P2
x-cache
Hit from cloudfront
GPT2021-01-02-v2.png
terranovasecurity.com/wp-content/uploads/2021/08/
21 KB
23 KB
Image
General
Full URL
https://terranovasecurity.com/wp-content/uploads/2021/08/GPT2021-01-02-v2.png?id=16745
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
582312671c1cec4e87573ea6184203bb18c3a7041185b6a36cca3e7c27eb6fa5
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy
default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
cf-polished
origFmt=png, origSize=62469
content-disposition
inline; filename="GPT2021-01-02-v2.webp"
alt-svc
h3=":443"; ma=86400
content-length
21610
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified
Thu, 16 Sep 2021 12:31:42 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"6143392e-f405"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6g0nfrMrwyxgBV3RcLQZ4MPUDYvroQf6pCghDJXJXh3d3fG1AgdY5Lsayn%2FskN941gEWKkJeK8zHxW1LxfVS%2BnXEh0Q3q%2FajD6kUFZdYieLDXNIEsSkxlXvRMmQr5kAC%2F4%2F1GqcynZiGIvBADMNMU4xhGg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=16070400
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges
bytes
cf-ray
84060bc9d812190b-FRA
GPT2021-03.png
terranovasecurity.com/wp-content/uploads/2021/07/
6 KB
9 KB
Image
General
Full URL
https://terranovasecurity.com/wp-content/uploads/2021/07/GPT2021-03.png?id=16540
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ced9fbf86e42c644ddeee02369670ae0f53f29c14329995ce7fa2c4990f1944
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy
default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
cf-polished
origFmt=png, origSize=22448
content-disposition
inline; filename="GPT2021-03.webp"
alt-svc
h3=":443"; ma=86400
content-length
6458
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified
Thu, 16 Sep 2021 12:31:42 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"6143392e-57b0"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMUachp8GYrUsyM5gcoi9GCYLxPgr52%2BV505vhBjPz9XUym9L%2Bxy5Nb%2FHM3ph1i8UkdNvxXDdjUXKpthVkVbOiTtDoWoRuvGlXD0DHpvV96XQT%2BtiMjrxILBmNcm4pKWbdpBZyO5C%2FczPxuicnPKADO%2FrA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=16070400
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges
bytes
cf-ray
84060bc9d813190b-FRA
GPT2021-04-v2.png
terranovasecurity.com/wp-content/uploads/2021/08/
54 KB
56 KB
Image
General
Full URL
https://terranovasecurity.com/wp-content/uploads/2021/08/GPT2021-04-v2.png?id=16720
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69acca11059cff03689fc1ef78f725332a3422ded420aa165bb542366a0b9a1d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy
default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
cf-polished
origFmt=png, origSize=118450
content-disposition
inline; filename="GPT2021-04-v2.webp"
alt-svc
h3=":443"; ma=86400
content-length
54988
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified
Thu, 16 Sep 2021 12:31:42 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"6143392e-1ceb2"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LCpXKq7d9ZOJVrqVfs3vSK3yDAPMdlvCID4UZvMHNugiijHjlHDvMoWQgJKy%2Bdhj8f8x7nRYdWfpzICLYJrPkIestS4frl%2BOHpbcl0PcFgl4YmVFd4TmJetG8ek2IEBYKxy8J%2F4ohFJvHCDw0YWiCSHk4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=16070400
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges
bytes
cf-ray
84060bc9d817190b-FRA
GPT2021-05-06.png
terranovasecurity.com/wp-content/uploads/2021/08/
126 KB
129 KB
Image
General
Full URL
https://terranovasecurity.com/wp-content/uploads/2021/08/GPT2021-05-06.png?id=16717
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dda19c1e412eb233a8fe7a0d9033b45f658865683a90b8a860b8e1700d845475
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy
default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
cf-polished
origFmt=png, origSize=310518
content-disposition
inline; filename="GPT2021-05-06.webp"
alt-svc
h3=":443"; ma=86400
content-length
129520
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified
Thu, 16 Sep 2021 12:31:42 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"6143392e-4bcf6"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6HARHb%2F2hylUct%2FJ9dU7syD5q20y%2Fc%2BY9O%2Fx8UqR4GW%2FbQm0AzAhdcX1Kg9hsKpEZD0bn%2F6G3HCqSssXrxVhe3ebK3E1JqMqlbCYqVEXSEbR%2F6UgcF3j4foX2nbh%2BcRRvTZLwxsJMBjXmKediJZ7h3ih8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=16070400
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges
bytes
cf-ray
84060bc9d818190b-FRA
fontawesome-webfont.e9955780.woff2
terranovasecurity.com/_next/static/media/
75 KB
78 KB
Font
General
Full URL
https://terranovasecurity.com/_next/static/media/fontawesome-webfont.e9955780.woff2
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/_next/static/css/f85e205b9211a305.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://terranovasecurity.com/_next/static/css/f85e205b9211a305.css
Origin
https://terranovasecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy
default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
age
1252084
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified
Wed, 20 Dec 2023 16:38:23 GMT
server
cloudflare
etag
W/"12d68-18c8817b0e7"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JRGwalIpFGmGeSXhZOgcwA2vOX7TkPo4K%2Bd9cuFiCKOds7DJ9FfxL0OAhCv%2FAFRbbrHoojoFP9sXuOhwNqKKq4Nm0dmG7KolXVSu5gKHYgVKrHq3mIDL7r4iwzWJYCrewclhPNpCfYDZXoXv5hZoDepk4g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
cf-ray
84060bc9d81d190b-FRA
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://terranovasecurity.com/
Origin
https://terranovasecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 00:43:34 GMT
x-content-type-options
nosniff
age
241985
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:07:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jan 2025 00:43:34 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://terranovasecurity.com/
Origin
https://terranovasecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:51:33 GMT
x-content-type-options
nosniff
age
219906
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:10:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jan 2025 06:51:33 GMT
fa-solid-900.ce4938a3.woff2
terranovasecurity.com/_next/static/media/
153 KB
155 KB
Font
General
Full URL
https://terranovasecurity.com/_next/static/media/fa-solid-900.ce4938a3.woff2
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/_next/static/css/f85e205b9211a305.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://terranovasecurity.com/_next/static/css/f85e205b9211a305.css
Origin
https://terranovasecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy
default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
age
2575527
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified
Tue, 05 Dec 2023 22:26:50 GMT
server
cloudflare
etag
W/"26350-18c3c175351"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MI3PPdx2sSgZZ3j5Z%2BAL8aWzV%2FDJ7WjkDeeQfqzBM9Susr2SPNQPucV3MjZH1BZHfG%2BzEZ1sPrbnYkmCp%2B9MhFCgFXLlzdJNPu%2FEoS2TI4Nr1zpqtzMO8bn3z9Spjo8g3hs1NAcfd3gBTDozieSyLjKEHw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
cf-ray
84060bc9d822190b-FRA
themify.woff
cdn.jsdelivr.net/themify-icons/0.1.2/fonts/
55 KB
55 KB
Font
General
Full URL
https://cdn.jsdelivr.net/themify-icons/0.1.2/fonts/themify.woff
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/themify-icons/0.1.2/css/themify-icons.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/themify-icons/0.1.2/css/themify-icons.css
Origin
https://terranovasecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3239336
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
56108
x-served-by
cache-fra-eddf8230075-FRA
server
cloudflare
etag
W/"db2c-k5TzW9Kt3SRma3m/w21PnSR8sB0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=863%2B44bBWk4C8NFBnM2uCOT3pU96kx4EEf7IH7Njh8zoaSo90hr6rpyASTybOYqhxOHS3fe%2Fsh0MfLgvjPwozBRVbNraqwtfdpdM1HDIUNnl4qDk91pJV2ZeL%2BvRlsmMgubOgCYk6SiGDfQPmUM%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84060bca0e386946-FRA
pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://terranovasecurity.com/
Origin
https://terranovasecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 17:11:59 GMT
x-content-type-options
nosniff
age
9880
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:10:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Jan 2025 17:11:59 GMT
/
consent-pref.trustarc.com/ Frame 3748
5 KB
3 KB
Document
General
Full URL
https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=notice&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.fortra.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.fortra.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=e904d75e-49c2-44da-8bb1-d1e909d13966&userType=NEW
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-4543
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-15.ams54.r.cloudfront.net
Software
nginx /
Resource Hash
9f565b4cdf200b503b4c09d2e4644a1fbec24230e60b873ab7e09ae969a6fc1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://terranovasecurity.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 04 Jan 2024 19:56:39 GMT
etag
W/"5111-1701856286000"
expect-ct
max-age=86400; enforce;
last-modified
Wed, 06 Dec 2023 09:51:26 GMT
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding Origin
via
1.1 a36403421b18ef7385d5575765e6c414.cloudfront.net (CloudFront)
x-amz-cf-id
XvTEBOzgwpJtFgm-bRWd6nWH0nXcsb-2_G8lAOxeTik3pfISCy223Q==
x-amz-cf-pop
AMS54-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1
noticemsg
consent.trustarc.com/
43 B
431 B
Image
General
Full URL
https://consent.trustarc.com/noticemsg?action=consent&domain=helpsystems.com&behavior=expressed&country=de&language=de&rand=0.8569555631705132&session=e904d75e-49c2-44da-8bb1-d1e909d13966&userType=NEW&referer=https://terranovasecurity.com
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-49.fra60.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 19:56:39 GMT
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P2
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
5WktOEnCwWeSUhwYqtAJZiVUJzVSq3UmOx8g7QNNv_CoStBcUkYiBA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
YZJZ3MVNCZDDFHWIXHLWUO
d.adroll.com/consent/check/
494 B
979 B
Script
General
Full URL
https://d.adroll.com/consent/check/YZJZ3MVNCZDDFHWIXHLWUO?pv=13576817922.274942&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&_s=4e8e1b9f12dfeb27122c23561043915a&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/YZJZ3MVNCZDDFHWIXHLWUO/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:410e:c7a0:1d47:ccc0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
7995c4b19f502f2b0c054be39a830264fedc1f95fe0729d2c29e64b80f9ed666

