urlscan.io logo urlscan.io
SecurityTrails logo

emailsecurity.fortra.com Open in urlscan Pro
2606:4700::6812:15a5  Public Scan

Go To Rescan Add Verdict Report
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Submission: On December 04 via api from TR — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 48 IPs in 1 countries across 29 domains to perform 162 HTTP transactions. The main IP is 2606:4700::6812:15a5, located in United States and belongs to CLOUDFLARENET, US. The main domain is emailsecurity.fortra.com.
TLS certificate: Issued by WE1 on October 14th 2024. Valid for: 3 months.
This is the only time emailsecurity.fortra.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
40 2606:4700::68... 13335 (CLOUDFLAR...)
4 3.171.85.62 16509 (AMAZON-02)
2 2600:9000:27c... 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
10 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 3.171.85.26 16509 (AMAZON-02)
1 18.160.41.112 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.48.203.166 20940 (AKAMAI-AS...)
1 18.160.18.4 16509 (AMAZON-02)
6 34.96.102.137 396982 (GOOGLE-CL...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 3.167.56.26 16509 (AMAZON-02)
1 68.67.160.186 29990 (ASN-APPNEX)
10 23.48.203.49 20940 (AKAMAI-AS...)
1 2600:1408:ec0... 20940 (AKAMAI-AS...)
2 75.2.108.141 16509 (AMAZON-02)
1 18.160.46.48 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 3.171.76.19 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 18.160.18.33 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
20 37.19.207.34 60068 (CDN77 Dat...)
3 2606:4700:310... 13335 (CLOUDFLAR...)
3 2001:4860:480... 15169 (GOOGLE)
1 5 2600:9000:26c... 16509 (AMAZON-02)
2 2600:1408:c40... 20940 (AKAMAI-AS...)
4 6 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
2 2600:1f18:61c... 14618 (AMAZON-AES)
1 2600:1f18:61c... 14618 (AMAZON-AES)
1 98.85.23.175 14618 (AMAZON-AES)
1 2600:1f18:61c... 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
162 48
40    2606:4700::6812:15a5 (United States)

ASN13335 (CLOUDFLARENET, US)
emailsecurity.fortra.com
4    3.171.85.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-171-85-62.iad89.r.cloudfront.net
consent.trustarc.com
2    2600:9000:27c2:4800:4:d683:27c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.fortra.com
2    2606:4700:10::6816:47c5 (United States)

ASN13335 (CLOUDFLARENET, US)
static.addtoany.com
1    2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2607:f8b0:4004:c09::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2607:f8b0:4004:c17::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
10    2607:f8b0:4004:c21::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:10::6816:46c5 (United States)

ASN13335 (CLOUDFLARENET, US)
static.addtoany.com
1    3.171.85.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-171-85-26.iad89.r.cloudfront.net
consent.trustarc.com
1    18.160.41.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-41-112.iad55.r.cloudfront.net
static.hotjar.com
2    2606:4700::6812:1eb0 (United States)

ASN13335 (CLOUDFLARENET, US)
tracking.g2crowd.com
1    2606:4700::6810:8cd1 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    23.48.203.166 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-48-203-166.deploy.static.akamaitechnologies.com
j.6sc.co
1    18.160.18.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-4.iad12.r.cloudfront.net
js.driftt.com
6    34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
1    2606:4700:4400::ac40:9310 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6812:8d11 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsleadflows.net
5    2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hubspot.com
api.hubspot.com
cta-service-cms2.hubspot.com
forms.hubspot.com
1    2606:4700::6810:4c8e (United States)

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
1    2606:4700::6810:a0a8 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    3.167.56.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-56-26.iad61.r.cloudfront.net
script.hotjar.com
1    68.67.160.186 (Colonia, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
10    23.48.203.49 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-48-203-49.deploy.static.akamaitechnologies.com
c.6sc.co
b.6sc.co
1    2600:1408:ec00:c::1730:cb8e (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
ipv6.6sc.co
2    75.2.108.141 (United States)

ASN16509 (AMAZON-02, US)
PTR: afe865822f884bb48.awsglobalaccelerator.com
eps.6sc.co
1    18.160.46.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-46-48.iad55.r.cloudfront.net
vc.hotjar.io
2    2607:f8b0:4004:c1d::6a (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2607:f8b0:4004:c09::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2607:f8b0:4004:c1b::9a (Washington, United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
2    3.171.76.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-171-76-19.iad89.r.cloudfront.net
v.eps.6sc.co
1    2606:4700::6813:afbc (United States)

ASN13335 (CLOUDFLARENET, US)
perf-na1.hsforms.com
2    18.160.18.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-33.iad12.r.cloudfront.net
js.driftt.com
1    2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
20    37.19.207.34 (Ashburn, United States)

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: 37-19-207-34.bunnyinfra.net
a.omappapi.com
3    2606:4700:3108::ac42:2908 (United States)

ASN13335 (CLOUDFLARENET, US)
api.omappapi.com
z.omappapi.com
3    2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2600:9000:26c1:ec00:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.adroll.com
2    2600:1408:c400:5::17c7:3716 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
snap.licdn.com
6    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
2    2600:1f18:61c0:2205:590a:48c9:2cc8:5c9c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
d.adroll.com
1    2600:1f18:61c0:220a:a875:536d:6ba9:cccb (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
x.adroll.com
1    98.85.23.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-85-23-175.compute-1.amazonaws.com
ipv4.d.adroll.com
1    2600:1f18:61c0:2208:b8ef:d7f3:6816:21b1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
x.adroll.com
1    2607:f8b0:4004:c21::9a (Washington, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
42 fortra.com
emailsecurity.fortra.com
static.fortra.com — Cisco Umbrella Rank: 459004
2 MB
23 omappapi.com
a.omappapi.com — Cisco Umbrella Rank: 6331
api.omappapi.com — Cisco Umbrella Rank: 6333
z.omappapi.com — Cisco Umbrella Rank: 14573
96 KB
16 6sc.co
j.6sc.co — Cisco Umbrella Rank: 5557
c.6sc.co — Cisco Umbrella Rank: 6739
ipv6.6sc.co — Cisco Umbrella Rank: 5633
eps.6sc.co — Cisco Umbrella Rank: 9024
b.6sc.co — Cisco Umbrella Rank: 3603
v.eps.6sc.co — Cisco Umbrella Rank: 16220
23 KB
10 adroll.com
s.adroll.com — Cisco Umbrella Rank: 3645
d.adroll.com — Cisco Umbrella Rank: 1673
x.adroll.com — Cisco Umbrella Rank: 3549
ipv4.d.adroll.com — Cisco Umbrella Rank: 12775
35 KB
10 gstatic.com
fonts.gstatic.com
113 KB
7 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 333
www.linkedin.com — Cisco Umbrella Rank: 676
px4.ads.linkedin.com — Cisco Umbrella Rank: 7032
4 KB
6 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
td.doubleclick.net — Cisco Umbrella Rank: 182
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
3 KB
6 hubspot.com
js.hubspot.com — Cisco Umbrella Rank: 3653
api.hubspot.com — Cisco Umbrella Rank: 5268
cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 3677
track.hubspot.com — Cisco Umbrella Rank: 2477
forms.hubspot.com — Cisco Umbrella Rank: 6196
29 KB
6 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 3020
84 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
460 KB
5 trustarc.com
consent.trustarc.com — Cisco Umbrella Rank: 3570
40 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 3
analytics.google.com — Cisco Umbrella Rank: 142
64 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
22 KB
3 driftt.com
js.driftt.com — Cisco Umbrella Rank: 7118
62 KB
3 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 4382
28 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 831
15 KB
2 g2crowd.com
tracking.g2crowd.com — Cisco Umbrella Rank: 8407
2 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 888
script.hotjar.com — Cisco Umbrella Rank: 1185
61 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
3 KB
1 hsforms.com
perf-na1.hsforms.com — Cisco Umbrella Rank: 3819
957 B
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 3181
232 B
1 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 495
707 B
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2358
27 KB
1 usemessages.com
js.usemessages.com — Cisco Umbrella Rank: 5194
27 KB
1 hsleadflows.net
js.hsleadflows.net — Cisco Umbrella Rank: 5955
92 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2343
27 KB
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2580
1 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 617
7 KB
0 adsrvr.org Failed
match.adsrvr.org Failed
162 29
Domain Requested by
40 emailsecurity.fortra.com emailsecurity.fortra.com
static.cloudflareinsights.com
20 a.omappapi.com emailsecurity.fortra.com
a.omappapi.com
10 fonts.gstatic.com fonts.googleapis.com
9 b.6sc.co emailsecurity.fortra.com
6 dev.visualwebsiteoptimizer.com emailsecurity.fortra.com
5 px.ads.linkedin.com 3 redirects snap.licdn.com
5 s.adroll.com 1 redirects www.googletagmanager.com
s.adroll.com
5 www.googletagmanager.com emailsecurity.fortra.com
www.googletagmanager.com
5 consent.trustarc.com emailsecurity.fortra.com
consent.trustarc.com
3 www.google-analytics.com a.omappapi.com
www.google-analytics.com
3 td.doubleclick.net www.googletagmanager.com
3 js.driftt.com emailsecurity.fortra.com
js.driftt.com
3 static.addtoany.com emailsecurity.fortra.com
static.addtoany.com
2 x.adroll.com s.adroll.com
2 d.adroll.com s.adroll.com
2 snap.licdn.com www.googletagmanager.com
snap.licdn.com
2 api.omappapi.com a.omappapi.com
2 v.eps.6sc.co j.6sc.co
2 stats.g.doubleclick.net www.googletagmanager.com
2 analytics.google.com www.googletagmanager.com
2 www.google.com www.googletagmanager.com
2 api.hubspot.com js.usemessages.com
2 eps.6sc.co j.6sc.co
2 tracking.g2crowd.com emailsecurity.fortra.com
tracking.g2crowd.com
2 fonts.googleapis.com emailsecurity.fortra.com
a.omappapi.com
2 static.fortra.com emailsecurity.fortra.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 ipv4.d.adroll.com
1 px4.ads.linkedin.com
1 www.linkedin.com 1 redirects
1 z.omappapi.com a.omappapi.com
1 forms.hubspot.com js.hsleadflows.net
1 track.hubspot.com
1 perf-na1.hsforms.com emailsecurity.fortra.com
1 cta-service-cms2.hubspot.com js.hubspot.com
1 vc.hotjar.io script.hotjar.com
1 ipv6.6sc.co j.6sc.co
1 c.6sc.co j.6sc.co
1 secure.adnxs.com j.6sc.co
1 script.hotjar.com static.hotjar.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.usemessages.com js.hs-scripts.com
1 js.hubspot.com js.hs-scripts.com
1 js.hsleadflows.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 j.6sc.co emailsecurity.fortra.com
1 js.hs-scripts.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 static.cloudflareinsights.com emailsecurity.fortra.com
0 match.adsrvr.org Failed
162 50
Subject Issuer Validity Valid
emailsecurity.fortra.com
WE1		 2024-10-14 -
2025-01-12		 3 months crt.sh
*.trustarc.com
Amazon RSA 2048 M02		 2024-03-16 -
2025-04-14		 a year crt.sh
static.fortra.com
Amazon RSA 2048 M03		 2024-08-27 -
2025-09-25		 a year crt.sh
static.addtoany.com
WE1		 2024-11-03 -
2025-02-01		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-11-01 -
2025-01-30		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
g2crowd.com
WE1		 2024-10-19 -
2025-01-17		 3 months crt.sh
hs-scripts.com
WE1		 2024-11-24 -
2025-02-22		 3 months crt.sh
6sc.co
R10		 2024-09-23 -
2024-12-22		 3 months crt.sh
drift.com
Amazon RSA 2048 M03		 2024-07-30 -
2025-08-27		 a year crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2024-06-29 -
2025-07-31		 a year crt.sh
hs-banner.com
WE1		 2024-11-22 -
2025-02-20		 3 months crt.sh
hsleadflows.net
WE1		 2024-11-27 -
2025-02-25		 3 months crt.sh
hubspot.com
WE1		 2024-12-01 -
2025-03-01		 3 months crt.sh
usemessages.com
WE1		 2024-10-06 -
2025-01-04		 3 months crt.sh
hs-analytics.net
WE1		 2024-10-07 -
2025-01-05		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
eps.6sc.co
Amazon RSA 2048 M03		 2024-08-27 -
2025-09-25		 a year crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2024-02-07 -
2025-03-08		 a year crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
v.eps.6sc.co
Amazon RSA 2048 M03		 2024-09-06 -
2025-10-05		 a year crt.sh
hsforms.com
WE1		 2024-10-10 -
2025-01-08		 3 months crt.sh
a.omappapi.com
R10		 2024-11-05 -
2025-02-03		 3 months crt.sh
omappapi.com
WE1		 2024-10-12 -
2025-01-10		 3 months crt.sh
s.adroll.com
Amazon RSA 2048 M02		 2024-05-03 -
2025-06-01		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2024-12-02 -
2025-12-01		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2024-10-14 -
2025-04-14		 6 months crt.sh
d.adroll.com
Amazon RSA 2048 M03		 2024-09-08 -
2025-10-07		 a year crt.sh
*.adroll.com
Amazon RSA 2048 M02		 2024-07-03 -
2025-07-31		 a year crt.sh

This page contains 10 frames:

Primary Page: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Frame ID: 2356FABBBA14F600CC517B57AFCD9B10
Requests: 150 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.25.html
Frame ID: EC86E726F132789B53DBC239901D1BD1
Requests: 1 HTTP requests in this frame

Frame: https://consent.trustarc.com/get?name=crossdomain.html&domain=helpsystems.com
Frame ID: D37D855AB0D7E4CBF7FA754724DD22DD
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-TGW7SE44X4&gacid=1675000885.1733278505&gtm=45je4bk0v9186916704z86702304za200zb6702304&dma=0&gcs=G111&gcd=13t3t3t3t5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485&z=2067292795
Frame ID: 20F1B3B496BFB9802B43687716F20D31
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-NHMHGJWX49&gacid=1675000885.1733278505&gtm=45je4bk0v9134213712z86702304za200zb6702304&dma=0&gcs=G111&gcd=13t3t3t3t5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485&z=121321010
Frame ID: 711166CAA2CE18183696207C1C4E334E
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Femailsecurity.fortra.com
Frame ID: 94B11392D0F419DF403253BCC0FEC188
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=vabs9hx29dzm&eId=vabs9hx29dzm&region=US&forceShow=false&skipCampaigns=false&sessionId=bff0126b-aa2b-43fd-86f1-63f61c127b5e&sessionStarted=1733278505.35&campaignRefreshToken=29049050-6680-4a70-83f8-5feb463cd38c&hideController=false&pageLoadStartTime=1733278503562&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Frame ID: C8391AB64F408AF0A59E5FFE3E7C0CD3
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1733278503562
Frame ID: C3D1FCF52D2D5F789FA909E94B573E99
Requests: 1 HTTP requests in this frame

Frame: https://x.adroll.com/pxl/iframe_content.html?adroll_fpc=2c56fdc58e8ee9d4a9cf9ebe21d5c373-1733278508498&flg=1&pv=69823632740.85115&arrfrr=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&advertisable=4CHMHK3NYBBNPE45SZI7J7
Frame ID: 2EF90CD3F4E018B35E2BCB84DDD31F32
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/988686924?random=1733278508084&cv=11&fst=1733278508084&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9173652615z86702304za201zb6702304&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&hn=www.googleadservices.com&frm=0&tiba=Cloudflare%E2%80%99s%20pages.dev%20and%20workers.dev%20Domains%20Increasingly%20Abused%20for&did=dNTIxZG&gdid=dNTIxZG&npa=0&pscdl=noapi&auid=1587506684.1733278505&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse
Frame ID: 5C3C40081C7F14C7ABC1CF31EBF88FB7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cloudflare’s pages.dev and workers.dev Domains Increasingly Abused for

Detected technologies

Overall confidence: 100%
Detected patterns
  • drupal\.js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • addtoany\.com/menu/page\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • consent\.trustarc\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

162
Requests

98 %
HTTPS

66 %
IPv6

29
Domains

50
Subdomains

48
IPs

1
Countries

3516 kB
Transfer

7104 kB
Size

53
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 144
  • https://s.adroll.com/j/pre/4CHMHK3NYBBNPE45SZI7J7/WEZOG7LIMRH2FGLFDLOTEJ/fpconsent.js HTTP 302
  • https://s.adroll.com/j/pre/index.js
Request Chain 148
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4847249&time=1733278508101&li_adsId=45072aef-f294-45f0-b29d-a4006a0e34ea&url=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&tm=gtmv2 HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4847249&time=1733278508101&li_adsId=45072aef-f294-45f0-b29d-a4006a0e34ea&url=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&tm=gtmv2&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4847249%26time%3D1733278508101%26li_adsId%3D45072aef-f294-45f0-b29d-a4006a0e34ea%26url%3Dhttps%253A%252F%252Femailsecurity.fortra.com%252Fblog%252Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4847249&time=1733278508101&li_adsId=45072aef-f294-45f0-b29d-a4006a0e34ea&url=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4847249&time=1733278508101&li_adsId=45072aef-f294-45f0-b29d-a4006a0e34ea&url=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQIkUPk_cuewxQAAAZOPcyaz2CFXx-nzkpqt-8y5Ca_9T4GWD9tq4dsU0zS5dOOc-EqWkKvf_bk
Request Chain 158
  • https://d.adroll.com/cm/experian/out?adroll_fpc=2c56fdc58e8ee9d4a9cf9ebe21d5c373-1733278508498&flg=1&pv=69823632740.85115&arrfrr=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&advertisable=4CHMHK3NYBBNPE45SZI7J7 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3521&partner_device_id=YTdhMDk1NWQ5NzE2NDc5NTU5ZGRlZTRkYWIwY2RmZTU&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3521&partner_device_id=YTdhMDk1NWQ5NzE2NDc5NTU5ZGRlZTRkYWIwY2RmZTU&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=902af7c2-9c6b-441a-af73-002e125a8a32%252C%252C&gdpr=0&gdpr_consent=

162 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
emailsecurity.fortra.com/blog/ 		71 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc7c43259a284773cef1587cebed859f46dd0fddfde5cc84d16cc68b07255c48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
663
cache-control
max-age=3600, public
cf-cache-status
DYNAMIC
cf-ray
8ec84956aee30f37-EWR
content-encoding
br
content-language
en
content-type
text/html; charset=UTF-8
date
Wed, 04 Dec 2024 02:15:03 GMT
expires
Sun, 19 Nov 1978 05:00:00 GMT
last-modified
Wed, 04 Dec 2024 02:03:58 GMT
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC"
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding, Cookie, Cookie, Cookie
via
1.1 varnish, 1.1 varnish
x-cache
HIT, MISS
x-cache-hits
11, 0
x-content-type-options
nosniff
x-drupal-cache
MISS
x-drupal-dynamic-cache
MISS
x-frame-options
SAMEORIGIN
x-generator
Drupal 10 (https://www.drupal.org)
x-pantheon-styx-hostname
styx-fe4-a-b7cd879c4-gcpzc
x-served-by
cache-chi-kigq8000048-CHI, cache-lga21964-LGA
x-styx-req-id
063d1bad-b1e4-11ef-87ad-aeaabe57903c
x-timer
S1733278504.508961,VS0,VE27
security_landscape.png
emailsecurity.fortra.com/themes/custom/fortra_parent_2022/images/ 		158 KB
158 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emailsecurity.fortra.com/themes/custom/fortra_parent_2022/images/security_landscape.png
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81984ce57cf65fec51c4961c73ece1fb00b1c570de24ef0616785852d45cacfb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing

Response headers

x-pantheon-styx-hostname
styx-fe4-b-c88f69558-l954x
cf-cache-status
DYNAMIC
etag
"674f7b9f-277d4"
age
15283
expires
Thu, 04 Dec 2025 22:00:20 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:03 GMT
content-type
image/png
last-modified
Tue, 03 Dec 2024 21:43:59 GMT
x-served-by
cache-chi-kigq8000071-CHI, cache-lga21941-LGA
x-cache-hits
1, 0
cache-control
max-age=31622400
x-timer
S1733278504.627664,VS0,VE6
x-styx-req-id
fd33d7be-b1c1-11ef-ab70-7227c019fed8
via
1.1 varnish, 1.1 varnish
cf-ray
8ec849577f8c0f37-EWR
accept-ranges
bytes
content-length
161748
server
cloudflare
css_2SvNqO8vI31q392xXhQO5hJJbhMAePMhYPDwaC4Zi3s.css
emailsecurity.fortra.com/sites/default/files/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://emailsecurity.fortra.com/sites/default/files/css/css_2SvNqO8vI31q392xXhQO5hJJbhMAePMhYPDwaC4Zi3s.css?delta=0&language=en&theme=emailsecurity&include=eJxlj1uOwyAMRTfEhFE2hAy4xBrAyDaaZvdF6ker5Pfch30PDWmqcQuxcvpTf1yA-wD7pxLwadiVuH9bL4rTUw2bj6DoHiwmEAYIdgv77777UjlC_VE7K_XiIrPp8owQQYT4qmMDqoppCtl5FVcvlJU91GeZA-r2IdvsY8ZKemB2DTOBf1A1lC3BsPXp_XTnjHcaBSEnmS26iLYK1tjBijm8-9QX7ChQ79E1v70AoKaN_A
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2cce703727df24c2620843ecdf23acd64a4f96c67622267be00dc2dc68d595d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing

Response headers

x-pantheon-styx-hostname
styx-fe4-a-b7cd879c4-5cs89
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"674f7f8c-18a3"
age
14847
expires
Thu, 04 Dec 2025 22:07:37 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:03 GMT
content-type
text/css
last-modified
Tue, 03 Dec 2024 22:00:44 GMT
x-served-by
cache-chi-klot8100164-CHI, cache-lga21941-LGA
x-cache-hits
21, 0
vary
Accept-Encoding
cache-control
max-age=31622400
x-timer
S1733278504.609607,VS0,VE5
x-styx-req-id
0149742c-b1c3-11ef-b277-728b5b4f94f1
via
1.1 varnish, 1.1 varnish
cf-ray
8ec849576f7f0f37-EWR
accept-ranges
bytes
content-length
2128
server
cloudflare
css_OEKK2QQsKB--M4x7PhccHeqpKalb1rKS9H4Fp70-l0k.css
emailsecurity.fortra.com/sites/default/files/css/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://emailsecurity.fortra.com/sites/default/files/css/css_OEKK2QQsKB--M4x7PhccHeqpKalb1rKS9H4Fp70-l0k.css?delta=1&language=en&theme=emailsecurity&include=eJxlj1uOwyAMRTfEhFE2hAy4xBrAyDaaZvdF6ker5Pfch30PDWmqcQuxcvpTf1yA-wD7pxLwadiVuH9bL4rTUw2bj6DoHiwmEAYIdgv77777UjlC_VE7K_XiIrPp8owQQYT4qmMDqoppCtl5FVcvlJU91GeZA-r2IdvsY8ZKemB2DTOBf1A1lC3BsPXp_XTnjHcaBSEnmS26iLYK1tjBijm8-9QX7ChQ79E1v70AoKaN_A
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f1f00c1b8869d8ca4d4e65c1a75fd26511d67885c84ae7916f1f8e7e77dc6a7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing

Response headers

x-pantheon-styx-hostname
styx-fe4-a-b7cd879c4-xsrcw
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"674f7f8c-46c3"
age
14847
expires
Thu, 04 Dec 2025 22:07:37 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:03 GMT
content-type
text/css
last-modified
Tue, 03 Dec 2024 22:00:44 GMT
x-served-by
cache-chi-klot8100071-CHI, cache-lga21955-LGA
x-cache-hits
19, 0
vary
Accept-Encoding
cache-control
max-age=31622400
x-timer
S1733278504.614720,VS0,VE11
x-styx-req-id
01517399-b1c3-11ef-aefa-f6794f8aacfa
via
1.1 varnish, 1.1 varnish
cf-ray
8ec849576f800f37-EWR
accept-ranges
bytes
content-length
5292
server
cloudflare
css_j76I0UdA2_dmk-wCsE6NYWVsvxDbdL4PFlY31qoBvxk.css
emailsecurity.fortra.com/sites/default/files/css/ 		727 KB
140 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://emailsecurity.fortra.com/sites/default/files/css/css_j76I0UdA2_dmk-wCsE6NYWVsvxDbdL4PFlY31qoBvxk.css?delta=3&language=en&theme=emailsecurity&include=eJxlj1uOwyAMRTfEhFE2hAy4xBrAyDaaZvdF6ker5Pfch30PDWmqcQuxcvpTf1yA-wD7pxLwadiVuH9bL4rTUw2bj6DoHiwmEAYIdgv77777UjlC_VE7K_XiIrPp8owQQYT4qmMDqoppCtl5FVcvlJU91GeZA-r2IdvsY8ZKemB2DTOBf1A1lC3BsPXp_XTnjHcaBSEnmS26iLYK1tjBijm8-9QX7ChQ79E1v70AoKaN_A
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66d9f819046ced8beccd45efdc8a923329173d27747c01aefd6b8de89b84c53a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing

Response headers

x-pantheon-styx-hostname
styx-fe4-b-c88f69558-wc9jw
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"674f7f75-b5c3b"
age
15260
expires
Thu, 04 Dec 2025 22:00:43 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:03 GMT
content-type
text/css
last-modified
Tue, 03 Dec 2024 22:00:21 GMT
x-served-by
cache-chi-klot8100163-CHI, cache-lga21964-LGA
x-cache-hits
0, 0
vary
Accept-Encoding
cache-control
max-age=31622400
x-timer
S1733278504.605055,VS0,VE11
x-styx-req-id
0b0cc496-b1c2-11ef-a0fb-36e8caf771c5
via
1.1 varnish, 1.1 varnish
cf-ray
8ec849576f810f37-EWR
accept-ranges
bytes
content-length
143410
server
cloudflare
notice
consent.trustarc.com/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/notice?domain=helpsystems.com&c=teconsent&js=nj&noticeType=bb&gtm=1&text=true&pn=2&cookieLink=https://www.helpsystems.com/cookie-policy&privacypolicylink=https://www.helpsystems.com/privacy-policy
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.85.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-85-62.iad89.r.cloudfront.net
Software
/
Resource Hash
c26f9b1c07124af49c54679fd7ceea0a9adffe24dd36b53df650eddfde35446a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://emailsecurity.fortra.com
Referer
https://emailsecurity.fortra.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=3600
access-control-expose-headers
*
content-encoding
gzip
age
3268
via
1.1 8050c5b4863c56ab9f53d7e4db71f5ec.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-id
lbkRsr5aUgvc2Iy_iEKFJ9p3poVFvd_DtlHKafgxWSgR3fatT-lZ1Q==
date
Wed, 04 Dec 2024 01:20:36 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
x-amz-cf-pop
IAD89-P3
fortra-logo-full.svg
static.fortra.com/fortra-global-assets/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.fortra.com/fortra-global-assets/fortra-logo-full.svg?l=1794804249
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:27c2:4800:4:d683:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd734ba3e15301099dcc5c397caf3c65a83de25ecf7d5f78d1c7849b824e5fff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

content-encoding
gzip
x-amz-version-id
4WWw9.foC6HagcaJQqvH3odEO1Dw_1P3
etag
W/"4ac7a86c0a175061e8d720ffc640c014"
age
30
x-cache
Hit from cloudfront
x-amz-cf-id
e44o0DjsnB6v6HY85PkaMAHAQmO-9FLCS_6x_LDqGB5SJLUBy88bKg==
date
Wed, 04 Dec 2024 02:14:34 GMT
content-type
image/svg+xml
vary
accept-encoding
last-modified
Thu, 30 May 2024 20:25:08 GMT
x-amz-id-2
LDqOBXrzXyF1vrKaAcZRq/SSi8sQiuHITsWxPUubgNi9sZ/p8rEUxxcOpxx2dxJgjq5WFVp+cG4=
via
1.1 0431e23c0344851eeb0c8f1f10c6edc4.cloudfront.net (CloudFront)
x-amz-request-id
1AAWWF5EZBWG7KKH
x-amz-cf-pop
IAD61-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
fortra-logo-small.svg
static.fortra.com/fortra-global-assets/ 		923 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.fortra.com/fortra-global-assets/fortra-logo-small.svg?l=927834964
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:27c2:4800:4:d683:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
90bd0cf0a38f1a8bc611c41efeebf569d1de1b5cb3100a8727122c590e018675

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

x-amz-version-id
sDkTwiADsb7o1pbS9An_i3cfnlzeXIyA
etag
"332edc5730861cdd5763b00d19388299"
age
3158
x-cache
Hit from cloudfront
x-amz-cf-id
XkHMH2L8wNnD6NmKPul6Pgcx6ltq3SuEl__dPuFpE_dgm3qz5eW0Dg==
date
Wed, 04 Dec 2024 01:22:26 GMT
content-type
image/svg+xml
vary
accept-encoding
last-modified
Thu, 16 Nov 2023 17:28:56 GMT
x-amz-id-2
cjFk3iLk3BIha26WEFPdE4etOxvy/o3E+8UTm6qNErvt9d2rZmmmbeRiIdj7YIv/Vmi6MxG18cE=
via
1.1 0431e23c0344851eeb0c8f1f10c6edc4.cloudfront.net (CloudFront)
x-amz-request-id
ET8ESTNDP80AQ76S
accept-ranges
bytes
content-length
923
x-amz-cf-pop
IAD61-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
fta-email-security-light.svg
emailsecurity.fortra.com/themes/custom/emailsecurity/images/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emailsecurity.fortra.com/themes/custom/emailsecurity/images/fta-email-security-light.svg
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2318db4a3a84a057a2ca511cecb63381022c8c7a5e83a4d74111bf1cc79f241

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing

Response headers

x-pantheon-styx-hostname
styx-fe4-a-b7cd879c4-d5v6p
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"674f7b9e-a16"
age
15282
expires
Thu, 04 Dec 2025 22:00:21 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:04 GMT
content-type
image/svg+xml
last-modified
Tue, 03 Dec 2024 21:43:58 GMT
x-served-by
cache-chi-kigq8000081-CHI, cache-lga21957-LGA
x-cache-hits
6, 0
vary
Accept-Encoding
cache-control
max-age=31622400
x-timer
S1733278504.994342,VS0,VE8
x-styx-req-id
fdd01907-b1c1-11ef-9cae-56bd25f571cb
via
1.1 varnish, 1.1 varnish
cf-ray
8ec84959ba290f37-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
1219
server
cloudflare
frost_radar_email_security_2024.png
emailsecurity.fortra.com/sites/default/files/styles/thumbnail/public/2024-07/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emailsecurity.fortra.com/sites/default/files/styles/thumbnail/public/2024-07/frost_radar_email_security_2024.png?itok=dAd4_37l
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
524a26296a15b30679d9f0582bb7aff5979a33c4129920561f7363e67230f8bf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing

Response headers

x-pantheon-styx-hostname
styx-fe4-b-55f6fb8478-h6rrx
cf-cache-status
DYNAMIC
etag
"66a2ee70-f63"
age
15281
expires
Sun, 27 Jul 2025 00:31:48 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:03 GMT
content-type
image/png
last-modified
Fri, 26 Jul 2024 00:31:44 GMT
x-served-by
cache-chi-kigq8000088-CHI, cache-lga21972-LGA
x-cache-hits
0, 0
cache-control
max-age=31622400
x-timer
S1733278504.617484,VS0,VE6
x-styx-req-id
71e6cf61-4ae6-11ef-8425-36b6e37ab9ad
via
1.1 varnish, 1.1 varnish
cf-ray
8ec849576f830f37-EWR
accept-ranges
bytes
content-length
3939
server
cloudflare
logo.svg
emailsecurity.fortra.com/themes/custom/fortra_parent_2022/images/ 		2 KB
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emailsecurity.fortra.com/themes/custom/fortra_parent_2022/images/logo.svg
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bd4bdc0592b9e477b5705975275206ab14339a7ef422c450fa92ad4983b0a51

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing

Response headers

x-pantheon-styx-hostname
styx-fe4-b-c88f69558-xbvrb
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"674f7b9f-6a3"
age
15281
expires
Thu, 04 Dec 2025 21:46:18 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:03 GMT
content-type
image/svg+xml
last-modified
Tue, 03 Dec 2024 21:43:59 GMT
x-served-by
cache-chi-kigq8000104-CHI, cache-lga21964-LGA
x-cache-hits
1, 0
vary
Accept-Encoding
cache-control
max-age=31622400
x-timer
S1733278504.739324,VS0,VE7
x-styx-req-id
077f4e4e-b1c0-11ef-b2a3-061751e88076
via
1.1 varnish, 1.1 varnish
cf-ray
8ec8495828530f37-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
777
server
cloudflare
email-decode.min.js
emailsecurity.fortra.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
851 B 		Script
General
Check archive.org
Download Go to
Full URL
https://emailsecurity.fortra.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing

Response headers

cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"6740aa56-4d7"
x-content-type-options
nosniff
cf-ray
8ec84958f9460f37-EWR
expires
Fri, 06 Dec 2024 02:15:03 GMT
date
Wed, 04 Dec 2024 02:15:03 GMT
content-type
application/javascript
last-modified
Fri, 22 Nov 2024 15:59:18 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
jquery.min.js
emailsecurity.fortra.com/core/assets/vendor/jquery/ 		85 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://emailsecurity.fortra.com/core/assets/vendor/jquery/jquery.min.js?v=3.7.1
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing

Response headers

x-pantheon-styx-hostname
styx-fe4-b-c88f69558-wc9jw
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"674f7b96-155ed"
age
15283
expires
Thu, 04 Dec 2025 21:47:38 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:03 GMT
content-type
application/x-javascript
last-modified
Tue, 03 Dec 2024 21:43:50 GMT
x-served-by
cache-chi-klot8100108-CHI, cache-lga21972-LGA
x-cache-hits
1, 0
vary
Accept-Encoding
cache-control
max-age=31622400
x-timer
S1733278504.898868,VS0,VE8
x-styx-req-id
36c87fed-b1c0-11ef-a0fb-36e8caf771c5
via
1.1 varnish, 1.1 varnish
cf-ray
8ec8495939910f37-EWR
accept-ranges
bytes
content-length
35430
server
cloudflare
once.min.js
emailsecurity.fortra.com/core/assets/vendor/once/ 		1 KB
938 B 		Script
General
Check archive.org
Download Go to
Full URL
https://emailsecurity.fortra.com/core/assets/vendor/once/once.min.js?v=1.0.1
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d137f9b816994ff3dd240ef04942ebf47c48131c32b0acc640db3065755d496

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing

Response headers

x-pantheon-styx-hostname
styx-fe4-b-c88f69558-2vtcm
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"674f7b96-54d"
age
15283
expires
Thu, 04 Dec 2025 21:46:17 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:03 GMT
content-type
application/x-javascript
last-modified
Tue, 03 Dec 2024 21:43:50 GMT
x-served-by
cache-chi-klot8100036-CHI, cache-lga21955-LGA
x-cache-hits
3, 0
vary
Accept-Encoding
cache-control
max-age=31622400
x-timer
S1733278504.940104,VS0,VE7
x-styx-req-id
066cd14b-b1c0-11ef-8c56-b6782d2fc4e9
via
1.1 varnish, 1.1 varnish
cf-ray
8ec8495989d90f37-EWR
accept-ranges
bytes
content-length
718
server
cloudflare
drupalSettingsLoader.js
emailsecurity.fortra.com/core/misc/ 		691 B
669 B 		Script
General
Check archive.org
Download Go to
Full URL
https://emailsecurity.fortra.com/core/misc/drupalSettingsLoader.js?v=10.3.9
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f47d56f4e42a0fd576ee274454e24c085010b464b849cabe80041c88aaf45363

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing

Response headers

x-pantheon-styx-hostname
styx-fe4-a-b7cd879c4-gcpzc
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"674f7b96-2b3"
age
15283
expires
Thu, 04 Dec 2025 21:46:17 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:03 GMT
content-type
application/x-javascript
last-modified
Tue, 03 Dec 2024 21:43:50 GMT
x-served-by
cache-chi-kigq8000045-CHI, cache-lga21982-LGA
x-cache-hits
3, 0
vary
Accept-Encoding
cache-control
max-age=31622400
x-timer
S1733278504.984109,VS0,VE6
x-styx-req-id
066ac8af-b1c0-11ef-87ad-aeaabe57903c
via
1.1 varnish, 1.1 varnish
cf-ray
8ec84959ba100f37-EWR
accept-ranges
bytes
content-length
392
server
cloudflare
drupal.js
emailsecurity.fortra.com/core/misc/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://emailsecurity.fortra.com/core/misc/drupal.js?v=10.3.9
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ccb66eceb05e6d15ca71a6605ec4e75dbb7d25f97cfe15409204fa2f7e212df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing

Response headers

x-pantheon-styx-hostname
styx-fe4-b-c88f69558-l954x
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"674f7b96-5241"
age
15283
expires
Thu, 04 Dec 2025 21:46:17 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:03 GMT
content-type
application/x-javascript
last-modified
Tue, 03 Dec 2024 21:43:50 GMT
x-served-by
cache-chi-klot8100034-CHI, cache-lga21941-LGA
x-cache-hits
3, 0
vary
Accept-Encoding
cache-control
max-age=31622400
x-timer
S1733278504.977006,VS0,VE5
x-styx-req-id
06731903-b1c0-11ef-ab70-7227c019fed8
via
1.1 varnish, 1.1 varnish
cf-ray
8ec84959ba140f37-EWR
accept-ranges
bytes
content-length
7270
server
cloudflare
drupal.init.js
emailsecurity.fortra.com/core/misc/ 		960 B
699 B 		Script
General
Check archive.org
Download Go to
Full URL
https://emailsecurity.fortra.com/core/misc/drupal.init.js?v=10.3.9
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
923935d813106205b31d3953b21e34a007f32758ec0c3d2ba6dd3dda1f8cf6e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing

Response headers

x-pantheon-styx-hostname
styx-fe4-b-c88f69558-xbvrb
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"674f7b96-3c0"
age
15283
expires
Thu, 04 Dec 2025 21:47:38 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:03 GMT
content-type
application/x-javascript
last-modified
Tue, 03 Dec 2024 21:43:50 GMT
x-served-by
cache-chi-kigq8000065-CHI, cache-lga21947-LGA
x-cache-hits
1, 0
vary
Accept-Encoding
cache-control
max-age=31622400
x-timer
S1733278504.981698,VS0,VE7
x-styx-req-id
36de5243-b1c0-11ef-b2a3-061751e88076
via
1.1 varnish, 1.1 varnish
cf-ray
8ec84959ba150f37-EWR
accept-ranges
bytes
content-length
508
server
cloudflare
page.js
static.addtoany.com/menu/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/page.js
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2471f4232ccca845a9da8b10e5be81e7323faa5891b9715f425661505f183434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"3ae23968c16ec39faa9f97db5ea5195b"
age
50
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dX2zoFQUvPrbYYNR4ZVM1G5MTPSzjtScdhdr6anYMN39QVWdsglclvcNUW1YtyUGQkA5WcmmgfCf9YLK9xAqDz7VBes3Xrw%2B%2FF9j6qqcSaRKrW340a%2BlQ80NWl8Q3%2BIgCDbvEkCG"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 04 Dec 2024 02:15:04 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400, stale-while-revalidate=30, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ec8495a6ea64398-EWR
access-control-allow-origin
*
server
cloudflare
debounce.js
emailsecurity.fortra.com/core/misc/ 		1 KB
945 B 		Script
General
Check archive.org
Download Go to
Full URL
https://emailsecurity.fortra.com/core/misc/debounce.js?v=10.3.9
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08917ce03bf43e31f728f6aa830cd2f8d252e39a8f6d769578f07b500c3eb87f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing

Response headers

x-pantheon-styx-hostname
styx-fe4-b-c88f69558-fk8xl
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"674f7b95-5d0"
age
15283
expires
Thu, 04 Dec 2025 21:47:38 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:03 GMT
content-type
application/x-javascript
last-modified
Tue, 03 Dec 2024 21:43:49 GMT
x-served-by
cache-chi-klot8100123-CHI, cache-lga21964-LGA
x-cache-hits
1, 0
vary
Accept-Encoding
cache-control
max-age=31622400
x-timer
S1733278504.977669,VS0,VE5
x-styx-req-id
36dfd4f3-b1c0-11ef-86ce-9693ffa53620
via
1.1 varnish, 1.1 varnish
cf-ray
8ec84959ba160f37-EWR
accept-ranges
bytes
content-length
697
server
cloudflare
popper.min.js
emailsecurity.fortra.com/themes/custom/fortra_parent_2022/js/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://emailsecurity.fortra.com/themes/custom/fortra_parent_2022/js/popper.min.js?snxufh
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing

Response headers

x-pantheon-styx-hostname
styx-fe4-b-c88f69558-2vtcm
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"674f7b9f-52f1"
age
15284
expires
Thu, 04 Dec 2025 22:00:20 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:03 GMT
content-type
application/x-javascript
last-modified
Tue, 03 Dec 2024 21:43:59 GMT
x-served-by
cache-chi-kigq8000059-CHI, cache-lga21937-LGA
x-cache-hits
6, 0
vary
Accept-Encoding
cache-control
max-age=31622400
x-timer
S1733278504.984715,VS0,VE5
x-styx-req-id
fd4ec91e-b1c1-11ef-8c56-b6782d2fc4e9
via
1.1 varnish, 1.1 varnish
cf-ray
8ec84959ba170f37-EWR
accept-ranges
bytes
content-length
8365
server
cloudflare
accessible-nav.js
emailsecurity.fortra.com/themes/custom/fortra_parent_2022/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://emailsecurity.fortra.com/themes/custom/fortra_parent_2022/js/accessible-nav.js?snxufh
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50be820de886ca2746d2811daadfed53b75332624517ab318585e7eb1bb8ea04

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing

Response headers

x-pantheon-styx-hostname
styx-fe4-b-c88f69558-2vtcm
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"674f7b9f-19ff"
age
15284
expires
Thu, 04 Dec 2025 22:00:21 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:03 GMT
content-type
application/x-javascript
last-modified
Tue, 03 Dec 2024 21:43:59 GMT
x-served-by
cache-chi-kigq8000144-CHI, cache-lga21929-LGA
x-cache-hits
6, 0
vary
Accept-Encoding
cache-control
max-age=31622400
x-timer
S1733278504.986451,VS0,VE7
x-styx-req-id
fd67429c-b1c1-11ef-8c56-b6782d2fc4e9
via
1.1 varnish, 1.1 varnish
cf-ray
8ec84959ba180f37-EWR
accept-ranges
bytes
content-length
2084
server
cloudflare
faqs.js
emailsecurity.fortra.com/themes/custom/fortra_parent_2022/js/ 		1 KB
611 B 		Script
General
Check archive.org
Download Go to
Full URL
https://emailsecurity.fortra.com/themes/custom/fortra_parent_2022/js/faqs.js?snxufh
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d6664321569126983b6dc3cd001887c2a6ad4c6210f2624dbdfb241461d74d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing

Response headers

x-pantheon-styx-hostname
styx-fe4-a-b7cd879c4-xsrcw
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"674f7b9f-41a"
age
15284
expires
Thu, 04 Dec 2025 22:00:21 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:04 GMT
content-type
application/x-javascript
last-modified
Tue, 03 Dec 2024 21:43:59 GMT
x-served-by
cache-chi-kigq8000160-CHI, cache-lga21956-LGA
x-cache-hits
6, 0
vary
Accept-Encoding
cache-control
max-age=31622400
x-timer
S1733278504.990146,VS0,VE72
x-styx-req-id
fd6ce89b-b1c1-11ef-aefa-f6794f8aacfa
via
1.1 varnish, 1.1 varnish
cf-ray
8ec84959ba190f37-EWR
accept-ranges
bytes
content-length
392
server
cloudflare
global.js
emailsecurity.fortra.com/themes/custom/fortra_parent_2022/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://emailsecurity.fortra.com/themes/custom/fortra_parent_2022/js/global.js?v=10.3.9
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
931bf45c889c9e964c3f3b0141fc95350fef7aed68f253b6d2ea8180b711710b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing

Response headers

x-pantheon-styx-hostname
styx-fe4-a-b7cd879c4-pln5w
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"674f7b9f-2bb3"
age
15282
expires
Thu, 04 Dec 2025 21:46:17 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:03 GMT
content-type
application/x-javascript
last-modified
Tue, 03 Dec 2024 21:43:59 GMT
x-served-by
cache-chi-klot8100094-CHI, cache-lga21972-LGA
x-cache-hits
3, 0
vary
Accept-Encoding
cache-control
max-age=31622400
x-timer
S1733278504.982713,VS0,VE12
x-styx-req-id
06c55286-b1c0-11ef-b613-5640a250e074
via
1.1 varnish, 1.1 varnish
cf-ray
8ec84959ba1c0f37-EWR
accept-ranges
bytes
content-length
3793
server
cloudflare
iframeResizer.min.js
emailsecurity.fortra.com/themes/custom/fortra_parent_2022/js/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://emailsecurity.fortra.com/themes/custom/fortra_parent_2022/js/iframeResizer.min.js?v=10.3.9
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1805b14279760e2a9338b71f40649c45fe37dbc3839bb573a9737cdd495e9752

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing

Response headers

x-pantheon-styx-hostname
styx-fe4-a-b7cd879c4-pln5w
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"674f7b9f-34f8"
age
15282
expires
Thu, 04 Dec 2025 21:47:38 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:03 GMT
content-type
application/x-javascript
last-modified
Tue, 03 Dec 2024 21:43:59 GMT
x-served-by
cache-chi-kigq8000141-CHI, cache-lga21955-LGA
x-cache-hits
1, 0
vary
Accept-Encoding
cache-control
max-age=31622400
x-timer
S1733278504.978484,VS0,VE6
x-styx-req-id
37021ac4-b1c0-11ef-b613-5640a250e074
via
1.1 varnish, 1.1 varnish
cf-ray
8ec84959ba1d0f37-EWR
accept-ranges
bytes
content-length
5880
server
cloudflare
pardot-iframe.js
emailsecurity.fortra.com/themes/custom/fortra_parent_2022/js/ 		26 B
349 B 		Script
General
Check archive.org
Download Go to
Full URL
https://emailsecurity.fortra.com/themes/custom/fortra_parent_2022/js/pardot-iframe.js?v=10.3.9
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e8ceb252d7c242bc66561b79b29880592a4419b8b44d486eacf014038c24736