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
application/javascript
pragma
no-cache
date
Thu, 04 Jan 2024 19:56:39 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
494
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
defaultpreferencemanager.nocache.js
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 3748
5 KB
3 KB
Script
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=notice&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.fortra.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.fortra.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=e904d75e-49c2-44da-8bb1-d1e909d13966&userType=NEW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-15.ams54.r.cloudfront.net
Software
nginx /
Resource Hash
7c2fce837c4e93ce939702c1b7cef4e62449752fb52e68ee18ac98a1b7d6a65b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=notice&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.fortra.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.fortra.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=e904d75e-49c2-44da-8bb1-d1e909d13966&userType=NEW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
content-encoding
gzip
via
1.1 a36403421b18ef7385d5575765e6c414.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
AMS54-C1
x-cache
Miss from cloudfront
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 06 Dec 2023 09:51:44 GMT
server
nginx
etag
W/"4867-1701856304000"
expect-ct
max-age=86400; enforce;
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
JEEMbsZG7H8Mc2W83Lav6P_6yNCMRsUbeh084Nq9BFtEW5HtFgOyGw==
expires
Thu, 04 Jan 2024 19:56:38 GMT
get
consent-st.trustarc.com/ Frame 3748
20 KB
5 KB
Script
General
Full URL
https://consent-st.trustarc.com/get?name=combined_static_cm_minified.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=notice&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.fortra.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.fortra.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=e904d75e-49c2-44da-8bb1-d1e909d13966&userType=NEW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-4.cdg50.r.cloudfront.net
Software
/
Resource Hash
f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent-pref.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
public
date
Tue, 26 Dec 2023 15:36:14 GMT
content-encoding
gzip
via
1.1 3975dc95fb3c5fc91da92363a17c96c4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
CDG50-P2
age
793225
vary
Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
hcAguIMKGo6ayQ_JEbX77iIfSBtV-EYJ8qmyyeUOHEse8u7jkh98vw==
expires
Thu, 25 Jan 2024 15:36:14 GMT
loading.gif
consent-pref.trustarc.com/images/ Frame 3748
3 KB
3 KB
Image
General
Full URL
https://consent-pref.trustarc.com/images/loading.gif
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=notice&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.fortra.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.fortra.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=e904d75e-49c2-44da-8bb1-d1e909d13966&userType=NEW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-15.ams54.r.cloudfront.net
Software
nginx /
Resource Hash
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=notice&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.fortra.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.fortra.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=e904d75e-49c2-44da-8bb1-d1e909d13966&userType=NEW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:19:52 GMT
via
1.1 a36403421b18ef7385d5575765e6c414.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
AMS54-C1
age
2208
x-cache
Hit from cloudfront
content-length
2608
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 06 Dec 2023 09:51:26 GMT
server
nginx
etag
W/"2608-1701856286000"
expect-ct
max-age=86400; enforce;
vary
Origin
content-type
image/gif
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges
bytes
x-amz-cf-id
_t6tpFzx5-laWkjSxVzyv7r6QFRdd3srswIJDjGQinaGkkkJrOzHDw==
53754F6B83F1077EA08A2F9035B0EEBF.cache.html
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 7692
142 KB
47 KB
Document
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/53754F6B83F1077EA08A2F9035B0EEBF.cache.html
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-15.ams54.r.cloudfront.net
Software
nginx /
Resource Hash
38ecab22c16bef44fbe268de3e168ead209d46f9e281316ba81774aab345b283
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=notice&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.fortra.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.fortra.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=e904d75e-49c2-44da-8bb1-d1e909d13966&userType=NEW
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2042259
cache-control
max-age=315360000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 12 Dec 2023 04:39:00 GMT
etag
W/"144915-1701856304000"
expect-ct
max-age=86400; enforce;
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Wed, 06 Dec 2023 09:51:44 GMT
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding Origin
via
1.1 a36403421b18ef7385d5575765e6c414.cloudfront.net (CloudFront)
x-amz-cf-id
QlWYWo8ngbioyCQ6tUJAszspu4FEnQw1I6m_AhoHkBbIDtHtsJAO_A==
x-amz-cf-pop
AMS54-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1
RNNFO6UBZND2PCEUN2KUDQ
d.adroll.com/segment/YZJZ3MVNCZDDFHWIXHLWUO/
42 B
984 B
XHR
General
Full URL
https://d.adroll.com/segment/YZJZ3MVNCZDDFHWIXHLWUO/RNNFO6UBZND2PCEUN2KUDQ?adroll_fpc=bb08f355c0286366c458d88078c19ccc-1704398199656&pv=13576817922.274942&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&cookie=&adroll_s_ref=&keyw=&p0=254&adroll_external_data=&adroll_version=2.0
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/YZJZ3MVNCZDDFHWIXHLWUO/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:410e:c7a0:1d47:ccc0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
x-segment-display-name
Visitors to Unsegmented Pages
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
x-rule-type
p
content-length
42
pragma
no-cache
x-conversion-value
0.0
server
nginx/1.22.1
x-rule
*
x-segment-eid
3HL3E4EA7BGJXPJVPURXBG
content-type
image/gif
access-control-allow-origin
https://terranovasecurity.com
access-control-expose-headers
X-Conversion-Value, X-Conversion-Currency, X-Advertisable-Eid, X-Segment-Eid, X-Rule-Type, X-Pixel-Eid
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-request-methods
GET
x-pixel-eid
RNNFO6UBZND2PCEUN2KUDQ
x-organization-eid
7VRYU4GW6NFWPPGLK4GOQJ
access-control-allow-headers
*
x-advertisable-eid
YZJZ3MVNCZDDFHWIXHLWUO
x-conversion-currency
x-segment-name
*
sync
x.bidswitch.net/
Redirect Chain
  • https://d.adroll.com/cm/b/out?adroll_fpc=bb08f355c0286366c458d88078c19ccc-1704398199656&pv=13576817922.274942&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0...
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE
0
0

in
d.adroll.com/cm/g/
Redirect Chain
  • https://d.adroll.com/cm/g/out?adroll_fpc=bb08f355c0286366c458d88078c19ccc-1704398199656&pv=13576817922.274942&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0...
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=sv8d8k4eViia7L6i0qek6g
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=sv8d8k4eViia7L6i0qek6g&google_tc=
  • https://d.adroll.com/cm/g/in
42 B
552 B
Image
General
Full URL
https://d.adroll.com/cm/g/in
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H2
Server
2a05:d018:cc3:fe04:410e:c7a0:1d47:ccc0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 19:56:39 GMT
server
nginx/1.22.1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate
content-length
42
x-result
g.-1.-1.-1

Redirect headers

pragma
no-cache
date
Thu, 04 Jan 2024 19:56:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://d.adroll.com/cm/g/in
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
225
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://d.adroll.com/cm/index/out?adroll_fpc=bb08f355c0286366c458d88078c19ccc-1704398199656&pv=13576817922.274942&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dc...
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE&expiration=1735934199
0
0

out
d.adroll.com/cm/l/
42 B
181 B
Image
General
Full URL
https://d.adroll.com/cm/l/out?adroll_fpc=bb08f355c0286366c458d88078c19ccc-1704398199656&pv=13576817922.274942&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&advertisable=YZJZ3MVNCZDDFHWIXHLWUO
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe04:410e:c7a0:1d47:ccc0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://d.adroll.com/cm/n/out?adroll_fpc=bb08f355c0286366c458d88078c19ccc-1704398199656&pv=13576817922.274942&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0...
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE&expires=365
0
0

sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://d.adroll.com/cm/o/out?adroll_fpc=bb08f355c0286366c458d88078c19ccc-1704398199656&pv=13576817922.274942&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0...
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=b2ff1df24e1e56289aecbea2d2a7a4ea&gdpr=1&gdpr_consent=
0
0

cookie-sync
sync.outbrain.com/
Redirect Chain
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=bb08f355c0286366c458d88078c19ccc-1704398199656&pv=13576817922.274942&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%...
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE&gdpr=1&gdpr_consent=&us_privacy=1---
0
0

Pug
image2.pubmatic.com/AdServer/
Redirect Chain
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=bb08f355c0286366c458d88078c19ccc-1704398199656&pv=13576817922.274942&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXy...
0
0

sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain
  • https://d.adroll.com/cm/r/out?adroll_fpc=bb08f355c0286366c458d88078c19ccc-1704398199656&pv=13576817922.274942&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0...
  • https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
0
0

rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=bb08f355c0286366c458d88078c19ccc-1704398199656&pv=13576817922.274942&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3...
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE
0
0

xuid
eb2.3lift.com/
Redirect Chain
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=bb08f355c0286366c458d88078c19ccc-1704398199656&pv=13576817922.274942&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcod...
  • https://eb2.3lift.com/xuid?mid=4714&xuid=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE&dongle=c85e
0
0

setuid
ib.adnxs.com/
Redirect Chain
  • https://d.adroll.com/cm/x/out?adroll_fpc=bb08f355c0286366c458d88078c19ccc-1704398199656&pv=13576817922.274942&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0...
  • https://ib.adnxs.com/setuid?entity=172&code=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE
0
0

RNNFO6UBZND2PCEUN2KUDQ
ipv4.d.adroll.com/seg4/YZJZ3MVNCZDDFHWIXHLWUO/
0
0

truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 3748
1 KB
1 KB
XHR
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/truste
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/53754F6B83F1077EA08A2F9035B0EEBF.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-15.ams54.r.cloudfront.net
Software
nginx /
Resource Hash
365c4e4e15bb05abb8135ba921b7ff58c93459e1b8eda9e1835c13ba7ecec1b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

X-GWT-Module-Base
https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation
53754F6B83F1077EA08A2F9035B0EEBF
Referer
https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=notice&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.fortra.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.fortra.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=e904d75e-49c2-44da-8bb1-d1e909d13966&userType=NEW
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
content-encoding
gzip
via
1.1 a36403421b18ef7385d5575765e6c414.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-cf-pop
AMS54-C1
x-cache
Miss from cloudfront
content-disposition
attachment
content-length
481
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
server
nginx
expect-ct
max-age=86400; enforce;
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
Wvm18-KWQvHG58NPoIh8gjCe2NeEv9Z1uGKl1FF_gJgZK6YctnZ7mQ==
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 3748
48 B
622 B
XHR
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/truste
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/53754F6B83F1077EA08A2F9035B0EEBF.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-15.ams54.r.cloudfront.net
Software
nginx /
Resource Hash
834f4a8ed701a07d7dd0d703326e3c9ce6ce422e55b1f218b5a57e221c2e4773
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

X-GWT-Module-Base
https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation
53754F6B83F1077EA08A2F9035B0EEBF
Referer
https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=notice&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.fortra.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.fortra.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=e904d75e-49c2-44da-8bb1-d1e909d13966&userType=NEW
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
via
1.1 a36403421b18ef7385d5575765e6c414.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
AMS54-C1
x-cache
Miss from cloudfront
content-disposition
attachment
content-length
48
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
server
nginx
expect-ct
max-age=86400; enforce;
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
sp_3m8g64HTjePTqeiaRh1nG9VA19D-GQP15RJ74Pmkt4bNLs5rQuw==
EuPreferenceManager.css
consent-pref.trustarc.com/ Frame 3748
30 KB
7 KB
Stylesheet
General
Full URL
https://consent-pref.trustarc.com/EuPreferenceManager.css
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/53754F6B83F1077EA08A2F9035B0EEBF.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-15.ams54.r.cloudfront.net
Software
nginx /
Resource Hash
176f46d1332bd15e158ba501961d4614a40522c0b622bc981036251478694812
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=notice&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.fortra.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.fortra.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=e904d75e-49c2-44da-8bb1-d1e909d13966&userType=NEW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:18:47 GMT
content-encoding
gzip
via
1.1 a36403421b18ef7385d5575765e6c414.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
AMS54-C1
age
2273
x-cache
Hit from cloudfront
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 06 Dec 2023 09:51:26 GMT
server
nginx
etag
W/"30603-1701856286000"
expect-ct
max-age=86400; enforce;
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
no-cache
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
_OGvJFPEd9z9ezpNbkMkOa9szcbD_MV81vo5wSJUF4eelurstQWrIg==
expires
Thu, 04 Jan 2024 19:18:45 GMT
11.cache.js
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/53754F6B83F1077EA08A2F9035B0EEBF/ Frame 3748
267 KB
91 KB
XHR
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/53754F6B83F1077EA08A2F9035B0EEBF/11.cache.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/53754F6B83F1077EA08A2F9035B0EEBF.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-15.ams54.r.cloudfront.net
Software
nginx /
Resource Hash
4fca34a1d103c87bde6d04f07d32de7782349258552ddef90c50f1bb2991386b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=notice&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.fortra.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.fortra.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=e904d75e-49c2-44da-8bb1-d1e909d13966&userType=NEW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 04:39:01 GMT
content-encoding
gzip
via
1.1 a36403421b18ef7385d5575765e6c414.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
AMS54-C1
age
2042258
x-cache
Hit from cloudfront
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 06 Dec 2023 09:51:44 GMT
server
nginx
etag
W/"273127-1701856304000"
expect-ct
max-age=86400; enforce;
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
4UDGklmbX2L_gPK9A2YVq7zsWU3pZGS0_63n8eALtCBDbb2BKo8bRA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
insideIframe.js
fast.wistia.net/assets/external/ Frame A0AD
45 KB
12 KB
Script
General
Full URL
https://fast.wistia.net/assets/external/insideIframe.js
Requested by
Host: linoma.wistia.com
URL: https://linoma.wistia.com/embed/iframe/i12p9inb16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fd63ae3c4d40439c3256053ca79e4c5e2ff7cc82c2a0e268e2907af6948fed38
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://linoma.wistia.com/
Origin
https://linoma.wistia.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:40 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
3176
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
12079
x-served-by
cache-iad-kjyo7100022-IAD, cache-fra-eddf8230112-FRA
x-browser-version
120
last-modified
Wed, 03 Jan 2024 19:03:06 GMT
server
AmazonS3
x-timer
S1704398200.045610,VS0,VE0
etag
"375725d1e46234712497ec563ccd470b"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
5adb6ecf07af472f8a0076e794f84a54331d78cc
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
35, 63
E-v1.js
fast.wistia.net/assets/external/ Frame A0AD
741 KB
126 KB
Script
General
Full URL
https://fast.wistia.net/assets/external/E-v1.js
Requested by
Host: linoma.wistia.com
URL: https://linoma.wistia.com/embed/iframe/i12p9inb16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1cfea9c2560f92f921901138514a6bef5370b77a265a62151e446d3f50140a9b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://linoma.wistia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
3164
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
128558
x-served-by
cache-iad-kiad7000102-IAD, cache-fra-eddf8230127-FRA
x-browser-version
120
last-modified
Wed, 03 Jan 2024 19:03:06 GMT
server
AmazonS3
x-timer
S1704398200.872354,VS0,VE0
etag
"dd11a26444e150465636690e12beb0fd"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
5adb6ecf07af472f8a0076e794f84a54331d78cc
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
49, 3
swatch
fast.wistia.net/embed/medias/i12p9inb16/ Frame A0AD
3 KB
4 KB
Image
General
Full URL
https://fast.wistia.net/embed/medias/i12p9inb16/swatch
Requested by
Host: linoma.wistia.com
URL: https://linoma.wistia.com/embed/iframe/i12p9inb16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
25c864ad288d5841dd1aad9d4c2dd46d1e220690f11addf034e937fa59717a09
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://linoma.wistia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
access-control-request-method
*
via
1.1 e880df37740c4e68e519f8478d14cb88.cloudfront.net (CloudFront), 1.1 6c06d3b8fdddf587c323accc30a7e51c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
x-cdn
cloudfront
x-amz-cf-pop
IAD89-P2, MIA3-C4
age
58044
edge-cache-tag
1b95fe468b198aec76bca63b76313a5c
x-cache
Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time
28
content-disposition
inline
content-length
3154
x-served-by
cache-iad-kjyo7100027-IAD, cache-fra-eddf8230127-FRA
x-browser-version
120
last-modified
Thu, 29 Jun 2023 07:29:26 UTC
server
envoy
x-timer
S1704398200.872067,VS0,VE2
etag
MXbwsUtwkwOKIGDLOdEYRUNJfKE=
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, no-cache,max-age=31536000
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
rk3ypUx9CL2JSix-dN4cWvS7Nn3vixV0hAUji2sn3jsjZ_iT5mONBw==
x-cache-hits
51, 1
1.cache.js
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/53754F6B83F1077EA08A2F9035B0EEBF/ Frame 3748
21 KB
9 KB
XHR
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/53754F6B83F1077EA08A2F9035B0EEBF/1.cache.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/53754F6B83F1077EA08A2F9035B0EEBF.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-15.ams54.r.cloudfront.net
Software
nginx /
Resource Hash
82ca468f0d48287ddaa8795313ba57708377842b6e077d12884b9c2bcc51a8f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=notice&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.fortra.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.fortra.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=e904d75e-49c2-44da-8bb1-d1e909d13966&userType=NEW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 04:39:22 GMT
content-encoding
gzip
via
1.1 a36403421b18ef7385d5575765e6c414.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
AMS54-C1
age
2042237
x-cache
Hit from cloudfront
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 06 Dec 2023 09:51:44 GMT
server
nginx
etag
W/"21349-1701856304000"
expect-ct
max-age=86400; enforce;
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
WGS90-IMP8I2Qh1-RGAcvzwvNbdd15Z3_07UuGY2iAKlcpMYGJhrqw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 3748
856 B
947 B
XHR
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/truste
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/53754F6B83F1077EA08A2F9035B0EEBF.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-15.ams54.r.cloudfront.net
Software
nginx /
Resource Hash
714033706d3272019efabd4624a61b9f925a1daf38615770b734564600ca637d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

X-GWT-Module-Base
https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation
53754F6B83F1077EA08A2F9035B0EEBF
Referer
https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=notice&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.fortra.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.fortra.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=e904d75e-49c2-44da-8bb1-d1e909d13966&userType=NEW
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
content-encoding
gzip
via
1.1 a36403421b18ef7385d5575765e6c414.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-cf-pop
AMS54-C1
x-cache
Miss from cloudfront
content-disposition
attachment
content-length
353
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
server
nginx
expect-ct
max-age=86400; enforce;
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
DfRs8AvTc7Y4qdyi5nvh8evljDPpbN9XzNu32MFNO1m-DymxCZP4Zw==
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 3748
24 KB
7 KB
XHR
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/truste
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/53754F6B83F1077EA08A2F9035B0EEBF.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-15.ams54.r.cloudfront.net
Software
nginx /
Resource Hash
554008a2a8ed087640afa2529308c94093037068345160b2e5cf5fede0ef2cf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