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing

Response headers

x-pantheon-styx-hostname
styx-fe4-a-b7cd879c4-shdzx
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"674f7b9f-1a"
age
15282
expires
Thu, 04 Dec 2025 21:46:17 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:04 GMT
content-type
application/x-javascript
last-modified
Tue, 03 Dec 2024 21:43:59 GMT
x-served-by
cache-chi-klot8100071-CHI, cache-lga21955-LGA
x-cache-hits
3, 0
vary
Accept-Encoding
cache-control
max-age=31622400
x-timer
S1733278504.984845,VS0,VE154
x-styx-req-id
06de6725-b1c0-11ef-8a00-1ee843572c3c
via
1.1 varnish, 1.1 varnish
cf-ray
8ec84959ba1e0f37-EWR
accept-ranges
bytes
content-length
46
server
cloudflare
widget.js
emailsecurity.fortra.com/themes/custom/fortra_parent_2022/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://emailsecurity.fortra.com/themes/custom/fortra_parent_2022/js/widget.js?v=10.3.9
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
540d2a1642172892b01053409b7b3ad1a8df58bc6f35415ec57421a8548e8547

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing

Response headers

x-pantheon-styx-hostname
styx-fe4-a-b7cd879c4-5cs89
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"674f7b9f-2162"
age
15282
expires
Thu, 04 Dec 2025 21:46:17 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:03 GMT
content-type
application/x-javascript
last-modified
Tue, 03 Dec 2024 21:43:59 GMT
x-served-by
cache-chi-kigq8000096-CHI, cache-lga21941-LGA
x-cache-hits
3, 0
vary
Accept-Encoding
cache-control
max-age=31622400
x-timer
S1733278504.984342,VS0,VE5
x-styx-req-id
06e015d7-b1c0-11ef-b277-728b5b4f94f1
via
1.1 varnish, 1.1 varnish
cf-ray
8ec84959ba1f0f37-EWR
accept-ranges
bytes
content-length
3113
server
cloudflare
widget-code.js
emailsecurity.fortra.com/themes/custom/fortra_parent_2022/js/ 		1 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://emailsecurity.fortra.com/themes/custom/fortra_parent_2022/js/widget-code.js?v=10.3.9
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8f85fb708ed9db0d4e2f877ffdba90a5ebd3ef520d17e09c1f7eb640905016a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing

Response headers

x-pantheon-styx-hostname
styx-fe4-b-c88f69558-xbvrb
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"674f7b9f-5c3"
age
15282
expires
Thu, 04 Dec 2025 21:46:17 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:03 GMT
content-type
application/x-javascript
last-modified
Tue, 03 Dec 2024 21:43:59 GMT
x-served-by
cache-chi-kigq8000155-CHI, cache-lga21924-LGA
x-cache-hits
3, 0
vary
Accept-Encoding
cache-control
max-age=31622400
x-timer
S1733278504.983038,VS0,VE6
x-styx-req-id
06e10363-b1c0-11ef-b2a3-061751e88076
via
1.1 varnish, 1.1 varnish
cf-ray
8ec84959ba210f37-EWR
accept-ranges
bytes
content-length
659
server
cloudflare
barrio.js
emailsecurity.fortra.com/themes/composer/bootstrap_barrio/js/ 		939 B
653 B 		Script
General
Check archive.org
Download Go to
Full URL
https://emailsecurity.fortra.com/themes/composer/bootstrap_barrio/js/barrio.js?v=10.3.9
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dc08d5788eb290f3da4da3fb3ece34d347bea310b5a75117aa27a364b9b6101

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing

Response headers

x-pantheon-styx-hostname
styx-fe4-a-b7cd879c4-gcpzc
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"674f7b9b-3ab"
age
15282
expires
Thu, 04 Dec 2025 21:46:18 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:04 GMT
content-type
application/x-javascript
last-modified
Tue, 03 Dec 2024 21:43:55 GMT
x-served-by
cache-chi-klot8100093-CHI, cache-lga21931-LGA
x-cache-hits
3, 0
vary
Accept-Encoding
cache-control
max-age=31622400
x-timer
S1733278504.993502,VS0,VE5
x-styx-req-id
06fa1a91-b1c0-11ef-87ad-aeaabe57903c
via
1.1 varnish, 1.1 varnish
cf-ray
8ec84959ba220f37-EWR
accept-ranges
bytes
content-length
396
server
cloudflare
affix.js
emailsecurity.fortra.com/themes/composer/bootstrap_barrio/js/ 		1 KB
702 B 		Script
General
Check archive.org
Download Go to
Full URL
https://emailsecurity.fortra.com/themes/composer/bootstrap_barrio/js/affix.js?v=10.3.9
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
642a89d4c0baf5122e5f2e568900187b072977596ac62bbbff2c8bdbfcd7b79f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing

Response headers

x-pantheon-styx-hostname
styx-fe4-a-b7cd879c4-xsrcw
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"674f7b9b-404"
age
15282
expires
Thu, 04 Dec 2025 21:46:18 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:03 GMT
content-type
application/x-javascript
last-modified
Tue, 03 Dec 2024 21:43:55 GMT
x-served-by
cache-chi-kigq8000160-CHI, cache-lga21981-LGA
x-cache-hits
3, 0
vary
Accept-Encoding
cache-control
max-age=31622400
x-timer
S1733278504.987173,VS0,VE9
x-styx-req-id
06fae86f-b1c0-11ef-aefa-f6794f8aacfa
via
1.1 varnish, 1.1 varnish
cf-ray
8ec84959ba230f37-EWR
accept-ranges
bytes
content-length
490
server
cloudflare
bootstrap.min.js
emailsecurity.fortra.com/themes/custom/fortra_parent_2022/js/ 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://emailsecurity.fortra.com/themes/custom/fortra_parent_2022/js/bootstrap.min.js?snxufh
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
423217abf8775cea2dc30fa1fe3e1c5e24dc359a80f1c37ad29a86094bfe81d1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing

Response headers

x-pantheon-styx-hostname
styx-fe4-b-c88f69558-wc9jw
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"674f7b9f-f463"
age
15283
expires
Thu, 04 Dec 2025 22:00:21 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:04 GMT
content-type
application/x-javascript
last-modified
Tue, 03 Dec 2024 21:43:59 GMT
x-served-by
cache-chi-klot8100160-CHI, cache-lga21950-LGA
x-cache-hits
6, 0
vary
Accept-Encoding
cache-control
max-age=31622400
x-timer
S1733278504.994397,VS0,VE6
x-styx-req-id
fd852a0a-b1c1-11ef-a0fb-36e8caf771c5
via
1.1 varnish, 1.1 varnish
cf-ray
8ec84959ba240f37-EWR
accept-ranges
bytes
content-length
19305
server
cloudflare
global.js
emailsecurity.fortra.com/themes/custom/emailsecurity/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://emailsecurity.fortra.com/themes/custom/emailsecurity/js/global.js?v=10.3.9
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d58970695e5df8e8873bab1abe4c314525c191f121e48d2699375b43dde4297

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing

Response headers

x-pantheon-styx-hostname
styx-fe4-a-b7cd879c4-pln5w
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"674f7b9e-a61"
age
15282
expires
Thu, 04 Dec 2025 21:46:18 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:03 GMT
content-type
application/x-javascript
last-modified
Tue, 03 Dec 2024 21:43:58 GMT
x-served-by
cache-chi-kigq8000084-CHI, cache-lga21964-LGA
x-cache-hits
3, 0
vary
Accept-Encoding
cache-control
max-age=31622400
x-timer
S1733278504.985690,VS0,VE6
x-styx-req-id
0714f154-b1c0-11ef-b613-5640a250e074
via
1.1 varnish, 1.1 varnish
cf-ray
8ec84959ba260f37-EWR
accept-ranges
bytes
content-length
1114
server
cloudflare
better_exposed_filters.js
emailsecurity.fortra.com/modules/composer/better_exposed_filters/js/ 		993 B
667 B 		Script
General
Check archive.org
Download Go to
Full URL
https://emailsecurity.fortra.com/modules/composer/better_exposed_filters/js/better_exposed_filters.js?v=6.x
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a561a82aff9cb2300f5c1364487b05f19de3c769294eb7dc97ea4453e398e167

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing

Response headers

x-pantheon-styx-hostname
styx-fe4-a-b7cd879c4-d5v6p
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"674f7b98-3e1"
age
15282
expires
Thu, 04 Dec 2025 21:47:38 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:04 GMT
content-type
application/x-javascript
last-modified
Tue, 03 Dec 2024 21:43:52 GMT
x-served-by
cache-chi-klot8100165-CHI, cache-lga21930-LGA
x-cache-hits
1, 0
vary
Accept-Encoding
cache-control
max-age=31622400
x-timer
S1733278504.993965,VS0,VE7
x-styx-req-id
372ee6e3-b1c0-11ef-9cae-56bd25f571cb
via
1.1 varnish, 1.1 varnish
cf-ray
8ec84959ba270f37-EWR
accept-ranges
bytes
content-length
476
server
cloudflare
auto_submit.js
emailsecurity.fortra.com/modules/composer/better_exposed_filters/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://emailsecurity.fortra.com/modules/composer/better_exposed_filters/js/auto_submit.js?v=6.x
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b8a851688b2b102b98f7f497f1603bd7a8204408aa07b41fd406e28e9af26d3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing

Response headers

x-pantheon-styx-hostname
styx-fe4-b-c88f69558-l954x
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"674f7b98-113d"
age
15282
expires
Thu, 04 Dec 2025 21:47:38 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:04 GMT
content-type
application/x-javascript
last-modified
Tue, 03 Dec 2024 21:43:52 GMT
x-served-by
cache-chi-kigq8000036-CHI, cache-lga21958-LGA
x-cache-hits
1, 0
vary
Accept-Encoding
cache-control
max-age=31622400
x-timer
S1733278504.990575,VS0,VE6
x-styx-req-id
372f4d81-b1c0-11ef-ab70-7227c019fed8
via
1.1 varnish, 1.1 varnish
cf-ray
8ec84959ba280f37-EWR
accept-ranges
bytes
content-length
1811
server
cloudflare
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://emailsecurity.fortra.com
Referer
https://emailsecurity.fortra.com/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8ec8495a5b6f8c3c-EWR
access-control-allow-origin
*
date
Wed, 04 Dec 2024 02:15:04 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
css_k87zy7uYF4xkYhGFzAqbsCa8BbtQd8HOzVn5IaxjD4Y.css
emailsecurity.fortra.com/sites/default/files/css/ 		566 B
590 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://emailsecurity.fortra.com/sites/default/files/css/css_k87zy7uYF4xkYhGFzAqbsCa8BbtQd8HOzVn5IaxjD4Y.css?delta=2&language=en&theme=emailsecurity&include=eJxlj1uOwyAMRTfEhFE2hAy4xBrAyDaaZvdF6ker5Pfch30PDWmqcQuxcvpTf1yA-wD7pxLwadiVuH9bL4rTUw2bj6DoHiwmEAYIdgv77777UjlC_VE7K_XiIrPp8owQQYT4qmMDqoppCtl5FVcvlJU91GeZA-r2IdvsY8ZKemB2DTOBf1A1lC3BsPXp_XTnjHcaBSEnmS26iLYK1tjBijm8-9QX7ChQ79E1v70AoKaN_A
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0f011847dded3545c5762cecd211f53cc41554e2cd72d5e00d690f67d0b74ae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing

Response headers

x-pantheon-styx-hostname
styx-fe4-b-c88f69558-fvprd
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"674f7f76-236"
age
15259
expires
Thu, 04 Dec 2025 22:00:44 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:04 GMT
content-type
text/css
last-modified
Tue, 03 Dec 2024 22:00:22 GMT
x-served-by
cache-chi-kigq8000044-CHI, cache-lga21924-LGA
x-cache-hits
20, 0
vary
Accept-Encoding
cache-control
max-age=31622400
x-timer
S1733278504.000037,VS0,VE7
x-styx-req-id
0ba6159c-b1c2-11ef-9666-56edd5cfea3b
via
1.1 varnish, 1.1 varnish
cf-ray
8ec84959ba2a0f37-EWR
accept-ranges
bytes
content-length
327
server
cloudflare
css2
fonts.googleapis.com/ 		18 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,500;0,600;0,700;0,900;1,400;1,500;1,600;1,700;1,900&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/sites/default/files/css/css_j76I0UdA2_dmk-wCsE6NYWVsvxDbdL4PFlY31qoBvxk.css?delta=3&language=en&theme=emailsecurity&include=eJxlj1uOwyAMRTfEhFE2hAy4xBrAyDaaZvdF6ker5Pfch30PDWmqcQuxcvpTf1yA-wD7pxLwadiVuH9bL4rTUw2bj6DoHiwmEAYIdgv77777UjlC_VE7K_XiIrPp8owQQYT4qmMDqoppCtl5FVcvlJU91GeZA-r2IdvsY8ZKemB2DTOBf1A1lC3BsPXp_XTnjHcaBSEnmS26iLYK1tjBijm8-9QX7ChQ79E1v70AoKaN_A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
21d28329bee038ef4160232a6060de918107ec67d30e7922c01947aa0bb4bdc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 02:15:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 02:15:03 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 04 Dec 2024 02:15:03 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
gtm.js
www.googletagmanager.com/ 		375 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NSSNRJ
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f8d6f6ded6faa1d4d7ba4baa44c2ff5414f972ac8e3f5696aaa9478ce8baa369
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Wed, 04 Dec 2024 02:15:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 02:15:04 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 04 Dec 2024 00:35:44 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
122948
x-xss-protection
0
server
Google Tag Manager
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,500;0,600;0,700;0,900;1,400;1,500;1,600;1,700;1,900&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://emailsecurity.fortra.com
Referer
https://fonts.googleapis.com/

Response headers

age
484339
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 11:42:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 11:42:45 GMT
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7884
x-xss-protection
0
server
sffe
fa-sharp-light-300.woff2
emailsecurity.fortra.com/themes/custom/fortra_parent_2022/fonts/ 		354 KB
355 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://emailsecurity.fortra.com/themes/custom/fortra_parent_2022/fonts/fa-sharp-light-300.woff2
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/sites/default/files/css/css_j76I0UdA2_dmk-wCsE6NYWVsvxDbdL4PFlY31qoBvxk.css?delta=3&language=en&theme=emailsecurity&include=eJxlj1uOwyAMRTfEhFE2hAy4xBrAyDaaZvdF6ker5Pfch30PDWmqcQuxcvpTf1yA-wD7pxLwadiVuH9bL4rTUw2bj6DoHiwmEAYIdgv77777UjlC_VE7K_XiIrPp8owQQYT4qmMDqoppCtl5FVcvlJU91GeZA-r2IdvsY8ZKemB2DTOBf1A1lC3BsPXp_XTnjHcaBSEnmS26iLYK1tjBijm8-9QX7ChQ79E1v70AoKaN_A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6af937301b20d4f7bd7b84b07dd3cb9c5a2c35af0bcc6a0469adebff15381505