X-GWT-Module-Base
https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation
53754F6B83F1077EA08A2F9035B0EEBF
Referer
https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=notice&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.fortra.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.fortra.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=e904d75e-49c2-44da-8bb1-d1e909d13966&userType=NEW
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Thu, 04 Jan 2024 19:56:39 GMT
content-encoding
gzip
via
1.1 a36403421b18ef7385d5575765e6c414.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-cf-pop
AMS54-C1
x-cache
Miss from cloudfront
content-disposition
attachment
content-length
6347
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
server
nginx
expect-ct
max-age=86400; enforce;
content-type
application/json;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
EWa894tTTKDRYcuQQOWgm_ZIxsgjbHNM0euvhkHAv4czSZ5Ko-sNxw==
trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame 3748
4 KB
5 KB
Image
General
Full URL
https://consent-pref.trustarc.com/images/trustarc-logo-small.png
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-15.ams54.r.cloudfront.net
Software
nginx /
Resource Hash
91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=notice&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.fortra.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.fortra.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=e904d75e-49c2-44da-8bb1-d1e909d13966&userType=NEW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:12:11 GMT
via
1.1 a36403421b18ef7385d5575765e6c414.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
AMS54-C1
age
2668
x-cache
Hit from cloudfront
content-length
4197
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 06 Dec 2023 09:51:26 GMT
server
nginx
etag
W/"4197-1701856286000"
expect-ct
max-age=86400; enforce;
vary
Origin
content-type
image/png
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges
bytes
x-amz-cf-id
CP4w9_uNFXlURaHf9mxSYqG9qAvinCKjrnUB_VMQOyGv4jrjEsKy0A==
wistia-mux.js
fast.wistia.net/assets/external/ Frame A0AD
130 KB
31 KB
Script
General
Full URL
https://fast.wistia.net/assets/external/wistia-mux.js
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a28e78252c69fe759fd8c215e2eac722008dae2a068e7d8c10453cda665f913f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Origin
https://linoma.wistia.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:40 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
3494
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
31811
x-served-by
cache-iad-kcgs7200020-IAD, cache-fra-eddf8230112-FRA
x-browser-version
120
last-modified
Wed, 03 Jan 2024 19:03:06 GMT
server
AmazonS3
x-timer
S1704398200.145623,VS0,VE0
etag
"9ed6aecfd823d9f18747dc843fb72a96"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
5adb6ecf07af472f8a0076e794f84a54331d78cc
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
15, 17
captions.js
fast.wistia.net/assets/external/ Frame A0AD
162 KB
34 KB
Script
General
Full URL
https://fast.wistia.net/assets/external/captions.js
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
89fe9807b5b69624828758b65407a46f6c42d6b79abfcca367bf4272ad2cacf3
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://linoma.wistia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:40 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
3246
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
33906
x-served-by
cache-iad-kiad7000136-IAD, cache-fra-eddf8230127-FRA
x-browser-version
120
last-modified
Wed, 03 Jan 2024 19:03:06 GMT
server
AmazonS3
x-timer
S1704398200.169858,VS0,VE0
etag
"0a2dd78c662aa5b594954b32dbe9fae7"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
5adb6ecf07af472f8a0076e794f84a54331d78cc
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
39, 21
playPauseLoadingControl.js
fast.wistia.net/assets/external/ Frame A0AD
79 KB
21 KB
Script
General
Full URL
https://fast.wistia.net/assets/external/playPauseLoadingControl.js
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e59f8184388cbf7873147d14016ebf88a7f73feb7802e9fe764aa6dedc2809c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Origin
https://linoma.wistia.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:40 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
3162
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
21103
x-served-by
cache-iad-kiad7000148-IAD, cache-fra-eddf8230112-FRA
x-browser-version
120
last-modified
Wed, 03 Jan 2024 19:03:06 GMT
server
AmazonS3
x-timer
S1704398200.220380,VS0,VE0
etag
"7061aad4670a61dbecdcde446142fc17"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
5adb6ecf07af472f8a0076e794f84a54331d78cc
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
21, 71
i12p9inb16.json
fast.wistia.net/embed/captions/ Frame A0AD
2 KB
1 KB
Fetch
General
Full URL
https://fast.wistia.net/embed/captions/i12p9inb16.json
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/captions.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
7f182f8fbdc4cd17081daa0a46247e301f597cf0612741b51d5d1649552c918d
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://linoma.wistia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:40 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=0
via
1.1 ffa4b37ccdc94a8c62bf6b6414725210.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies
none
x-amz-cf-pop
IAD89-C3
age
684
x-cache
Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time
72
content-length
896
x-request-id
86de1e13-81ad-4d94-b31f-4eec3b48b9c1
x-served-by
cache-iad-kcgs7200150-IAD, cache-fra-eddf8230112-FRA
x-runtime
0.070025
x-browser-version
120
server
envoy
x-timer
S1704398200.225859,VS0,VE2
etag
W/"7f182f8fbdc4cd17081daa0a46247e30"
vary
Accept-Encoding,X-Forwarded-Proto
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-cache
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
iJ5U6HarjO4ea-CNp-XJm9hp-O5S5c-YLjZsBTziq5sJuD96gXUK4g==
x-cache-hits
31, 1
interFontFace.js
fast.wistia.net/assets/external/ Frame A0AD
45 KB
18 KB
Script
General
Full URL
https://fast.wistia.net/assets/external/interFontFace.js
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/captions.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a774b19d5173d81cf31cc63eff99b6ee8d9dd29651acfb93efa45f88459421dc
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Origin
https://linoma.wistia.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:40 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
3275
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
18255
x-served-by
cache-iad-kcgs7200089-IAD, cache-fra-eddf8230112-FRA
x-browser-version
120
last-modified
Wed, 03 Jan 2024 19:03:06 GMT
server
AmazonS3
x-timer
S1704398200.246501,VS0,VE0
etag
"e6186b0372b100dc5cc6243bf65e2c68"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
5adb6ecf07af472f8a0076e794f84a54331d78cc
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
38, 42
truncated
/ Frame A0AD
2 KB
2 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf

Request headers

Referer
Origin
https://linoma.wistia.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
swatch
fast.wistia.net/embed/medias/i12p9inb16/ Frame A0AD
3 KB
4 KB
Image
General
Full URL
https://fast.wistia.net/embed/medias/i12p9inb16/swatch
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
25c864ad288d5841dd1aad9d4c2dd46d1e220690f11addf034e937fa59717a09
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://linoma.wistia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:40 GMT
access-control-request-method
*
via
1.1 e880df37740c4e68e519f8478d14cb88.cloudfront.net (CloudFront), 1.1 6c06d3b8fdddf587c323accc30a7e51c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
x-cdn
cloudfront
x-amz-cf-pop
IAD89-P2, MIA3-C4
age
58044
edge-cache-tag
1b95fe468b198aec76bca63b76313a5c
x-cache
Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time
28
content-disposition
inline
content-length
3154
x-served-by
cache-iad-kjyo7100027-IAD, cache-fra-eddf8230127-FRA
x-browser-version
120
last-modified
Thu, 29 Jun 2023 07:29:26 UTC
server
envoy
x-timer
S1704398200.290476,VS0,VE0
etag
MXbwsUtwkwOKIGDLOdEYRUNJfKE=
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, no-cache,max-age=31536000
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
rk3ypUx9CL2JSix-dN4cWvS7Nn3vixV0hAUji2sn3jsjZ_iT5mONBw==
x-cache-hits
51, 2
1b95fe468b198aec76bca63b76313a5c.webp
embed-ssl.wistia.com/deliveries/ Frame A0AD
20 KB
20 KB
Image
General
Full URL
https://embed-ssl.wistia.com/deliveries/1b95fe468b198aec76bca63b76313a5c.webp?image_crop_resized=960x540
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2090:2a00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
9656ad402c10804897cfd58fee892be22aa9c10ac8769138a98ee27540854d8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://linoma.wistia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 17:10:22 GMT
access-control-request-method
*
via
1.1 480845f7432fb94c1c6d81f7845a67fe.cloudfront.net (CloudFront)
x-cdn
cloudfront
x-amz-cf-pop
AMS58-P1
age
1997178
edge-cache-tag
1b95fe468b198aec76bca63b76313a5c
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
237
content-disposition
inline
surrogate-key
1b95fe468b198aec76bca63b76313a5c thumbnail-delivery
last-modified
Thu, 29 Jun 2023 07:29:26 UTC
server
envoy
etag
nJ-5uGrBJahXOYdDjp0Hff8USLA=
vary
Origin
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
none
x-amz-cf-id
0PqXrQNikPmpt0TiHlNLlOgfBQ5VPJ1CbeQXtE-8Zb6wA_Fr3xzbRA==
json
forms.hsforms.com/embed/v3/form/3478499/7b5974d2-fb15-4e38-b0b0-bb16dc862337/
64 KB
9 KB
XHR
General
Full URL
https://forms.hsforms.com/embed/v3/form/3478499/7b5974d2-fb15-4e38-b0b0-bb16dc862337/json?hs_static_app=forms-embed&hs_static_app_version=1.4371&X-HubSpot-Static-App-Info=forms-embed-1.4371
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:eff9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b34f05d8cd3bc698b56928416781411e49f1e2ca730f860406581dd8cec8fbfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://terranovasecurity.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

X-Origin-Hublet
na1
Date
Thu, 04 Jan 2024 19:56:40 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
Content-Encoding
br
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
4f652d22-2211-4626-b14a-5ae17b89a15b
Transfer-Encoding
chunked
x-envoy-upstream-service-time
28
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
4f652d22-2211-4626-b14a-5ae17b89a15b
Server
cloudflare
X-Trace
2B71C9BCA70752F5CC99565D8379895F96FB113E18000000000000000000
Vary
origin
Access-Control-Allow-Methods
OPTIONS, GET
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://terranovasecurity.com
x-evy-trace-virtual-host
all
Access-Control-Expose-Headers
X-Origin-Hublet
Access-Control-Max-Age
180
Access-Control-Allow-Credentials
false
Cache-Control
max-age=0, no-cache, no-store
X-Robots-Tag
none
Access-Control-Allow-Headers
*
CF-RAY
84060bd07eb81973-FRA
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-795b47fdff-md75r
leadflows.js
js.hsleadflows.net/
551 KB
88 KB
Script
General
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3478499.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7d0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b49a5d05ca41478b31f51cc2539a75937c3f921540aa90116a8f609e094d1811
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://terranovasecurity.com/
Origin
https://terranovasecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-encoding
br
age
16024
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1301/bundle/main/lead-flows-release.js&cfRay=840484992d6f8fe2-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"8a35e91df79ea2127dd121bdbbef865e"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=86400, max-age=0
x-hs-target-asset
lead-flows-js/static-1.1301/bundle/main/lead-flows-release.js
date
Thu, 04 Jan 2024 19:56:40 GMT
x-amz-version-id
z6CxNR7tOyvY9WtgJDh3TL771JIvwERG
via
1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
79a0ca5f-0ad2-4a30-9bb4-24ad71bc624b
x-cache
Hit from cloudfront
cache-tag
staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
8
x-evy-trace-route-configuration
listener_https/all
x-request-id
79a0ca5f-0ad2-4a30-9bb4-24ad71bc624b
last-modified
Wed, 03 Jan 2024 10:02:41 UTC
server
cloudflare
access-control-max-age
3000
x-hs-cache-status
MISS
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-798df77cc5-4shmr
cf-ray
84060bd0c8a1900c-FRA
x-amz-cf-id
-31RCSZi3TgnCJagRwnTchGIhwP6VFNP9ZkqcXIgsgfjoBFBwsENLQ==
conversations-embed.js
js.usemessages.com/
84 KB
24 KB
Script
General
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3478499.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f9a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f09e95e50ae9c0181382558ff935903a7b273b4a8e5006788e85ae1c72c7c6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:40 GMT
x-amz-version-id
KYDl9V0le_8eNyhqu8y2yzPaUoKjKmsM
via
1.1 c0b0d7167cc2eb52d8d154aa7fc03a0a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
IAD12-P3
age
278
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.15030/bundles/project.js&cfRay=84060504abb765b1-FRA
x-cache
Hit from cloudfront
x-hubspot-correlation-id
04f836e9-543e-43a0-ae37-56fe0e33cf3a
cache-tag
staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
11
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
04f836e9-543e-43a0-ae37-56fe0e33cf3a
last-modified
Wed, 20 Dec 2023 17:16:05 UTC
server
cloudflare
etag
W/"64e2daa01b1349fee44794df69e776a8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
EXPIRED
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-798df77cc5-j6gsk
cf-ray
84060bd0b80c5d6f-FRA
x-amz-cf-id
Tas6z_NxtrAnztXwnaSXKYFvy2IKDPyZxzwmO4Y2h-mJmzbX1WOznA==
x-hs-target-asset
conversations-embed/static-1.15030/bundles/project.js
banner.js
js.hs-banner.com/v2/3478499/
63 KB
20 KB
Script
General
Full URL
https://js.hs-banner.com/v2/3478499/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3478499.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
236da1e279970d72ab0f28a2d9c9fde03100674452adabd32466c72f0890bfbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:40 GMT
x-amz-version-id
32ou38jiXgLjiCrKouOYRnivOmB9b6AU
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
A1YB9EVZ96GG9P33
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
1f971883-4fd2-43a9-8fa7-c390eabb8f46
x-envoy-upstream-service-time
47
x-amz-id-2
pbgYDl1iYofRjKwssnJPfDB9uQGkL4Bj2FG9JObDJ2Lwwt1iN/raJ3tIIhEML73RTYGL36WPUro=
x-evy-trace-listener
listener_https
x-request-id
1f971883-4fd2-43a9-8fa7-c390eabb8f46
x-evy-trace-route-configuration
listener_https/all
last-modified
Wed, 20 Dec 2023 15:38:06 GMT
server
cloudflare
etag
W/"052bb7a0a6fd58fd59703af8221f85e1"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.goanywhere.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-55f4f74954-5k9n2
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
84060bd0cbae1952-FRA
expires
Thu, 04 Jan 2024 20:01:40 GMT
3478499.js
js.hs-analytics.net/analytics/1704398100000/
81 KB
23 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1704398100000/3478499.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3478499.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:50ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a9f6a58f9aaba20d1750334fea4fd50593ed00d75e2a1aa3e99b3c5195e52cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:40 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
ZA1XBP0F72FHN6Y3
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
59b5dc00-836e-4c0b-849e-f7d31c6b60ef
x-envoy-upstream-service-time
19
x-amz-id-2
2Xaj+OkEJu1lHHNbAWpWIgeBsEk6Zz+5ZRIODI+DFPvFAIHe+U/EiedDqQDDuAHuknOwlZsPIQk=
x-evy-trace-listener
listener_https
x-request-id
59b5dc00-836e-4c0b-849e-f7d31c6b60ef
x-evy-trace-route-configuration
listener_https/all
last-modified
Wed, 03 Jan 2024 22:31:54 GMT
server
cloudflare
etag
W/"3c8cfea34fb3d34cb1d86595aacda202"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-55f4f74954-gwcrj
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
84060bd0cfb4372f-FRA
expires
Thu, 04 Jan 2024 20:01:40 GMT
web-interactives-embed.js
js.hubspot.com/
79 KB
23 KB
Script
General
Full URL
https://js.hubspot.com/web-interactives-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3478499.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0a2315923c48fc1d0652efb581b8db4bae0432b2823ce24ca77a211299cde10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://terranovasecurity.com/
Origin
https://terranovasecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-encoding
br
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.779/bundles/project.js&cfRay=84060bd0bc1790fb-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"74a7784032d384ab8b680a383dfe7228"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-hs-target-asset
web-interactives-embed/static-2.779/bundles/project.js
date
Thu, 04 Jan 2024 19:56:40 GMT
x-amz-version-id
utFFKfbcz6OI7awXJbpvILQMSF0IJITb
via
1.1 e21fbbed60133ff896ee44224814dc5c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
ff5ba052-30f6-41b5-800e-f1fbbaf0ef8a
x-cache
Hit from cloudfront
cache-tag
staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
7
x-evy-trace-route-configuration
listener_https/all
x-request-id
ff5ba052-30f6-41b5-800e-f1fbbaf0ef8a
last-modified
Wed, 03 Jan 2024 14:19:41 UTC
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nR%2FoS06lKWeI%2FGbaoF3f10ST5MKY%2FOxMQYKtoBt%2FuBtnvlmSVHOG9w3dX2rg1ci24YdZO9nJ03QI1ZK969v1yERi4BEpvq5jey%2BHT9oGWoLbp2owmxTOZNkDC0%2FGnOiG1vVA66ZXM4M3Zvqa"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-798df77cc5-bw7pg
cf-ray
84060bd0bc1790fb-FRA
x-amz-cf-id
-6dVwuR3LLGslYJJNb3TOcod1YkpOEJHtNnva92aDhVxMAwKLAMA7A==
json
forms.hsforms.com/embed/v3/form/3478499/7b5974d2-fb15-4e38-b0b0-bb16dc862337/
64 KB
9 KB
XHR
General
Full URL
https://forms.hsforms.com/embed/v3/form/3478499/7b5974d2-fb15-4e38-b0b0-bb16dc862337/json?hs_static_app=forms-embed&hs_static_app_version=1.4371&X-HubSpot-Static-App-Info=forms-embed-1.4371
Requested by
Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:eff9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03c8eac6dc0268b8df109b565589ed8e3336faac8688c775b842e10c20b44a91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://terranovasecurity.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

X-Origin-Hublet
na1
Date
Thu, 04 Jan 2024 19:56:40 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
Content-Encoding
br
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
d700b8d9-505d-4b89-a43b-cca484f4714a
Transfer-Encoding
chunked
x-envoy-upstream-service-time
12
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
d700b8d9-505d-4b89-a43b-cca484f4714a
Server
cloudflare
X-Trace
2B39CA4593A2757CAAD97B0BE85F4AB63CA92A2D65000000000000000000
Vary
origin
Access-Control-Allow-Methods
OPTIONS, GET
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://terranovasecurity.com
x-evy-trace-virtual-host
all
Access-Control-Expose-Headers
X-Origin-Hublet
Access-Control-Max-Age
180
Access-Control-Allow-Credentials
false
Cache-Control
max-age=0, no-cache, no-store
X-Robots-Tag
none
Access-Control-Allow-Headers
*
CF-RAY
84060bd10d881b36-FRA
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-795b47fdff-f2dhq
6.cache.js
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/53754F6B83F1077EA08A2F9035B0EEBF/ Frame 3748
8 KB
4 KB
XHR
General
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/53754F6B83F1077EA08A2F9035B0EEBF/6.cache.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/53754F6B83F1077EA08A2F9035B0EEBF.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-15.ams54.r.cloudfront.net
Software
nginx /
Resource Hash
6e0d470104f610a02906d357b9af5a66c05c3801685bd5d4a9952bc98b53c73d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=notice&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.fortra.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.fortra.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=e904d75e-49c2-44da-8bb1-d1e909d13966&userType=NEW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 04:39:55 GMT
content-encoding
gzip
via
1.1 a36403421b18ef7385d5575765e6c414.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
AMS54-C1
age
2042205
x-cache
Hit from cloudfront
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 06 Dec 2023 09:51:44 GMT
server
nginx
etag
W/"7819-1701856304000"
expect-ct
max-age=86400; enforce;
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id
wFAEwR1XFpNVx1oSqkp4pkJAJeGt1zYMHrbYN1fdA_IV-EmbbU3-hw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
public
api.hubspot.com/livechat-public/v1/message/ Frame
0
0
Preflight
General
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=3478499&conversations-embed=static-1.15030&mobile=false&messagesUtk=78e48fcf8dc54beea30cf628ff143ac9&traceId=78e48fcf8dc54beea30cf628ff143ac9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
x-hubspot-messages-uri
Access-Control-Request-Method
GET
Origin
https://terranovasecurity.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://terranovasecurity.com
allow
HEAD,GET,OPTIONS
cf-cache-status
DYNAMIC
cf-ray
84060bd15c9790fb-FRA
content-length
18
content-type
text/plain; charset=utf-8
date
Thu, 04 Jan 2024 19:56:40 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TScLQAKK7EfEjw2ARutvaVeqdZe%2Ft1qDZ8r6JznyIjOPqEm0XU5v2iM90kDnl6H55mbyOP6%2Fs30h7NAWmmy4sBkpnsohJV5Jw38ykDD3jcyeb7%2FWys8sWmqpj75vlZI7TFWzUQAYFeow%2Bchkxg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
10
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-57d4fb94bb-tr44p
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
b4f351b8-fce3-4026-b74a-66ace0b58acf
x-request-id
b4f351b8-fce3-4026-b74a-66ace0b58acf
x-trace
2B962FD3ED393D77FD8936FD02A6B4A705A9AC5B25000000000000000000
public
api.hubspot.com/livechat-public/v1/message/
388 B
1 KB
XHR
General
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=3478499&conversations-embed=static-1.15030&mobile=false&messagesUtk=78e48fcf8dc54beea30cf628ff143ac9&traceId=78e48fcf8dc54beea30cf628ff143ac9
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e77f52c3131e3936d83ccf8fb84ce87650d8f064d48cfcada725096a5b2286b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://terranovasecurity.com/
accept-language
de-DE,de;q=0.9
X-HubSpot-Messages-Uri
https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
b15374f9-c29c-438e-8153-7fea7eb9d349
x-envoy-upstream-service-time
12
content-length
290
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
b15374f9-c29c-438e-8153-7fea7eb9d349
server
cloudflare
x-trace
2BA9EC43F8F0071F454A2F2EC086E5FE9E0E33F857000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://terranovasecurity.com
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-57d4fb94bb-s8ffl
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7QbVWomvSGenWgj5HRV0xFutoQ6HbfgMv%2F9Dr%2FjUtG7CZfghWjVNZXIBbJTXM8HAgmH4TTdGTQ0lx3a5ZKRcOypefo2xnurv62U6DOEEoIPMfDVglMP8iFd83DbnZ3KZfLOxBazUwNBgNcIgKw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
84060bd24d4490fb-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
get
consent.trustarc.com/ Frame 3748
3 KB
1 KB
Image
General
Full URL
https://consent.trustarc.com/get?name=%20fortra_Logo.svg
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-49.fra60.r.cloudfront.net
Software
/
Resource Hash
e396c79b7c0d5a855f996af8807bdf7318a87f7d4a198fa08a2c65e5cfa34330
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent-pref.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
public
date
Thu, 04 Jan 2024 19:06:59 GMT
content-encoding
gzip
via
1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P2
age
2981
vary
Origin
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
zJbx2mpIV6_Pm30mr5hnK-ceTwvSdmWoPGrZ7ez_PQ1-fhFljtWp0A==
expires
Sat, 03 Feb 2024 19:06:59 GMT
hls_video.js
fast.wistia.net/assets/external/engines/ Frame A0AD
474 KB
115 KB
Script
General
Full URL
https://fast.wistia.net/assets/external/engines/hls_video.js
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c0a1a7a0d6b82f94681ec87a0051ca2bd3648cb19ba253212c657c054db101d1
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Origin
https://linoma.wistia.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:40 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
2448
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
117982
x-served-by
cache-iad-kiad7000172-IAD, cache-fra-eddf8230112-FRA
x-browser-version
120
last-modified
Wed, 03 Jan 2024 19:03:06 GMT
server
AmazonS3
x-timer
S1704398201.536721,VS0,VE0
etag
"6ee8aec94d37e76019eb205e69e9e69c"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
5adb6ecf07af472f8a0076e794f84a54331d78cc
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
426, 40
counters.gif
forms.hsforms.com/embed/v3/
35 B
629 B
Image
General
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:eff9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
dac7bcbb-df2a-464b-890f-7534894b31bf
x-envoy-upstream-service-time
21
alt-svc
h3=":443"; ma=86400
content-length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
dac7bcbb-df2a-464b-890f-7534894b31bf
server
cloudflare
x-trace
2B6FD43B26BC1FA325A4B49D07708426FE5ECA4639000000000000000000
vary
origin
content-type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-795b47fdff-4w87j
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
cf-ray
84060bd23d643a3d-FRA
counters.gif
forms-na1.hsforms.com/embed/v3/
35 B
1016 B
Image
General
Full URL
https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 19:56:40 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
7b6f9b45-a13b-4381-9341-f366cdb38fca
x-envoy-upstream-service-time
9
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
7b6f9b45-a13b-4381-9341-f366cdb38fca
Server
cloudflare
X-Trace
2B83D8929165BBB24254AB5FED71E2C05394EA7D49000000000000000000
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-795b47fdff-b9wb8
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
84060bd23c339bac-FRA
i12p9inb16.m3u8
fast.wistia.com/embed/medias/ Frame A0AD
1 KB
2 KB
XHR
General
Full URL
https://fast.wistia.com/embed/medias/i12p9inb16.m3u8
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
fec53f3fd3b50e7f54ccacbf78dfa1f396c232763889637eac1e43301c238601
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://linoma.wistia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:40 GMT
via
1.1 51391527dd8c879c45b44b119905c872.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=0
x-permitted-cross-domain-policies
none
x-amz-cf-pop
IAD89-C3
age
48011
x-cache
Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time
33
content-length
1353
x-request-id
7efd51c2-2093-4423-bc26-4adb5b1d9628
x-served-by
cache-iad-kiad7000117-IAD, cache-fra-etou8220109-FRA
x-runtime
0.031370
x-browser-version
120
server
envoy
x-timer
S1704398201.712455,VS0,VE2
etag
W/"fec53f3fd3b50e7f54ccacbf78dfa1f3"
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type
application/x-mpegURL
access-control-allow-origin
*
cache-control
public, no-cache
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
79Fpd_z_7yabFrJ-XnGUEXdQanNJ6cmTlaDYNbFdZEZDZYVrqicWTA==
x-cache-hits
501, 1
blank.gif
fast.wistia.net/assets/images/ Frame A0AD
1 KB
1 KB
Image
General
Full URL
https://fast.wistia.net/assets/images/blank.gif
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://linoma.wistia.com/
Origin
https://linoma.wistia.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:40 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
338
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
1214
x-served-by
cache-iad-kjyo7100102-IAD, cache-fra-eddf8230112-FRA
x-browser-version
120
last-modified
Wed, 10 May 2023 19:48:54 GMT
server
AmazonS3
x-timer
S1704398201.676074,VS0,VE0
etag
"fbdc4ed9a1e2ee4917a265306927bcf1"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
5217436, 4
counters.gif
forms.hsforms.com/embed/v3/
35 B
590 B
Image
General
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:eff9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
d73be0b0-f0ad-4419-9772-79aee86b6e40
x-envoy-upstream-service-time
20
alt-svc
h3=":443"; ma=86400
content-length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
d73be0b0-f0ad-4419-9772-79aee86b6e40
server
cloudflare
x-trace
2B8E616DC21FA6AABDD4B12171BD2B5628F1D1DD6E000000000000000000
vary
origin
content-type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-795b47fdff-ncnts
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
cf-ray
84060bd25d9f3a3d-FRA
mput
pipedream.wistia.com/ Frame A0AD
2 B
328 B
Fetch
General
Full URL
https://pipedream.wistia.com/mput?topic=metrics
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:6800:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://linoma.wistia.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 04 Jan 2024 19:56:40 GMT
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
content-type
text/plain; charset=utf-8
x-envoy-upstream-service-time
1
content-length
2
x-amz-cf-id
CvQQti9vo-gPKPRa6ZvIU72YBjWh7iKmYf3yF1nNcdSxm_J7B3ZXSg==
counters.gif
forms-na1.hsforms.com/embed/v3/
35 B
1016 B
Image
General
Full URL
https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 19:56:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
3a4c24a7-098f-4a57-b574-80f69a2dd71f
x-envoy-upstream-service-time
3
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
3a4c24a7-098f-4a57-b574-80f69a2dd71f
Server
cloudflare
X-Trace
2BBD2933074477FAF03CCE299049B6125AFE975E6C000000000000000000
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-795b47fdff-n6wg8
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
84060bd2de93bb38-FRA
combinedConfigs
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/
369 B
1 KB
Fetch
General
Full URL
https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=3478499&currentUrl=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot
Requested by
Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14103b64df9857f9f7ad1f02efaafba97ce4772e8d8b448857de69c3537c338d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
9b520b2c-7212-42c6-8311-72b874e06d0c
content-encoding
br
x-envoy-upstream-service-time
31
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
9b520b2c-7212-42c6-8311-72b874e06d0c
server
cloudflare
vary
origin
access-control-allow-methods
OPTIONS, GET
content-type
application/json;charset=utf-8
access-control-allow-origin
https://terranovasecurity.com
x-evy-trace-virtual-host
all
access-control-max-age
180
access-control-allow-credentials
true
cache-control
max-age=0, no-cache, no-store
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wylMpvUyDleW7rI6jCInF3dPwg%2BUB1c7sL8bqJGl7bDzaexAwuqO%2FWCQP7V5mhSqthOFF1llvdkOCPTWj61YFjnNDTvyedoEsnGoZzYSOWFMYzKAs8S9eW6gPGko2Oko6z9kfF3PL1WxuHqoPzrUIVq7LZy%2Bd7tl5%2BA%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag
noindex, follow
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray
84060bd38e3b90fb-FRA
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-795b47fdff-rgjzk
x
distillery.wistia.com/ Frame A0AD
0
0
Fetch
General
Full URL
https://distillery.wistia.com/x
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-40.fra60.r.cloudfront.net
Software
envoy /
Resource Hash