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://emailsecurity.fortra.com
Referer
https://emailsecurity.fortra.com/sites/default/files/css/css_j76I0UdA2_dmk-wCsE6NYWVsvxDbdL4PFlY31qoBvxk.css?delta=3&language=en&theme=emailsecurity&include=eJxlj1uOwyAMRTfEhFE2hAy4xBrAyDaaZvdF6ker5Pfch30PDWmqcQuxcvpTf1yA-wD7pxLwadiVuH9bL4rTUw2bj6DoHiwmEAYIdgv77777UjlC_VE7K_XiIrPp8owQQYT4qmMDqoppCtl5FVcvlJU91GeZA-r2IdvsY8ZKemB2DTOBf1A1lC3BsPXp_XTnjHcaBSEnmS26iLYK1tjBijm8-9QX7ChQ79E1v70AoKaN_A

Response headers

x-pantheon-styx-hostname
styx-fe4-b-c88f69558-h44zq
cf-cache-status
DYNAMIC
etag
"674f7b9f-58954"
age
15259
expires
Thu, 04 Dec 2025 21:46:19 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:04 GMT
content-type
font/woff2
last-modified
Tue, 03 Dec 2024 21:43:59 GMT
x-served-by
cache-chi-klot8100025-CHI, cache-lga21955-LGA
x-cache-hits
0, 0
cache-control
max-age=31622400
x-timer
S1733278504.090564,VS0,VE15
x-styx-req-id
07a123ca-b1c0-11ef-aa14-a2614d997053
via
1.1 varnish, 1.1 varnish
cf-ray
8ec8495a6ac40f37-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
362836
server
cloudflare
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,500;0,600;0,700;0,900;1,400;1,500;1,600;1,700;1,900&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://emailsecurity.fortra.com
Referer
https://fonts.googleapis.com/

Response headers

age
477258
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 13:40:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 13:40:46 GMT
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7816
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,500;0,600;0,700;0,900;1,400;1,500;1,600;1,700;1,900&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://emailsecurity.fortra.com
Referer
https://fonts.googleapis.com/

Response headers

age
476297
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 13:56:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 13:56:47 GMT
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7748
x-xss-protection
0
server
sffe
fa-sharp-solid-900.woff2
emailsecurity.fortra.com/themes/custom/fortra_parent_2022/fonts/ 		251 KB
252 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://emailsecurity.fortra.com/themes/custom/fortra_parent_2022/fonts/fa-sharp-solid-900.woff2
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/sites/default/files/css/css_j76I0UdA2_dmk-wCsE6NYWVsvxDbdL4PFlY31qoBvxk.css?delta=3&language=en&theme=emailsecurity&include=eJxlj1uOwyAMRTfEhFE2hAy4xBrAyDaaZvdF6ker5Pfch30PDWmqcQuxcvpTf1yA-wD7pxLwadiVuH9bL4rTUw2bj6DoHiwmEAYIdgv77777UjlC_VE7K_XiIrPp8owQQYT4qmMDqoppCtl5FVcvlJU91GeZA-r2IdvsY8ZKemB2DTOBf1A1lC3BsPXp_XTnjHcaBSEnmS26iLYK1tjBijm8-9QX7ChQ79E1v70AoKaN_A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5092d37720c5a4b6b7b4768599df2e43ed0c19b7502f20800500948125d9df89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://emailsecurity.fortra.com
Referer
https://emailsecurity.fortra.com/sites/default/files/css/css_j76I0UdA2_dmk-wCsE6NYWVsvxDbdL4PFlY31qoBvxk.css?delta=3&language=en&theme=emailsecurity&include=eJxlj1uOwyAMRTfEhFE2hAy4xBrAyDaaZvdF6ker5Pfch30PDWmqcQuxcvpTf1yA-wD7pxLwadiVuH9bL4rTUw2bj6DoHiwmEAYIdgv77777UjlC_VE7K_XiIrPp8owQQYT4qmMDqoppCtl5FVcvlJU91GeZA-r2IdvsY8ZKemB2DTOBf1A1lC3BsPXp_XTnjHcaBSEnmS26iLYK1tjBijm8-9QX7ChQ79E1v70AoKaN_A

Response headers

x-pantheon-styx-hostname
styx-fe4-b-c88f69558-xbvrb
cf-cache-status
DYNAMIC
etag
"674f7b9f-3edd8"
age
15259
expires
Thu, 04 Dec 2025 21:46:19 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:04 GMT
content-type
font/woff2
last-modified
Tue, 03 Dec 2024 21:43:59 GMT
x-served-by
cache-chi-klot8100022-CHI, cache-lga21947-LGA
x-cache-hits
0, 0
cache-control
max-age=31622400
x-timer
S1733278504.084703,VS0,VE5
x-styx-req-id
07ced457-b1c0-11ef-b2a3-061751e88076
via
1.1 varnish, 1.1 varnish
cf-ray
8ec8495a6ac60f37-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
257496
server
cloudflare
fa-sharp-regular-400.woff2
emailsecurity.fortra.com/themes/custom/fortra_parent_2022/fonts/ 		320 KB
321 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://emailsecurity.fortra.com/themes/custom/fortra_parent_2022/fonts/fa-sharp-regular-400.woff2
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/sites/default/files/css/css_j76I0UdA2_dmk-wCsE6NYWVsvxDbdL4PFlY31qoBvxk.css?delta=3&language=en&theme=emailsecurity&include=eJxlj1uOwyAMRTfEhFE2hAy4xBrAyDaaZvdF6ker5Pfch30PDWmqcQuxcvpTf1yA-wD7pxLwadiVuH9bL4rTUw2bj6DoHiwmEAYIdgv77777UjlC_VE7K_XiIrPp8owQQYT4qmMDqoppCtl5FVcvlJU91GeZA-r2IdvsY8ZKemB2DTOBf1A1lC3BsPXp_XTnjHcaBSEnmS26iLYK1tjBijm8-9QX7ChQ79E1v70AoKaN_A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6dbea358c770232d65488985fbebe3d3f4d75949c9fdcc293c316388545098b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://emailsecurity.fortra.com
Referer
https://emailsecurity.fortra.com/sites/default/files/css/css_j76I0UdA2_dmk-wCsE6NYWVsvxDbdL4PFlY31qoBvxk.css?delta=3&language=en&theme=emailsecurity&include=eJxlj1uOwyAMRTfEhFE2hAy4xBrAyDaaZvdF6ker5Pfch30PDWmqcQuxcvpTf1yA-wD7pxLwadiVuH9bL4rTUw2bj6DoHiwmEAYIdgv77777UjlC_VE7K_XiIrPp8owQQYT4qmMDqoppCtl5FVcvlJU91GeZA-r2IdvsY8ZKemB2DTOBf1A1lC3BsPXp_XTnjHcaBSEnmS26iLYK1tjBijm8-9QX7ChQ79E1v70AoKaN_A

Response headers

x-pantheon-styx-hostname
styx-fe4-a-b7cd879c4-k5npz
cf-cache-status
DYNAMIC
etag
"674f7b9f-500e8"
age
15259
expires
Thu, 04 Dec 2025 21:46:19 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:04 GMT
content-type
font/woff2
last-modified
Tue, 03 Dec 2024 21:43:59 GMT
x-served-by
cache-chi-kigq8000086-CHI, cache-lga21929-LGA
x-cache-hits
0, 0
cache-control
max-age=31622400
x-timer
S1733278504.095606,VS0,VE8
x-styx-req-id
07ccb2f2-b1c0-11ef-858b-2234305b7af9
via
1.1 varnish, 1.1 varnish
cf-ray
8ec8495a6ac80f37-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
327912
server
cloudflare
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,500;0,600;0,700;0,900;1,400;1,500;1,600;1,700;1,900&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://emailsecurity.fortra.com
Referer
https://fonts.googleapis.com/

Response headers

age
473727
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 14:39:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 14:39:37 GMT
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
8000
x-xss-protection
0
server
sffe
pxiGyp8kv8JHgFVrJJLucHtA.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiGyp8kv8JHgFVrJJLucHtA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,500;0,600;0,700;0,900;1,400;1,500;1,600;1,700;1,900&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://emailsecurity.fortra.com
Referer
https://fonts.googleapis.com/

Response headers

age
480600
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 12:45:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 12:45:04 GMT
last-modified
Fri, 22 Mar 2024 00:00:54 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
8668
x-xss-protection
0
server
sffe
pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,500;0,600;0,700;0,900;1,400;1,500;1,600;1,700;1,900&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b0864712c6e7ca75f8c003f7bc1a9270af33d6becd4119463771593274c48d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://emailsecurity.fortra.com
Referer
https://fonts.googleapis.com/

Response headers

age
478508
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 13:19:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 13:19:56 GMT
last-modified
Fri, 22 Mar 2024 00:00:22 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
8596
x-xss-protection
0
server
sffe
fa-light-300.woff2
emailsecurity.fortra.com/themes/custom/fortra_parent_2022/fonts/ 		419 KB
420 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://emailsecurity.fortra.com/themes/custom/fortra_parent_2022/fonts/fa-light-300.woff2
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/sites/default/files/css/css_j76I0UdA2_dmk-wCsE6NYWVsvxDbdL4PFlY31qoBvxk.css?delta=3&language=en&theme=emailsecurity&include=eJxlj1uOwyAMRTfEhFE2hAy4xBrAyDaaZvdF6ker5Pfch30PDWmqcQuxcvpTf1yA-wD7pxLwadiVuH9bL4rTUw2bj6DoHiwmEAYIdgv77777UjlC_VE7K_XiIrPp8owQQYT4qmMDqoppCtl5FVcvlJU91GeZA-r2IdvsY8ZKemB2DTOBf1A1lC3BsPXp_XTnjHcaBSEnmS26iLYK1tjBijm8-9QX7ChQ79E1v70AoKaN_A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38b2e62bfbbeed100be9d1de0fcbd08fbe4dec34d2fb7f5986ce2ee233ad6546

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://emailsecurity.fortra.com
Referer
https://emailsecurity.fortra.com/sites/default/files/css/css_j76I0UdA2_dmk-wCsE6NYWVsvxDbdL4PFlY31qoBvxk.css?delta=3&language=en&theme=emailsecurity&include=eJxlj1uOwyAMRTfEhFE2hAy4xBrAyDaaZvdF6ker5Pfch30PDWmqcQuxcvpTf1yA-wD7pxLwadiVuH9bL4rTUw2bj6DoHiwmEAYIdgv77777UjlC_VE7K_XiIrPp8owQQYT4qmMDqoppCtl5FVcvlJU91GeZA-r2IdvsY8ZKemB2DTOBf1A1lC3BsPXp_XTnjHcaBSEnmS26iLYK1tjBijm8-9QX7ChQ79E1v70AoKaN_A

Response headers

x-pantheon-styx-hostname
styx-fe4-a-b7cd879c4-5cs89
cf-cache-status
DYNAMIC
etag
"674f7b9f-68d70"
age
15282
expires
Thu, 04 Dec 2025 21:46:19 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:04 GMT
content-type
font/woff2
last-modified
Tue, 03 Dec 2024 21:43:59 GMT
x-served-by
cache-chi-kigq8000144-CHI, cache-lga21941-LGA
x-cache-hits
3, 0
cache-control
max-age=31622400
x-timer
S1733278504.084837,VS0,VE5
x-styx-req-id
07fb977d-b1c0-11ef-b277-728b5b4f94f1
via
1.1 varnish, 1.1 varnish
cf-ray
8ec8495a6ac90f37-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
429424
server
cloudflare
fa-brands-400.woff2
emailsecurity.fortra.com/themes/custom/fortra_parent_2022/fonts/ 		108 KB
109 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://emailsecurity.fortra.com/themes/custom/fortra_parent_2022/fonts/fa-brands-400.woff2
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/sites/default/files/css/css_j76I0UdA2_dmk-wCsE6NYWVsvxDbdL4PFlY31qoBvxk.css?delta=3&language=en&theme=emailsecurity&include=eJxlj1uOwyAMRTfEhFE2hAy4xBrAyDaaZvdF6ker5Pfch30PDWmqcQuxcvpTf1yA-wD7pxLwadiVuH9bL4rTUw2bj6DoHiwmEAYIdgv77777UjlC_VE7K_XiIrPp8owQQYT4qmMDqoppCtl5FVcvlJU91GeZA-r2IdvsY8ZKemB2DTOBf1A1lC3BsPXp_XTnjHcaBSEnmS26iLYK1tjBijm8-9QX7ChQ79E1v70AoKaN_A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
063b9237e402c98dfb77a66e5de0d02d953640fc8fe44911808c2fdcb80df26e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://emailsecurity.fortra.com
Referer
https://emailsecurity.fortra.com/sites/default/files/css/css_j76I0UdA2_dmk-wCsE6NYWVsvxDbdL4PFlY31qoBvxk.css?delta=3&language=en&theme=emailsecurity&include=eJxlj1uOwyAMRTfEhFE2hAy4xBrAyDaaZvdF6ker5Pfch30PDWmqcQuxcvpTf1yA-wD7pxLwadiVuH9bL4rTUw2bj6DoHiwmEAYIdgv77777UjlC_VE7K_XiIrPp8owQQYT4qmMDqoppCtl5FVcvlJU91GeZA-r2IdvsY8ZKemB2DTOBf1A1lC3BsPXp_XTnjHcaBSEnmS26iLYK1tjBijm8-9QX7ChQ79E1v70AoKaN_A

Response headers

x-pantheon-styx-hostname
styx-fe4-b-c88f69558-xbvrb
cf-cache-status
DYNAMIC
etag
"674f7b9f-1b154"
age
15282
expires
Thu, 04 Dec 2025 21:47:39 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:04 GMT
content-type
font/woff2
last-modified
Tue, 03 Dec 2024 21:43:59 GMT
x-served-by
cache-chi-klot8100040-CHI, cache-lga21937-LGA
x-cache-hits
1, 0
cache-control
max-age=31622400
x-timer
S1733278504.086866,VS0,VE11
x-styx-req-id
373f6f48-b1c0-11ef-b2a3-061751e88076
via
1.1 varnish, 1.1 varnish
cf-ray
8ec8495a6aca0f37-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
110932
server
cloudflare
blog-fta-1200x678.jpg
emailsecurity.fortra.com/sites/default/files/ 		298 KB
299 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emailsecurity.fortra.com/sites/default/files/blog-fta-1200x678.jpg
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3c84df8985cb000828147ef89c09306c1d7de7fb789b4cd059f8ae77982f974

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing

Response headers

x-pantheon-styx-hostname
styx-fe4-b-c88f69558-qt7f4
cf-cache-status
DYNAMIC
etag
"6672030d-4a84f"
age
4983
expires
Wed, 03 Dec 2025 18:58:44 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:04 GMT
content-type
image/jpeg
last-modified
Tue, 18 Jun 2024 21:58:37 GMT
x-served-by
cache-chi-kigq8000131-CHI, cache-lga21982-LGA
x-cache-hits
0, 0
cache-control
max-age=31622400
x-timer
S1733278504.089418,VS0,VE6
x-styx-req-id
73f7ae3b-b0df-11ef-bf57-ea26de53d568
via
1.1 varnish, 1.1 varnish
cf-ray
8ec8495a6acd0f37-EWR
accept-ranges
bytes
content-length
305231
server
cloudflare
im1.png
emailsecurity.fortra.com/sites/default/files/2024-12/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://emailsecurity.fortra.com/sites/default/files/2024-12/im1.png
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12e37ff48c5f4d5678814f95639f82fb34b04e762d262bd825fb5f21b904631f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing

Response headers

x-pantheon-styx-hostname
styx-fe4-b-c88f69558-qt7f4
cf-cache-status
DYNAMIC
etag
"674dfdb6-11b98"
age
15259
expires
Wed, 03 Dec 2025 18:58:43 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:04 GMT
content-type
image/png
last-modified
Mon, 02 Dec 2024 18:34:30 GMT
x-served-by
cache-chi-kigq8000115-CHI, cache-lga21964-LGA
x-cache-hits
0, 0
cache-control
max-age=31622400
x-timer
S1733278504.105633,VS0,VE8
x-styx-req-id
73b65b07-b0df-11ef-bf57-ea26de53d568
via
1.1 varnish, 1.1 varnish
cf-ray
8ec8495a6acf0f37-EWR
accept-ranges
bytes
content-length
72600
server
cloudflare
sm.25.html
static.addtoany.com/menu/ Frame EC86 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/sm.25.html
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://emailsecurity.fortra.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
4313
alt-svc
h3=":443"; ma=86400
cache-control
max-age=315360000, immutable
cf-cache-status
HIT
cf-ray
8ec8495b4a5218ea-EWR
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 04 Dec 2024 02:15:04 GMT
last-modified
Wed, 04 Dec 2024 01:03:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X3FWFRfsbbMkpw4%2BcElF5OaN4gNfeciEciSIWS45x4IOxP8ie%2BhImagfyJWnAlZewwKip79MzHz2ThiAXxOxRCXD%2FNiaoIOU%2FHbQsCeUwwNwgAX2S8PJrUbMUvOo%2BmEINFjK%2FvjC"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfExtPri
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
core.junnp81e.js
static.addtoany.com/menu/modules/ 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/modules/core.junnp81e.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0570581bf787cbb4a26d1508cf4ed96ef19d1a2465df5b9d5c4003813a2ebd35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://emailsecurity.fortra.com
Referer
https://emailsecurity.fortra.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"e6e4834d2c3691bbe81e6cdbd5ea9b75"
age
22278
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OXRtnZle1HUeMcu4iwFAb4HzldO9ln4bY0D%2FjWB8KsJ6%2BGrkFDjgpvchoWwknlFR8l0Pv9ZCdd1VxyFYZBnxF5nE3m8JNG8Imgh5kLtawCiP%2BfJaYGxLCB6ZjRv5xNbK%2BmzgedzA"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 04 Dec 2024 02:15:04 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=315360000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ec8495b3de38ce0-EWR
access-control-allow-origin
*
server
cloudflare
get
consent.trustarc.com/ Frame D37D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/get?name=crossdomain.html&domain=helpsystems.com
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=helpsystems.com&c=teconsent&js=nj&noticeType=bb&gtm=1&text=true&pn=2&cookieLink=https://www.helpsystems.com/cookie-policy&privacypolicylink=https://www.helpsystems.com/privacy-policy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.85.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-85-26.iad89.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://emailsecurity.fortra.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
374
cache-control
max-age=2592000
content-encoding
gzip
content-length
1084
content-type
text/html
date
Wed, 04 Dec 2024 02:08:50 GMT
pragma
public
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding Origin
via
1.1 886e3ca81a125ea010a3dc17be7b1800.cloudfront.net (CloudFront)
x-amz-cf-id
aC5fUBsXNSAqPtg9pqNdWr9nWEMib9j2Yd6ljzFDp2_OEpqtNLvB2w==
x-amz-cf-pop
IAD89-P3
x-cache
Hit from cloudfront
v1.7-6252
consent.trustarc.com/asset/notice.js/v/ 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/asset/notice.js/v/v1.7-6252
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=helpsystems.com&c=teconsent&js=nj&noticeType=bb&gtm=1&text=true&pn=2&cookieLink=https://www.helpsystems.com/cookie-policy&privacypolicylink=https://www.helpsystems.com/privacy-policy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.85.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-85-62.iad89.r.cloudfront.net
Software
/
Resource Hash
0c47080feb6fe854cb361dc2471f19799e8773617f10e33cf78aea069d41a4e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://emailsecurity.fortra.com
Referer
https://emailsecurity.fortra.com/

Response headers

access-control-expose-headers
*
content-encoding
gzip
age
493
x-cache
Hit from cloudfront
x-amz-cf-id
w3MPdQopAsQXorL4P1ACeTEDhAFMeMYwV7FqVo0wfY-tGhnVJxI3IQ==
date
Wed, 04 Dec 2024 02:06:51 GMT
content-type
text/javascript
last-modified
Wed, 13 Nov 2024 02:26:13 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=2592000
pragma
public
via
1.1 8050c5b4863c56ab9f53d7e4db71f5ec.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
28136
x-amz-cf-pop
IAD89-P3
log
consent.trustarc.com/ 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/log?domain=helpsystems.com&country=us&state=&behavior=implied&session=9d75347d-1756-41ab-a329-c923568b2072&userType=NEW&c=4dba&referer=https://emailsecurity.fortra.com&language=en
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.85.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-85-62.iad89.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
via
1.1 e0cd2760f9022d4294796eeecb448274.cloudfront.net (CloudFront)
expires
Mon, 26 Jul 1997 05:00:00 GMT
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
69XO175RxskvM8A5ZN2cyTNSxSoHDS2idJQGTdZFOI7sGR2IE1ssGQ==
date
Wed, 04 Dec 2024 02:15:04 GMT
content-type
image/gif
x-amz-cf-pop
IAD89-P3
vary
Origin
hotjar-5137026.js
static.hotjar.com/c/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-5137026.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSSNRJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.41.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-41-112.iad55.r.cloudfront.net
Software
/
Resource Hash
ecf3a78f9a9811c30fc9b3cdf087af8c2c845fc15081ac1cc3564c2e50c1e972
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

content-encoding
br
etag
W/c4faea4e69838829ce89f770d0f3a3a6
age
11
x-content-type-options
nosniff
x-cache-hit
1
x-cache
Hit from cloudfront
x-amz-cf-id
a2TmJBzTv31qmutLWJMHfHIObiMmeMsDwrPOVumD8Se5QA77hIjNYQ==
date
Wed, 04 Dec 2024 02:14:53 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
via
1.1 25a2a3d250d148773038ad8acabb820c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
IAD55-P1
2389.js
tracking.g2crowd.com/attribution_tracking/conversions/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.g2crowd.com/attribution_tracking/conversions/2389.js?p=https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&e=
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3b575febcbcd29e815fad9655dd01f028edd0f3d641ffc202e9b04e02443051
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

content-encoding
br
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
date
Wed, 04 Dec 2024 02:15:04 GMT
content-type
text/javascript;charset=UTF-8
content-disposition
inline
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
referrer-policy
no-referrer
x-download-options
noopen
cf-ray
8ec8495cce830c7e-EWR
access-control-allow-origin
*
x-xss-protection
0
origin-agent-cluster
?1
server
cloudflare
3478499.js
js.hs-scripts.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/3478499.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSSNRJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8cd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4d5b584f8aaebcbd62557be8dda444670d6da60d7a3dbaba851da81e8c2da14
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

access-control-max-age
3600
content-encoding
gzip
cf-cache-status
HIT
age
62
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 02:16:34 GMT
date
Wed, 04 Dec 2024 02:15:04 GMT
x-hubspot-correlation-id
148aac95-f5fa-4f0c-9736-757d383fd0cb
content-type
application/javascript;charset=utf-8
vary
origin, Accept-Encoding
last-modified
Wed, 04 Dec 2024 02:13:34 GMT
cache-control
public, max-age=90
access-control-allow-credentials
true
cf-ray
8ec8495c7c050f80-EWR
accept-ranges
bytes
access-control-allow-origin
https://dataclassification.fortra.com
content-length
665
server
cloudflare
js
www.googletagmanager.com/gtag/ 		418 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TGW7SE44X4&l=dataLayer&cx=c&gtm=45He4bk0v6702304za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSSNRJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d3f6c9cbee240b9e1025946dbfd8364e324d7f1f5da58736ac2509e3ec9d76c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 04 Dec 2024 02:15:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 02:15:04 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
136492
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		328 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NHMHGJWX49&l=dataLayer&cx=c&gtm=45He4bk0v6702304za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSSNRJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
605ff692b1f8e2c8240b81857086e4576612b4d1a1e8fefb993114027a0c300b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 04 Dec 2024 02:15:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 02:15:04 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
110897
x-xss-protection
0
server
Google Tag Manager
6si.min.js
j.6sc.co/ 		68 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.6sc.co/6si.min.js
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.203.166 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-48-203-166.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
56df5bf2317bc2156b954c3fd2913afcce23eb4947c47f3ac401017dc4a0151d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

cache-control
private, proxy-revalidate, max-age=10800
content-encoding
gzip
etag
"66fb91ae-111d7"
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 05:15:04 GMT
accept-ranges
bytes
content-length
18830
date
Wed, 04 Dec 2024 02:15:04 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx/1.14.0 (Ubuntu)
last-modified
Tue, 01 Oct 2024 06:07:42 GMT
vabs9hx29dzm.js
js.driftt.com/include/1733278800000/ 		221 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/include/1733278800000/vabs9hx29dzm.js
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.18.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-18-4.iad12.r.cloudfront.net
Software
istio-envoy /
Resource Hash
a2db06993a81eb3ebd33897015d64c8ab5c9fcad5c3f8c4ad9329bce36440c4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

content-encoding
gzip
x-amz-version-id
yminFcCyQz19.9XIAb.JMjcjgNFzNrOJ
etag
W/"82011e1dd9ff7667aafa4871fd8b5ffe"
access-control-allow-methods
GET, POST, OPTIONS
x-cache
Miss from cloudfront
x-amz-cf-id
oMchIpnqh1831xpfNJSXnCgXMwJdAeHuBLW1Fp7NUuES5auNyorkIQ==
date
Wed, 04 Dec 2024 02:15:04 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Mon, 25 Nov 2024 19:25:25 GMT
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache
x-envoy-upstream-service-time
29
access-control-allow-credentials
true
via
1.1 a57d2f9cdddfdb2c5779462e97c9c00c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
IAD12-P4
server
istio-envoy
x-amz-server-side-encryption
AES256
j.php
dev.visualwebsiteoptimizer.com/ 		21 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=344368&u=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&vn=2.1&x=true
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv2 /
Resource Hash
4f7c2e8ddba9f7d905e064df1f7aa250bac4fe5f386fdc7f58ad029d4e3e7646

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

cache-control
public, max-age=0, no-cache, must-revalidate
timing-allow-origin
*
content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://emailsecurity.fortra.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 02:15:03 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
gnv2
va-7814b108f5f785b110176adf06fdbc72br.js
dev.visualwebsiteoptimizer.com/cdn/7.0/ 		256 KB
72 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/cdn/7.0/va-7814b108f5f785b110176adf06fdbc72br.js
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a00f889a0515536923bea5006569a4eb45df026e4b2c19bd6f20815ae56f5db3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

x-goog-metageneration
1
content-encoding
br
x-goog-hash
crc32c=26aQCg==, md5=qN6dnKst9hQ9DRSrkSM8tg==
etag
"a8de9d9cab2df6143d0d14ab91233cb6"
age
311035
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
73406
date
Sat, 30 Nov 2024 11:51:09 GMT
last-modified
Sat, 30 Nov 2024 10:20:34 GMT
content-type
text/javascript; charset=UTF-8
x-guploader-uploadid
AFiumC76qDbdHi_SmKFLUDz-aFrEePrymttxxFD6oSRX3hh14XB67--PAT7iRmlX1OjX5kiLn37fVI42lQ
cdn_cache_status
hit
cache-control
public, max-age=31536000
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1732962034844103
content-length
73406
content-language
en
server
UploadServer
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=344368&d=emailsecurity.fortra.com&u=D47633118A1B4E74470A4342726637D1F&h=07fb86223902417d853ce3129d2c9c8e&t=false
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv01c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

cache-control
public, max-age=43200
x-content-type-options
nosniff
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
date
Wed, 04 Dec 2024 02:15:04 GMT
content-type
image/gif
server
gnv01c
banner.js
js.hs-banner.com/v2/3478499/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/3478499/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3478499.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9310 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4483ff575508dfc55d2f2a4a0915677bf73719cc25fd4466f262767c75ffd5da

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

x-evy-trace-virtual-host
all
access-control-max-age
604800
x-request-id
f01622a2-3a8b-45e5-9b56-bfa6f4d197b1
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
content-encoding
gzip
cf-cache-status
HIT
etag
W/"bce2b85a97ba55a06452a7c75b1af3b6"
x-amz-version-id
XqsQ_DpuA6HxtdlvhOasNV14dBA9JnSc
age
61
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expires
Wed, 04 Dec 2024 02:19:03 GMT
x-evy-trace-listener
listener_https
date
Wed, 04 Dec 2024 02:15:04 GMT
x-hubspot-correlation-id
f01622a2-3a8b-45e5-9b56-bfa6f4d197b1
content-type
text/javascript; charset=UTF-8
last-modified
Wed, 20 Nov 2024 16:54:13 GMT
vary
origin, Accept-Encoding
x-amz-id-2
idOAtwh5B10M/MleTvaMBkaHWfdBRMgrHS2LhVBK/f3wy/z8l1eb2wcFbbxIHplTJBhi+j4HneQ=
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=300,public
timing-allow-origin
*
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-8586d94f84-dc4x5
x-envoy-upstream-service-time
73
access-control-allow-credentials
true
x-amz-request-id
38NK8ZWSVCGJVS5E
cf-ray
8ec8495e3f87426d-EWR
access-control-allow-origin
https://www.fortra.com
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-amz-server-side-encryption
AES256
leadflows.js
js.hsleadflows.net/ 		550 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3478499.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8d11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d44882ab82adeef2856a0d52fb54bb70e472be45d50aa3a16b4cb39223391a99
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://emailsecurity.fortra.com
Referer
https://emailsecurity.fortra.com/

Response headers

x-request-id
7851fd31-c1bc-458f-bcad-6795990d7402
content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
1P48dmUoAxkQ57N6qBxgDzS3oBmZAXBF
etag
W/"ce26171eff05376a1b746efbb809f7f6"
cache-tag
staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
age
52882
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-evy-trace-listener
listener_https
x-amz-cf-id
bzSF_CMCetBOFw0TFNJmsMrmXVKe41MlMiHUEVA3HEEV2n9HjSTIPg==
x-hubspot-correlation-id
7851fd31-c1bc-458f-bcad-6795990d7402
content-type
application/javascript; charset=utf-8
last-modified
Thu, 21 Nov 2024 16:54:39 UTC
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
s-maxage=86400, max-age=0
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-856d8787d5-kmrh7
x-envoy-upstream-service-time
9
x-hs-target-asset
lead-flows-js/static-1.1724/bundle/main/lead-flows-release.js
server
cloudflare
x-evy-trace-virtual-host
all
x-amz-server-side-encryption
AES256
access-control-max-age
3000
access-control-allow-methods
GET
x-hs-cache-status
MISS
date
Wed, 04 Dec 2024 02:15:04 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1724/bundle/main/lead-flows-release.js&cfRay=8e67d7616d6307b6-MIA
via
1.1 1c6074d72abc2b2cd13356e16b77c834.cloudfront.net (CloudFront)
cf-ray
8ec8495e1a4f0f8b-EWR
access-control-allow-origin
*
x-evy-trace-route-configuration
listener_https/all
x-amz-cf-pop
IAD55-P7
web-interactives-embed.js
js.hubspot.com/ 		84 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hubspot.com/web-interactives-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3478499.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6f514ddc18e496f04ad9fad4afcec13d365dfa49efa5dac94d6fff64b95a623
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://emailsecurity.fortra.com
Referer
https://emailsecurity.fortra.com/