Request headers

Referer
https://linoma.wistia.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 04 Jan 2024 19:56:40 GMT
via
1.1 81cb77eb84eee291ebbd90b4c274c1c4.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
FRA60-P6
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
x-amz-cf-id
3OENBuU1IHs-QLEPLq5ivGpLFm8AkPY4DM0YglXjPhGoyEFu9Ungdg==
trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame 3748
4 KB
5 KB
Image
General
Full URL
https://consent-pref.trustarc.com/images/trustarc-logo-small.png
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-15.ams54.r.cloudfront.net
Software
nginx /
Resource Hash
91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=notice&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.fortra.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.fortra.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=e904d75e-49c2-44da-8bb1-d1e909d13966&userType=NEW
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:12:11 GMT
via
1.1 a36403421b18ef7385d5575765e6c414.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
AMS54-C1
age
2669
x-cache
Hit from cloudfront
content-length
4197
x-xss-protection
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 06 Dec 2023 09:51:26 GMT
server
nginx
etag
W/"4197-1701856286000"
expect-ct
max-age=86400; enforce;
vary
Origin
content-type
image/png
permissions-policy
midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges
bytes
x-amz-cf-id
HKYOFHAYAo3QcbxaFYaSo32p-6YYM7K4wVAS0eCPjmUfGpuEdTLFaQ==
counters.gif
perf-na1.hsforms.com/embed/v3/
35 B
1 KB
Image
General
Full URL
https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1
Requested by
Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c07d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Thu, 04 Jan 2024 19:56:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
CF-Cache-Status
MISS
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
ee63718b-6fa2-40c2-8608-a320459aacad
x-envoy-upstream-service-time
19
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
ee63718b-6fa2-40c2-8608-a320459aacad
Last-Modified
Thu, 04 Jan 2024 19:56:41 GMT
Server
cloudflare
X-Trace
2BE3C3FA509B550D798A715FB9F03FA45ED566D929000000000000000000
Vary
origin, Accept-Encoding
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-795b47fdff-n6wg8
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
X-Robots-Tag
none
CF-RAY
84060bd4ebb4900c-FRA
__ptq.gif
track.hubspot.com/
45 B
741 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1132539230&v=1.1&a=3478499&rcu=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F&pu=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&t=Gone+Phishing+Tournament+%7C+Terranova+Security&cts=1704398201262&vi=6782e50b38b1a5fa2cd6e239e216661f&nc=true&u=76129290.6782e50b38b1a5fa2cd6e239e216661f.1704398201258.1704398201258.1704398201258.1&b=76129290.1.1704398201258&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
1ee141b1-8dd2-4758-a148-47ea0f2160c8
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
7
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
1ee141b1-8dd2-4758-a148-47ea0f2160c8
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ijlXICpy%2FpzEZubUSZDhGcmPSsCkbjl16D8dzZyeytFqir7Hkg3%2F82JgRt9eQPYHLNXwysQtT2hH2SHFnktarjZ3z75Dqn7C5uKQby%2FZlvNsCs%2FUERMVhLlxywqlTjR0oJxqNO2yslme1hAr9CjS"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-7484b4bf59-pbkhk
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
84060bd65b825c1a-FRA
x-robots-tag
none
__ptq.gif
track.hubspot.com/
45 B
752 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=7b5974d2-fb15-4e38-b0b0-bb16dc862337&fci=06d040b1-1efc-4006-89a4-9f20763293a6&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1132539230&v=1.1&a=3478499&rcu=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F&pu=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&t=Gone+Phishing+Tournament+%7C+Terranova+Security&cts=1704398201265&vi=6782e50b38b1a5fa2cd6e239e216661f&nc=true&u=76129290.6782e50b38b1a5fa2cd6e239e216661f.1704398201258.1704398201258.1704398201258.1&b=76129290.1.1704398201258&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
20d46ced-f99a-4e94-b122-55f90de99af6
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
16
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
20d46ced-f99a-4e94-b122-55f90de99af6
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iy0PJu82pY%2B0u4SfOn1NYcGHMJzVq3%2Fdt8LI8BHmj14YQQhUjO%2BqmoG5ybVbXf9CTsjUEF%2FmJnAUB5ukygdT5wzgLN6xyF3TZ%2FcXr9Ui5C1njGjBe%2BC1JgOoSmrifnfxexu1tJzQ56c%2FIU%2FZQXGM"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-7484b4bf59-m2kn6
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
84060bd65b855c1a-FRA
x-robots-tag
none
__ptq.gif
track.hubspot.com/
45 B
1 KB
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=7b5974d2-fb15-4e38-b0b0-bb16dc862337&fci=67420d42-467b-4e39-9981-33741a0f4867&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1132539230&v=1.1&a=3478499&rcu=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F&pu=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&t=Gone+Phishing+Tournament+%7C+Terranova+Security&cts=1704398201265&vi=6782e50b38b1a5fa2cd6e239e216661f&nc=true&u=76129290.6782e50b38b1a5fa2cd6e239e216661f.1704398201258.1704398201258.1704398201258.1&b=76129290.1.1704398201258&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
60ddc021-5688-405d-a44e-cea8e281475b
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
8
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
60ddc021-5688-405d-a44e-cea8e281475b
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQFDece4RM1tRYye6LCJE3DQEApFwRnqa3u9OvszDBYO1YIzDn%2F%2F7No%2FPXG9sSYeBW%2BXKHtjHDpJJY8lHrxVI1X681S6exJBoCkV8imPfM0XY1GZ4bwlWREuDH1UynR26bynohmxIfR6HA%2Fv27q9"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-7484b4bf59-k67x5
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
84060bd65b865c1a-FRA
x-robots-tag
none
mput
pipedream.wistia.com/ Frame A0AD
2 B
327 B
Fetch
General
Full URL
https://pipedream.wistia.com/mput?topic=metrics
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:6800:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://linoma.wistia.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 04 Jan 2024 19:56:41 GMT
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
content-type
text/plain; charset=utf-8
x-envoy-upstream-service-time
1
content-length
2
x-amz-cf-id
Yi7g1bhNIzXqrkKCGKmutQZ4U06-HgQKhEaXdlSuahoMJlVYL9uuww==
allIntegrations.js
fast.wistia.net/assets/external/ Frame A0AD
23 KB
6 KB
Script
General
Full URL
https://fast.wistia.net/assets/external/allIntegrations.js
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e84ecd347be77f89dc47b2723f3afc033454ee36376d36c6661285044184da8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Origin
https://linoma.wistia.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:41 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
3499
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
5772
x-served-by
cache-iad-kcgs7200044-IAD, cache-fra-eddf8230112-FRA
x-browser-version
120
last-modified
Wed, 03 Jan 2024 19:03:06 GMT
server
AmazonS3
x-timer
S1704398201.297244,VS0,VE0
etag
"2942ab96d3d0bd16f436ec14f1ff614a"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
5adb6ecf07af472f8a0076e794f84a54331d78cc
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
32, 16
json
forms.hubspot.com/lead-flows-config/v1/config/
178 B
1 KB
XHR
General
Full URL
https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=3478499&utk=6782e50b38b1a5fa2cd6e239e216661f&__hstc=76129290.6782e50b38b1a5fa2cd6e239e216661f.1704398201258.1704398201258.1704398201258.1&__hssc=76129290.1.1704398201258&currentUrl=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot
Requested by
Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0b30d7ecdbc56de8f3ef9f404cd481241eefd0daaa4937318047ed424291702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://terranovasecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 19:56:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
8a305cc7-5db4-4c65-88f6-f9a73d39b09c
content-encoding
br
x-envoy-upstream-service-time
19
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
8a305cc7-5db4-4c65-88f6-f9a73d39b09c
server
cloudflare
vary
origin
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://terranovasecurity.com
x-evy-trace-virtual-host
all
access-control-max-age
180
access-control-allow-credentials
false
cache-control
max-age=0, no-cache, no-store
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xz9KTG5aFRH6PlsZPLzwHuVJMoUm7Uftcjqa9LVqSfryW%2Fy%2B%2BPQRfL7RpwZbiXonQw%2FRgpPB1zdq4UmCtJqrohRzPfzVnjrIh0m2TR9rjxletAR71GvMyim5bNtOmKTVVNVVspg3WZFVIe9ylL2Y"}],"group":"cf-nel","max_age":604800}
x-robots-tag
none
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray
84060bd6888290fb-FRA
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-795b47fdff-thwp8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=44&user_id=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE&expiration=1735934199
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE&expires=365
Domain
us-u.openx.net
URL
https://us-u.openx.net/w/1.0/sd?id=537103138&val=b2ff1df24e1e56289aecbea2d2a7a4ea&gdpr=1&gdpr_consent=
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE&gdpr=1&gdpr_consent=&us_privacy=1---
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Domain
sync.taboola.com
URL
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/xuid?mid=4714&xuid=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE&dongle=c85e
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/setuid?entity=172&code=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE
Domain
ipv4.d.adroll.com
URL
https://ipv4.d.adroll.com/seg4/YZJZ3MVNCZDDFHWIXHLWUO/RNNFO6UBZND2PCEUN2KUDQ?adroll_fpc=bb08f355c0286366c458d88078c19ccc-1704398199656&pv=13576817922.274942&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&cookie=&adroll_s_ref=&keyw=&p0=254&adroll_external_data=&adroll_version=2.0

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| documentPictureInPicture function| _truste_eumap object| truste string| userType object| __dispatched__ undefined| __i__ function| getCookie function| vwoConsent object| dataLayer string| adroll_adv_id string| adroll_pix_id string| adroll_version boolean| __adroll_loaded object| adroll function| _truste_eu object| PREF_MGR_API_DEBUG object| PrivacyManagerAPI object| TRUSTE_CMAPI_DEBUG function| __adroll__ string| adroll_sid object| __adroll boolean| adroll_sendrolling_cross_device object| adroll_form_fields object| adroll_third_party_forms object| adroll_third_party_detected object| adroll_snippet_errors undefined| adroll_tpc_callback object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| __adroll_consent_data object| adroll_exp_list boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country number| adroll_lex33_called object| __adroll_pxl_assistant_track object| adroll_currency object| adroll_conversion_value object| adroll_conversion_value_in_dollars string| adroll_seg_eid string| adroll_rule_type object| hubspot object| HubSpotForms object| hbspt object| hsFormsOnReady object| iframe object| _hsp object| webpackChunk_N_E function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E function| checkAndInsertDetailsForIframe object| __MIDDLEWARE_MATCHERS function| __BUILD_MANIFEST_CB object| __BUILD_MANIFEST object| __SSG_MANIFEST boolean| setCookie string| cookieName string| cookieValue string| expirationTime object| date number| dateTimeNow function| updateCMPLS boolean| hubspot_live_messages_running object| HubSpotConversations object| _hsq object| globalRoot undefined| hns function| bindToWindowOnError object| leadflows function| OutpostErrorReporter function| _registerAvailablePopup object| _availablePopups boolean| popupPoliceActive undefined| hns2 undefined| jade undefined| I18n undefined| Pikaday undefined| reqwest undefined| exports undefined| define boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN boolean| _hspb_loaded boolean| _hspb_ran object| hsCtasOnReady object| __PRIVATE__HubspotCtaClient object| __hsWebInteractiveInstance boolean| hubspot_web_interactives_running object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| _hstc_ran string| __hsUserToken number| expireDateTime boolean| LEAD_FLOW_DOCUMENT_READY_RAN

16 Cookies

Domain/Path Name / Value
.terranovasecurity.com/ Name: TAsessionID
Value: e904d75e-49c2-44da-8bb1-d1e909d13966|NEW
.terranovasecurity.com/ Name: notice_behavior
Value: expressed,eu
.terranovasecurity.com/ Name: __adroll_fpc
Value: bb08f355c0286366c458d88078c19ccc-1704398199656
.terranovasecurity.com/ Name: __ar_v4
Value: %7CYZJZ3MVNCZDDFHWIXHLWUO%3A20240103%3A1%7CRNNFO6UBZND2PCEUN2KUDQ%3A20240103%3A1
.wistia.com/ Name: _w_session
Value: QI2%2BnvSY6gjBTQ%2B1vwjsV8yqZKKUZgYt4gHhJWjlR2E3owEclTizEESE3pGT6xnPNA41yJsk8G8FvyFNFYd2HDpCwNUWIuqVU1qu1I3sLwxl%2Fl8YzEnyuvWt2UbWXKzib0cfQolLoJ1WmBM83hSwIn5xuWPKimuLXqWkouzafmtpvJvReEmfFK%2FvPDIQvMJUDQLk9ME%2BYH5cp0NQ38Lt28zY%2FupPqi6uaS%2BY4UY2%2BOdOErd%2F%2FoDLf8XWWM7ZnOF%2B1XRUdh%2FMmZ%2Fd6xv3SAocP1rAnvvbuWcMasvJCsaFTLZ0NPdzUIcN9A%3D%3D--4JiZt%2FFHwYHak5pm--T9sIZpVkGwcI7zNSx7KTOA%3D%3D
.doubleclick.net/ Name: IDE
Value: AHWqTUm92vg1qGGQOg9qffDUyKs04sEd7fBd_R0DjwKSVVPh-JMHhONWfz8U8NxMchI
.d.adroll.com/ Name: __adroll
Value: b2ff1df24e1e56289aecbea2d2a7a4ea-g_1704398199-a_1704398199
.adroll.com/ Name: __adroll_shared
Value: b2ff1df24e1e56289aecbea2d2a7a4ea-g_1704398199-a_1704398199
.terranovasecurity.com/ Name: cmp
Value: cmp-0000013358
.terranovasecurity.com/ Name: ls
Value: 717710006
terranovasecurity.com/ Name: __hstc
Value: 76129290.6782e50b38b1a5fa2cd6e239e216661f.1704398201258.1704398201258.1704398201258.1
terranovasecurity.com/ Name: hubspotutk
Value: 6782e50b38b1a5fa2cd6e239e216661f
terranovasecurity.com/ Name: __hssrc
Value: 1
terranovasecurity.com/ Name: __hssc
Value: 76129290.1.1704398201258
.hubspot.com/ Name: __cf_bm
Value: nKIYWIs8rPgI4hu7hpaqeQr.OOObGmiUPRYzm_4stDw-1704398201-1-AXCpBpb6RPBHF3udwGPjMunxO39H6DnwTPYM7sa2JHd1bpaT2+g0e9HCcNFIaM6+WFd50fS6Jb5pVG1baXJKmOM=
.hubspot.com/ Name: _cfuvid
Value: LPYYtLpIY1ZGcFGMAqzYaSjDc91f1A_65IJcpAoF.vg-1704398201472-0-604800000