Response headers

x-request-id
9bc0a133-550c-4675-8061-6bd8440a4cd5
content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
mNXUuIIWhVdVPzPqyp_sjRXwZmR0sDd4
etag
W/"224467cc4ce3a08f302186b8a1ce03c9"
cache-tag
staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pY91d8JqQk9Q9ymU07RgHCGiT3V7x0P9p3XaAuSTnCwRIcFa8Dvtu1HtU7mPom%2FvorFH6Q74gAn%2Bg0h4QQ8H9%2BB4n%2B1YPCaokQy8E%2F4%2FP%2BcLphiNZDL8J2PlRkkiPD9Nx367Yb6nx0wnAs%2FZ"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-evy-trace-listener
listener_https
x-amz-cf-id
c7BSsFaDZeuFnmChXdPFjeX0iBNUYEXm28WBfMMkANc7AKhKyM2ejg==
x-hubspot-correlation-id
9bc0a133-550c-4675-8061-6bd8440a4cd5
content-type
application/javascript; charset=utf-8
last-modified
Mon, 02 Dec 2024 10:47:31 UTC
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-856d8787d5-fndvb
x-envoy-upstream-service-time
6
x-hs-target-asset
web-interactives-embed/static-2.1869/bundles/project.js
server
cloudflare
x-evy-trace-virtual-host
all
x-amz-server-side-encryption
AES256
access-control-max-age
3000
access-control-allow-methods
GET
x-hs-cache-status
MISS
date
Wed, 04 Dec 2024 02:15:04 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1869/bundles/project.js&cfRay=8ebacf7e1ebe05d6-ATL
via
1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
cf-ray
8ec8495f8b5b1a0b-EWR
access-control-allow-origin
*
x-evy-trace-route-configuration
listener_https/all
x-amz-cf-pop
IAD12-P3
conversations-embed.js
js.usemessages.com/ 		93 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3478499.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4c8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efa4aed518b4728e6d4b4bdd1c5fe289c63a0d071a4edf329f560171f6e7b472
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

x-evy-trace-virtual-host
all
x-request-id
cbace7ec-7b93-42f6-a10b-a1140341a680
content-encoding
gzip
cf-cache-status
HIT
etag
W/"f5e6ced71ecd77db318b3b7bdbcea12d"
x-amz-version-id
WSFuba_L2anScNSxi1bmQJTKzwhQ1N0F
cache-tag
staticjsapp-conversations-embed-web-prod,staticjsapp-prod
age
449
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-hs-cache-status
MISS
x-amz-cf-id
TeGdQqt_JJV5wsjBmX1s2HwzY0CynnG8rJktm3e1tLOqoZ_xaZfIgw==
date
Wed, 04 Dec 2024 02:15:04 GMT
x-hubspot-correlation-id
cbace7ec-7b93-42f6-a10b-a1140341a680
content-type
application/javascript; charset=utf-8
last-modified
Tue, 26 Nov 2024 17:11:20 UTC
vary
accept-encoding
x-evy-trace-listener
listener_https
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-856d8787d5-fndvb
x-envoy-upstream-service-time
9
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.18938/bundles/project.js&cfRay=8ebb14c2ece8d6cd-IAD
via
1.1 76e55a2361219fb19722e949475d1844.cloudfront.net (CloudFront)
cf-ray
8ec8495e39de8cb1-EWR
x-evy-trace-route-configuration
listener_https/all
x-hs-target-asset
conversations-embed/static-1.18938/bundles/project.js
x-amz-cf-pop
IAD12-P3
server
cloudflare
x-amz-server-side-encryption
AES256
3478499.js
js.hs-analytics.net/analytics/1733278200000/ 		84 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1733278200000/3478499.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3478499.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8eb09e0b0303384fe6acc8cafa2c12f0e0d4cfe619677cb8a2b7fc7f4a19e1d1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

x-amz-server-side-encryption
AES256
x-request-id
5e8e6c3d-4bca-482d-8b88-668045d77e22
content-encoding
gzip
cf-cache-status
HIT
etag
W/"c74d950f1efffb6696d43dc5bc2de878"
x-amz-version-id
null
age
271
expires
Wed, 04 Dec 2024 02:15:33 GMT
x-evy-trace-listener
listener_https
date
Wed, 04 Dec 2024 02:15:04 GMT
x-hubspot-correlation-id
5e8e6c3d-4bca-482d-8b88-668045d77e22
content-type
text/javascript
last-modified
Tue, 03 Dec 2024 16:25:05 GMT
vary
origin, Accept-Encoding
x-amz-id-2
K7xjOsyDFQ+s5fLjgBNxHRBlfYQBuNinQMlAp6o8WHfXcacGCRHj15LrMGcbCrrhYKbfBMCBj9I=
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=300,public
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-8586d94f84-ng79d
x-envoy-upstream-service-time
37
access-control-allow-credentials
false
x-amz-request-id
DC5H8712T0BJP0K0
cf-ray
8ec8495e2d000f3b-EWR
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all
modules.0ef54262fdac36c27f9a.js
script.hotjar.com/ 		222 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.0ef54262fdac36c27f9a.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-5137026.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.56.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-56-26.iad61.r.cloudfront.net
Software
/
Resource Hash
777f49b915eb3a000d70e81bbbae273e08b11efde71724164dc33e6f5b1e6c04
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

x-robots-tag
none
content-encoding
br
etag
"f2d84e84f51661f5160850116121ae34"
age
36237
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
e3J5DaIZCgXsSaT5fMCsZafke892hV6ucN3sJSPdxRaHER6VZlAzuA==
date
Tue, 03 Dec 2024 16:11:07 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 03 Dec 2024 16:10:24 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 64de29cb6a7b7bcab60fef77017140a4.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56305
x-amz-cf-pop
IAD61-P5
getuidj
secure.adnxs.com/ 		11 B
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/getuidj
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
208.252.80.168; 208.252.80.168; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://emailsecurity.fortra.com
an-x-request-uuid
2c1f7f41-14f6-425b-86e5-5c8ab873d17b
content-length
11
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Wed, 04 Dec 2024 02:15:04 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
/
c.6sc.co/ 		7 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.6sc.co/
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.203.49 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-48-203-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

Access-Control-Max-Age
86400
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET,POST
Access-Control-Allow-Origin
https://emailsecurity.fortra.com
Content-Length
7
Date
Wed, 04 Dec 2024 02:15:04 GMT
Content-Type
text/html
Access-Control-Allow-Headers
*
/
ipv6.6sc.co/ 		22 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipv6.6sc.co/
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:ec00:c::1730:cb8e Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
f40e09b407cb0a0e12881ef4b23ff94befb9334d0d7498b0f15e1789580efaad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

cache-control
max-age=0, no-cache, no-store
pragma
no-cache
6si-ipv6
2600:803:a88:3168::168
expires
Wed, 04 Dec 2024 02:15:04 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1733278504871_389073038_2390927996_22_822_21_45_219";dur=1
access-control-allow-origin
https://emailsecurity.fortra.com
content-length
22
date
Wed, 04 Dec 2024 02:15:04 GMT
content-type
text/html
vary
Origin
bannermsg
consent.trustarc.com/ 		43 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/bannermsg?action=views&domain=helpsystems.com&behavior=implied&country=us&language=en&rand=0.2515267380555619&session=9d75347d-1756-41ab-a329-c923568b2072&userType=NEW&referer=https://emailsecurity.fortra.com
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.85.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-85-62.iad89.r.cloudfront.net
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
via
1.1 e0cd2760f9022d4294796eeecb448274.cloudfront.net (CloudFront)
expires
Mon, 26 Jul 1997 05:00:00 GMT
x-cache
Miss from cloudfront
content-length
43
x-amz-cf-id
WvdcEhwbfLgw16D7XqAb8gdTeCF2nt6MVYc0TUuaQItkd6bX89c4tA==
date
Wed, 04 Dec 2024 02:15:04 GMT
content-type
image/gif
x-amz-cf-pop
IAD89-P3
vary
Origin
assign
tracking.g2crowd.com/attribution_tracking/conversions/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://tracking.g2crowd.com/attribution_tracking/conversions/assign
Requested by
Host: tracking.g2crowd.com
URL: https://tracking.g2crowd.com/attribution_tracking/conversions/2389.js?p=https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&e=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarysdYQHcBdCOuJ9M7p
Referer
https://emailsecurity.fortra.com/

Response headers
l.gif
dev.visualwebsiteoptimizer.com/ 		35 B
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/l.gif?experiment_id=248&account_id=344368&cu=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&combination=1&s=1&sId=1733278503&u=D47633118A1B4E74470A4342726637D1F&ed=%7B%22tz%22%3A%22Pacific%2FHonolulu%22%2C%22tO%22%3A%2210%22%2C%22lt%22%3A%221733278504710%22%2C%22r%22%3A%22%22%2C%22ul%22%3A%22en-us%22%2C%22de%22%3A%22UTF-8%22%2C%22sc%22%3A%2224%22%2C%22sr%22%3A%221600x1200%22%7D&vn=7.0.416&vns=undefined&vno=undefined&eTime=1733278503722&random=0.4868597494161204
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv01c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma
no-cache
x-content-type-options
nosniff
via
1.1 google
expires
Mon, 10 Jan 2005 00:00:01 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
date
Wed, 04 Dec 2024 02:15:04 GMT
content-type
image/gif
server
gnv01c
settings.js
dev.visualwebsiteoptimizer.com/ 		23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=344368&settings_type=1&vn=7.0&exc=248|263
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv2 /
Resource Hash
b6f14de767657bd7f07d993f75b8d1dc1d5536e55cba3676a37a98a4a153de87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

cache-control
public, max-age=0, no-cache, must-revalidate
content-encoding
gzip
etag
W/"1733244673"
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 02:15:04 GMT
content-type
application/javascript; charset=UTF-8
server
gnv2
s.gif
dev.visualwebsiteoptimizer.com/ 		35 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/s.gif?account_id=344368&u=D47633118A1B4E74470A4342726637D1F&s=1733278503&p=1&tags={%22si%22:{%22248%22:%221%22}}&update=1&cq=0&vn=7.0.416&vns=undefined&vno=undefined&_cu=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abuse&eTime=1733278503731&random=0.11677203220486687
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv01c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma
no-cache
x-content-type-options
nosniff
via
1.1 google
expires
Mon, 10 Jan 2005 00:00:01 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
date
Wed, 04 Dec 2024 02:15:04 GMT
content-type
image/gif
server
gnv01c
details
eps.6sc.co/v3/company/ 		764 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eps.6sc.co/v3/company/details
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.108.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afe865822f884bb48.awsglobalaccelerator.com
Software
/
Resource Hash
b14dd8572d41acd561188da5417cef18c475b3621a03be38f12fe100ef84a795

Request headers

Authorization
Token 0351aeab885c847348820e19d17af46211797eec
X-6s-CustomID
WebTag1.0 b0e7a654cb6a9f76b986f2b6cbdbfabf
Referer
https://emailsecurity.fortra.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-expose-headers
X-6si-Region
timing-allow-origin
https://6sense.com
content-encoding
gzip
x-6si-region
access-control-allow-credentials
true
access-control-allow-origin
https://emailsecurity.fortra.com
content-length
404
date
Wed, 04 Dec 2024 02:15:05 GMT
content-type
application/json
vary
Origin, Accept-Encoding
public
api.hubspot.com/livechat-public/v1/message/ 		344 B
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=3478499&conversations-embed=static-1.18938&mobile=false&messagesUtk=7b814be3b3e04c508679d1805218b208&traceId=7b814be3b3e04c508679d1805218b208
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
765af7670638baf4c8e525c7ccbd30befc2f61fbefbda43f39a4a80b5cffe386
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
X-HubSpot-Messages-Uri
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Referer
https://emailsecurity.fortra.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5KG8rIViAt%2FZvHcQiCTz4DlwNe6jwts1XyOzMj0PkEFWBa67%2BO2QVFPprYWjnbAJdsJEtHIBsfhgTXAJLM1oWpDeeXSsRcxq1%2FgXGxYGyHSw3b36dXrLfhzeXgDIN7rEe8c1ivk7x8RRh4CUTA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options
nosniff
date
Wed, 04 Dec 2024 02:15:05 GMT
x-hubspot-correlation-id
5d2e9f3b-5e23-4243-8d58-8a60a80cdfea
content-type
application/json;charset=utf-8
vary
origin, Accept-Encoding
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
false
cf-ray
8ec849602c591902-EWR
access-control-allow-origin
https://emailsecurity.fortra.com
content-length
260
server
cloudflare
img.gif
b.6sc.co/v1/beacon/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=b0e7a654cb6a9f76b986f2b6cbdbfabf&svisitor=null&visitor=57fc98ad-e80d-459e-8ad6-2c43a6bfbd06&session=826610c0-12d9-4930-8c9c-bdec722afe30&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Wed%2C%2004%20Dec%202024%2002%3A15%3A04%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Fortra%20has%20observed%20a%20rising%20trend%20in%20legitimate%20service%20abuse%2C%20with%20a%20significant%20volume%20of%20attacks%20targeting%20Cloudflare%20Pages.%20Workers.dev%20is%20a%20domain%20used%20by%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cloudflare%E2%80%99s%20pages.dev%20and%20workers.dev%20Domains%20Increasingly%20Abused%20for%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&pageViewId=c56c35d0-42d6-4cd3-8447-b3d0f22d3a07&an_uid=0&v=1.1.29
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.203.49 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-48-203-49.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"615ccf10-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 02:15:04 GMT
accept-ranges
bytes
content-length
43
date
Wed, 04 Dec 2024 02:15:04 GMT
content-type
image/gif
last-modified
Tue, 05 Oct 2021 22:17:52 GMT
server
nginx/1.14.0 (Ubuntu)
img.gif
b.6sc.co/v1/beacon/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=b0e7a654cb6a9f76b986f2b6cbdbfabf&svisitor=null&visitor=57fc98ad-e80d-459e-8ad6-2c43a6bfbd06&session=826610c0-12d9-4930-8c9c-bdec722afe30&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2004%20Dec%202024%2002%3A15%3A04%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22b0e7a654cb6a9f76b986f2b6cbdbfabf%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2004%20Dec%202024%2002%3A15%3A04%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2004%20Dec%202024%2002%3A15%3A04%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2004%20Dec%202024%2002%3A15%3A04%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%220351aeab885c847348820e19d17af46211797eec%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2004%20Dec%202024%2002%3A15%3A04%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Fortra%20has%20observed%20a%20rising%20trend%20in%20legitimate%20service%20abuse%2C%20with%20a%20significant%20volume%20of%20attacks%20targeting%20Cloudflare%20Pages.%20Workers.dev%20is%20a%20domain%20used%20by%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cloudflare%E2%80%99s%20pages.dev%20and%20workers.dev%20Domains%20Increasingly%20Abused%20for%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&pageViewId=c56c35d0-42d6-4cd3-8447-b3d0f22d3a07&an_uid=0&v=1.1.29
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.203.49 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-48-203-49.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"60bb2e15-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 02:15:04 GMT
accept-ranges
bytes
content-length
43
date
Wed, 04 Dec 2024 02:15:04 GMT
content-type
image/gif
last-modified
Sat, 05 Jun 2021 07:56:05 GMT
server
nginx/1.14.0 (Ubuntu)
details
eps.6sc.co/v3/company/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eps.6sc.co/v3/company/details
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.108.141 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afe865822f884bb48.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-6s-customid
Access-Control-Request-Method
GET
Origin
https://emailsecurity.fortra.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,x-6s-customid
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
https://emailsecurity.fortra.com
access-control-expose-headers
X-6si-Region
access-control-max-age
1800
content-length
0
date
Wed, 04 Dec 2024 02:15:04 GMT
timing-allow-origin
https://6sense.com
x-6si-region
public
api.hubspot.com/livechat-public/v1/message/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=3478499&conversations-embed=static-1.18938&mobile=false&messagesUtk=7b814be3b3e04c508679d1805218b208&traceId=7b814be3b3e04c508679d1805218b208
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
x-hubspot-messages-uri
Access-Control-Request-Method
GET
Origin
https://emailsecurity.fortra.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://emailsecurity.fortra.com
allow
HEAD,GET,OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8ec8495f8ba71902-EWR
content-length
18
content-type
text/plain; charset=utf-8
date
Wed, 04 Dec 2024 02:15:04 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m9qFxLKc2Y%2FCVf4tIUWgc0brbGObCwfLDw6O97Pctq%2FzlyLMcF1Xfhl5DtIx2wdPKN4PSTpw0wNdIepWIDZl7RnQYi0h05bV9dVVFQgF5xg5Lg4fHw99bOB3fnFiloXL8KmJRYzbiuqKm5%2BuXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
x-content-type-options
nosniff
x-hubspot-correlation-id
27cc1eef-6f5e-48f5-9396-3cf1c351f278
5137026
vc.hotjar.io/sessions/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/5137026?s=0.25&r=0.08266295443210003
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.0ef54262fdac36c27f9a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-48.iad55.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