18 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'navigation-override'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security error URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Message:
Refused to load the image 'https://ipv4.d.adroll.com/seg4/YZJZ3MVNCZDDFHWIXHLWUO/RNNFO6UBZND2PCEUN2KUDQ?adroll_fpc=bb08f355c0286366c458d88078c19ccc-1704398199656&pv=13576817922.274942&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&cookie=&adroll_s_ref=&keyw=&p0=254&adroll_external_data=&adroll_version=2.0' because it violates the following Content Security Policy directive: "default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Message:
Refused to load the image 'https://x.bidswitch.net/sync?dsp_id=44&user_id=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE' because it violates the following Content Security Policy directive: "default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Message:
Refused to load the image 'https://sync.outbrain.com/cookie-sync?p=adroll&uid=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE&gdpr=1&gdpr_consent=&us_privacy=1---' because it violates the following Content Security Policy directive: "default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Message:
Refused to load the image 'https://us-u.openx.net/w/1.0/sd?id=537103138&val=b2ff1df24e1e56289aecbea2d2a7a4ea&gdpr=1&gdpr_consent=' because it violates the following Content Security Policy directive: "default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Message:
Refused to load the image 'https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE&expiration=1735934199' because it violates the following Content Security Policy directive: "default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Message:
Refused to load the image 'https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA' because it violates the following Content Security Policy directive: "default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Message:
Refused to load the image 'https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE&expires=365' because it violates the following Content Security Policy directive: "default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Message:
Refused to load the image 'https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA' because it violates the following Content Security Policy directive: "default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Message:
Refused to load the image 'https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE' because it violates the following Content Security Policy directive: "default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Message:
Refused to load the image 'https://eb2.3lift.com/xuid?mid=4714&xuid=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE&dongle=c85e' because it violates the following Content Security Policy directive: "default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Message:
Refused to load the image 'https://ib.adnxs.com/setuid?entity=172&code=YjJmZjFkZjI0ZTFlNTYyODlhZWNiZWEyZDJhN2E0ZWE' because it violates the following Content Security Policy directive: "default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubspot.com
cdn.jsdelivr.net
cm.g.doubleclick.net
consent-pref.trustarc.com
consent-st.trustarc.com
consent.trustarc.com
cq4wg04.na1.hs-sales-engage.com
cta-service-cms2.hubspot.com
d.adroll.com
distillery.wistia.com
dsum-sec.casalemedia.com
eb2.3lift.com
embed-ssl.wistia.com
fast.wistia.com
fast.wistia.net
fonts.gstatic.com
forms-na1.hsforms.com
forms.hsforms.com
forms.hubspot.com
ib.adnxs.com
image2.pubmatic.com
ipv4.d.adroll.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsforms.net
js.hsleadflows.net
js.hubspot.com
js.usemessages.com
linoma.wistia.com
perf-na1.hsforms.com
pipedream.wistia.com
pixel.rubiconproject.com
s.adroll.com
sync.outbrain.com
sync.taboola.com
terranovasecurity.com
track.hubspot.com
ups.analytics.yahoo.com
us-u.openx.net
www.googletagmanager.com
x.bidswitch.net
dsum-sec.casalemedia.com
eb2.3lift.com
ib.adnxs.com
image2.pubmatic.com
ipv4.d.adroll.com
pixel.rubiconproject.com
sync.outbrain.com
sync.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
x.bidswitch.net
13.227.219.15
142.250.186.130
18.245.86.40
18.66.122.49
18.66.147.9
2600:9000:2090:2a00:1e:c86:4140:93a1
2600:9000:2240:6800:3:471f:5240:93a1
2600:9000:2644:f800:6:9280:1080:93a1
2606:4700:20::681a:e15
2606:4700:4400::6812:265b
2606:4700:4400::ac40:991b
2606:4700::6810:50ba
2606:4700::6810:5614
2606:4700::6810:8bce
2606:4700::6810:bd59
2606:4700::6811:eff9
2606:4700::6811:f9a8
2606:4700::6812:7d0c
2606:4700::6812:c07d
2606:4700::6813:9a53
2a00:1450:4001:802::2008
2a00:1450:4001:82f::2003
2a04:4e42:400::644
2a04:4e42::644
2a05:d018:cc3:fe04:410e:c7a0:1d47:ccc0
52.222.174.4
03c8eac6dc0268b8df109b565589ed8e3336faac8688c775b842e10c20b44a91
03e94e0bf26854c84af27e8d35f0802ed296a20e53930a321fb5eed3ad296bac
08f09e95e50ae9c0181382558ff935903a7b273b4a8e5006788e85ae1c72c7c6
093d12d8b3568fe7d205eab6a5ceb766772d6018aebe44d3e16f9e85fb7ab68e
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7
0e59f8184388cbf7873147d14016ebf88a7f73feb7802e9fe764aa6dedc2809c
110d161aa5999066042d12f7cd25b37043af32363e703125ccb5d03f0f27fa60
14103b64df9857f9f7ad1f02efaafba97ce4772e8d8b448857de69c3537c338d
176f46d1332bd15e158ba501961d4614a40522c0b622bc981036251478694812
1cfea9c2560f92f921901138514a6bef5370b77a265a62151e446d3f50140a9b
236da1e279970d72ab0f28a2d9c9fde03100674452adabd32466c72f0890bfbc
2445c90e6572ef480b5559f6a4f1e0f6535ea625557d26887bfe3291c6b5abd2
25c864ad288d5841dd1aad9d4c2dd46d1e220690f11addf034e937fa59717a09
2947b7c9d5a0b64a03dc4e7740d819db8d6ce3203a0a056a05c7f456cffc7cd3
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e84ecd347be77f89dc47b2723f3afc033454ee36376d36c6661285044184da8
365c4e4e15bb05abb8135ba921b7ff58c93459e1b8eda9e1835c13ba7ecec1b4
38ecab22c16bef44fbe268de3e168ead209d46f9e281316ba81774aab345b283
39a1a1948bd1639798e87cd62a7375f5c0393ea7f2b76f3137db58b8817cd873
41fb8d5a1d31b2c1414f677d1e6e5b6dc0163818018b5a0c1a094ca8ac3064c8
4fca34a1d103c87bde6d04f07d32de7782349258552ddef90c50f1bb2991386b
554008a2a8ed087640afa2529308c94093037068345160b2e5cf5fede0ef2cf0
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
582312671c1cec4e87573ea6184203bb18c3a7041185b6a36cca3e7c27eb6fa5
5ce2638addfb0f00f88b2a05d5d420c535045d0d52d30ec9d278242858142e30
69acca11059cff03689fc1ef78f725332a3422ded420aa165bb542366a0b9a1d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cce1bef48b3bf7fd4bfdd0cad214e7aff14758b79cbef56537fbc9bbf7dddc7
6e0d470104f610a02906d357b9af5a66c05c3801685bd5d4a9952bc98b53c73d
714033706d3272019efabd4624a61b9f925a1daf38615770b734564600ca637d
7995c4b19f502f2b0c054be39a830264fedc1f95fe0729d2c29e64b80f9ed666
7a9f6a58f9aaba20d1750334fea4fd50593ed00d75e2a1aa3e99b3c5195e52cf
7c2fce837c4e93ce939702c1b7cef4e62449752fb52e68ee18ac98a1b7d6a65b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f182f8fbdc4cd17081daa0a46247e301f597cf0612741b51d5d1649552c918d
8007583d9447b0cdcc4f56931c615aace3a71b19702231bcfb16e4ecab02b265
82ca468f0d48287ddaa8795313ba57708377842b6e077d12884b9c2bcc51a8f5
834f4a8ed701a07d7dd0d703326e3c9ce6ce422e55b1f218b5a57e221c2e4773
85d0155fde780562199bb733cb6a02ad9dbcaabb99b3c5f134499e11fc0cfbac
89fe9807b5b69624828758b65407a46f6c42d6b79abfcca367bf4272ad2cacf3
8ced9fbf86e42c644ddeee02369670ae0f53f29c14329995ce7fa2c4990f1944
8d8d5dc8bc1a7fd19740f0b72b44c0054d53a693d9887f01b2b50924dc74ef7f
8f1204818d886023bc6c9bf15eb8827ffe983fe3f48a3784ac52fda86ec0083c
8f4a6fb3381557f58b402871de7c549a784aaffc6b4306825570c4013c406c01
91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9656ad402c10804897cfd58fee892be22aa9c10ac8769138a98ee27540854d8b
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9f565b4cdf200b503b4c09d2e4644a1fbec24230e60b873ab7e09ae969a6fc1b
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
a0b30d7ecdbc56de8f3ef9f404cd481241eefd0daaa4937318047ed424291702
a28e78252c69fe759fd8c215e2eac722008dae2a068e7d8c10453cda665f913f
a774b19d5173d81cf31cc63eff99b6ee8d9dd29651acfb93efa45f88459421dc
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
b0a2315923c48fc1d0652efb581b8db4bae0432b2823ce24ca77a211299cde10
b34f05d8cd3bc698b56928416781411e49f1e2ca730f860406581dd8cec8fbfa
b49a5d05ca41478b31f51cc2539a75937c3f921540aa90116a8f609e094d1811
b5ba900cd5cf929170a2faa841b526060c9004467d21a16a8ae044bd340b60b9
bc2e1c7db0ffa63e5333bc3771c96bf5c5d704332d79dfcfbff8bc16187b1abf
bf8b177dd324a72d23a77126badfdc81f18b7a59c7f7c4ba1e9f3c96a71fd531
c0a1a7a0d6b82f94681ec87a0051ca2bd3648cb19ba253212c657c054db101d1
c1e92a1c5827b02b976fdd931b13ee9f09d45d31db0edbaadf03ca82b96e9a5a
c339c3965ea8715fb47e9087f632ceff2769a8c41ea49098ae02a02394aa46ea
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d1feb1702e51b432160dcfb04b2c55eb6822cc0d77f13a0273f41d60d96d6853
d3707b6549f3877b7397dd6b4b168742deaccaf321dc930704c1843228fba2a4
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dda19c1e412eb233a8fe7a0d9033b45f658865683a90b8a860b8e1700d845475
ddb3630a75fbd3d11638406782bc5794dc9b688e6d507687ac32ec0d1dcf98b8
dee0df4033fccdefe604c08abcabfcb051cd399297a062bf06bd7e31f81ffb16
e396c79b7c0d5a855f996af8807bdf7318a87f7d4a198fa08a2c65e5cfa34330
e77f52c3131e3936d83ccf8fb84ce87650d8f064d48cfcada725096a5b2286b3
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1846f7f9ed8915e7c3c7741661a7e58fbfa5faf95070c18fcc70333542bce6e
f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880
f20e3068b2556a765a281d38b6fca12aed826607acea90394947a5640bb1ff55
f60fef6529a81a918a89aeb56613e47bf51742e811700402c178f354ddd73368
fd63ae3c4d40439c3256053ca79e4c5e2ff7cc82c2a0e268e2907af6948fed38
fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf
fe6b0268fa234e4e2daef6e97043f6e1bd5715563c15b168f8cd2b1275b0044e
fec53f3fd3b50e7f54ccacbf78dfa1f396c232763889637eac1e43301c238601