via
1.1 f9727388a9890610c008f83558e75e0e.cloudfront.net (CloudFront)
access-control-allow-origin
*
cache-control
no-store
x-cache
Miss from cloudfront
x-amz-cf-id
A0_qlYB0we_3dwwXTha3Soiv_-4YOCEUQLQoVuWaUb7EYKXLYHFaow==
date
Wed, 04 Dec 2024 02:15:05 GMT
x-amz-cf-pop
IAD55-P2
img.gif
b.6sc.co/v1/beacon/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=b0e7a654cb6a9f76b986f2b6cbdbfabf&svisitor=null&visitor=57fc98ad-e80d-459e-8ad6-2c43a6bfbd06&session=826610c0-12d9-4930-8c9c-bdec722afe30&event=ipv6&q=%7B%22address%22%3A%222600%3A803%3Aa88%3A3168%3A%3A168%22%7D&isIframe=false&m=%7B%22description%22%3A%22Fortra%20has%20observed%20a%20rising%20trend%20in%20legitimate%20service%20abuse%2C%20with%20a%20significant%20volume%20of%20attacks%20targeting%20Cloudflare%20Pages.%20Workers.dev%20is%20a%20domain%20used%20by%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cloudflare%E2%80%99s%20pages.dev%20and%20workers.dev%20Domains%20Increasingly%20Abused%20for%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&pageViewId=c56c35d0-42d6-4cd3-8447-b3d0f22d3a07&an_uid=0&ipv6=2600%3A803%3Aa88%3A3168%3A%3A168&v=1.1.29
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.203.49 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-48-203-49.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"63f02dad-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 02:15:05 GMT
accept-ranges
bytes
content-length
43
date
Wed, 04 Dec 2024 02:15:05 GMT
content-type
image/gif
last-modified
Sat, 18 Feb 2023 01:45:17 GMT
server
nginx/1.14.0 (Ubuntu)
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&scrsrc=www.googletagmanager.com&frm=0&rnd=712965589.1733278505&auid=1587506684.1733278505&npa=0&gtm=45He4bk0v6702304za200&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&tft=1733278505008&tfd=1802&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSSNRJ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::6a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-TGW7SE44X4&gtm=45je4bk0v9186916704z86702304za200zb6702304&_p=1733278503926&_gaz=1&gcs=G111&gcd=13t3t3t3t5l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&gdid=dNTIxZG&cid=1675000885.1733278505&ul=en-us&are=1&pae=1&frm=0&pscdl=noapi&_geo=1&_rdi=1&_s=1&sid=1733278504&sct=1&seg=0&dl=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&dt=Cloudflare%E2%80%99s%20pages.dev%20and%20workers.dev%20Domains%20Increasingly%20Abused%20for&en=page_view&_fv=1&_nsi=1&_ss=1&ep.tag_name=Google%20Analytics%204&ep.clean_path=%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&tfd=1824
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TGW7SE44X4&l=dataLayer&cx=c&gtm=45He4bk0v6702304za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://emailsecurity.fortra.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 02:15:05 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
48 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TGW7SE44X4&cid=1675000885.1733278505&gtm=45je4bk0v9186916704z86702304za200zb6702304&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t5l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TGW7SE44X4&l=dataLayer&cx=c&gtm=45He4bk0v6702304za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://emailsecurity.fortra.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 02:15:05 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 20F1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-TGW7SE44X4&gacid=1675000885.1733278505&gtm=45je4bk0v9186916704z86702304za200zb6702304&dma=0&gcs=G111&gcd=13t3t3t3t5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485&z=2067292795
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TGW7SE44X4&l=dataLayer&cx=c&gtm=45He4bk0v6702304za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://emailsecurity.fortra.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Dec 2024 02:15:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-NHMHGJWX49&gtm=45je4bk0v9134213712z86702304za200zb6702304&_p=1733278503926&_gaz=1&gcs=G111&gcd=13t3t3t3t5l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&gdid=dNTIxZG&cid=1675000885.1733278505&ul=en-us&are=1&pae=1&frm=0&pscdl=noapi&_geo=1&_rdi=1&_s=1&sid=1733278504&sct=1&seg=0&dl=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&dt=Cloudflare%E2%80%99s%20pages.dev%20and%20workers.dev%20Domains%20Increasingly%20Abused%20for&en=page_view&_fv=1&_ss=1&ep.clean_path=%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&tfd=1842
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NHMHGJWX49&l=dataLayer&cx=c&gtm=45He4bk0v6702304za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://emailsecurity.fortra.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 02:15:05 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
551 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NHMHGJWX49&cid=1675000885.1733278505&gtm=45je4bk0v9134213712z86702304za200zb6702304&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t5l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NHMHGJWX49&l=dataLayer&cx=c&gtm=45He4bk0v6702304za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://emailsecurity.fortra.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 02:15:05 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 7111 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-NHMHGJWX49&gacid=1675000885.1733278505&gtm=45je4bk0v9134213712z86702304za200zb6702304&dma=0&gcs=G111&gcd=13t3t3t3t5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485&z=121321010
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NHMHGJWX49&l=dataLayer&cx=c&gtm=45He4bk0v6702304za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://emailsecurity.fortra.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Dec 2024 02:15:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sw_iframe.html
www.googletagmanager.com/static/service_worker/4c30/ Frame 94B1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4c30/sw_iframe.html?origin=https%3A%2F%2Femailsecurity.fortra.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSSNRJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Wed, 04 Dec 2024 02:15:05 GMT
expires
Thu, 04 Dec 2025 02:15:05 GMT
last-modified
Tue, 03 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
combinedConfigs
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 		61 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=3478499&currentUrl=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Requested by
Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
027f9fef93a2d620715de7311a5bf674cb3df18a352d2a0a7266c147c157333f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

x-robots-tag
noindex, follow
access-control-max-age
180
x-request-id
a725286f-aaf8-48e4-9e09-52fdcd0e90d0
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1DbterolOmJMI7MsgvVAFwDD9VRalWW0C4JcUkrLLjjl15sgepz6XdhXzBxLH%2BmWM%2F1pmzGnch2XCwd9rm%2B951NlnTfGv2KXvXRMGrL%2F8Tu9rc%2FRKeog5NSscTa6UwIImOh2GkOdH8xcqbIPXcMHhjjlb%2BTQaF455iM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
access-control-allow-methods
OPTIONS, GET
x-evy-trace-listener
listener_https
date
Wed, 04 Dec 2024 02:15:05 GMT
x-hubspot-correlation-id
a725286f-aaf8-48e4-9e09-52fdcd0e90d0
content-type
application/json;charset=utf-8
vary
origin
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=0, no-cache, no-store
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-b967ccf5d-f68sx
x-envoy-upstream-service-time
8
access-control-allow-credentials
true
cf-ray
8ec84960dca31a0b-EWR
access-control-allow-origin
https://emailsecurity.fortra.com
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all
v
v.eps.6sc.co/ 		12 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.eps.6sc.co/v
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.76.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-76-19.iad89.r.cloudfront.net
Software
/
Resource Hash
512a4f403d30a587ad5ab0b9fa7b2fd4f078249ee03f9c23c445332838f6a436

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://emailsecurity.fortra.com/

Response headers

x-amz-apigw-id
CPouhEfbIAMEMnQ=
x-amzn-trace-id
Root=1-674fbb29-24aee07973b1854c5e8d0124;Parent=448273106274c2fb;Sampled=0;Lineage=1:56167173:0
access-control-allow-methods
OPTIONS,POST
x-amzn-requestid
35c2ae87-e836-4d1b-a1a7-8d6a7e0b039e
via
1.1 14391d64e547dcdd38d7ce792e589ec4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
12
x-amz-cf-id
WpI-KdDhHSzwUulxPJfQCOuSnDdvgJ5PvUI1VdbTrPPdQqBHz__f_A==
date
Wed, 04 Dec 2024 02:15:05 GMT
content-type
application/json
x-amz-cf-pop
IAD89-P4
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
img.gif
b.6sc.co/v1/beacon/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=6sense-temp-analytics&svisitor=null&visitor=57fc98ad-e80d-459e-8ad6-2c43a6bfbd06&session=826610c0-12d9-4930-8c9c-bdec722afe30&event=https%3A%2F%2Feps.6sc.co&q=%7B%22name%22%3A%22https%3A%2F%2Feps.6sc.co%2Fv3%2Fcompany%2Fdetails%22%2C%22entryType%22%3A%22resource%22%2C%22startTime%22%3A1525.6000003814697%2C%22duration%22%3A383.6999988555908%2C%22initiatorType%22%3A%22xmlhttprequest%22%2C%22deliveryType%22%3A%22%22%2C%22nextHopProtocol%22%3A%22%22%2C%22renderBlockingStatus%22%3A%22non-blocking%22%2C%22workerStart%22%3A0%2C%22redirectStart%22%3A0%2C%22redirectEnd%22%3A0%2C%22fetchStart%22%3A1525.6000003814697%2C%22domainLookupStart%22%3A0%2C%22domainLookupEnd%22%3A0%2C%22connectStart%22%3A0%2C%22secureConnectionStart%22%3A0%2C%22connectEnd%22%3A0%2C%22requestStart%22%3A0%2C%22responseStart%22%3A0%2C%22firstInterimResponseStart%22%3A0%2C%22responseEnd%22%3A1909.2999992370605%2C%22transferSize%22%3A0%2C%22encodedBodySize%22%3A0%2C%22decodedBodySize%22%3A0%2C%22responseStatus%22%3A200%2C%22serverTiming%22%3A%5B%5D%2C%22metadata%22%3A%7B%22region%22%3A%22header-blocked%22%7D%7D&isIframe=false&m=%7B%22endpoint%22%3A%22epsilon.6sense.com%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&pageViewId=&d=1&v=1.1.29
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.203.49 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-48-203-49.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"63f020a0-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 02:15:05 GMT
accept-ranges
bytes
content-length
43
date
Wed, 04 Dec 2024 02:15:05 GMT
content-type
image/gif
last-modified
Sat, 18 Feb 2023 00:49:36 GMT
server
nginx/1.14.0 (Ubuntu)
counters.gif
perf-na1.hsforms.com/embed/v3/ 		35 B
957 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:afbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

x-robots-tag
none
x-request-id
80871084-1e86-44a5-87c9-9c6bbbd98fa3
access-control-expose-headers
X-Origin-Hublet
cf-cache-status
MISS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-evy-trace-listener
listener_https
server-timing
cfExtPri
date
Wed, 04 Dec 2024 02:15:05 GMT
x-hubspot-correlation-id
80871084-1e86-44a5-87c9-9c6bbbd98fa3
content-type
image/gif
vary
origin, Accept-Encoding
last-modified
Wed, 04 Dec 2024 02:15:05 GMT
priority
u=3,i
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=0, no-cache, no-store
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-b967ccf5d-lnptw
x-envoy-upstream-service-time
5
access-control-allow-credentials
false
cf-ray
8ec84961da4f5e7f-EWR
accept-ranges
bytes
x-evy-trace-route-configuration
listener_https/all
content-length
35
server
cloudflare
x-evy-trace-virtual-host
all
v
v.eps.6sc.co/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.eps.6sc.co/v
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.171.76.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-171-76-19.iad89.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://emailsecurity.fortra.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 04 Dec 2024 02:15:05 GMT
via
1.1 14391d64e547dcdd38d7ce792e589ec4.cloudfront.net (CloudFront)
x-amz-apigw-id
CPouhH0CoAMErKg=
x-amz-cf-id
06-1f7RsRtUU33eJwKDvdeL-GWCOouy9ovN7d4jbtWDsj5Gacr5l-A==
x-amz-cf-pop
IAD89-P4
x-amzn-requestid
f5a55022-3d6f-4abf-8e32-2460e27657b5
x-cache
Miss from cloudfront
core
js.driftt.com/ Frame C839 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core?d=1&embedId=vabs9hx29dzm&eId=vabs9hx29dzm&region=US&forceShow=false&skipCampaigns=false&sessionId=bff0126b-aa2b-43fd-86f1-63f61c127b5e&sessionStarted=1733278505.35&campaignRefreshToken=29049050-6680-4a70-83f8-5feb463cd38c&hideController=false&pageLoadStartTime=1733278503562&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1733278800000/vabs9hx29dzm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.18.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-18-33.iad12.r.cloudfront.net
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://emailsecurity.fortra.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 04 Dec 2024 02:15:05 GMT
etag
W/"8d171c1ab68fa656ee61a7ae17d07acb"
last-modified
Mon, 25 Nov 2024 19:25:31 GMT
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
via
1.1 5ea972e689f9b02c2fa2ba9f72e70ede.cloudfront.net (CloudFront)
x-amz-cf-id
9ha2mBnhMwrdDE52auHTHvl2TcZGyh73gzGe12nRbgyAGMeHWXETIw==
x-amz-cf-pop
IAD12-P4
x-amz-server-side-encryption
AES256
x-amz-version-id
Qmdl6cY2R6dFEY3eRuZp_X3AREd2Qa5p
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
33
chat
js.driftt.com/core/ Frame C3D1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1733278503562
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1733278800000/vabs9hx29dzm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.18.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-18-33.iad12.r.cloudfront.net
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://emailsecurity.fortra.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 04 Dec 2024 02:15:05 GMT
etag
W/"8d171c1ab68fa656ee61a7ae17d07acb"
last-modified
Mon, 25 Nov 2024 19:25:31 GMT
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
via
1.1 5ea972e689f9b02c2fa2ba9f72e70ede.cloudfront.net (CloudFront)
x-amz-cf-id
yHM3y7NQRzR-xDeSoAqoABeugNw0Ysfgm694qo7G3VNtaTymfYA5sg==
x-amz-cf-pop
IAD12-P4
x-amz-server-side-encryption
AES256
x-amz-version-id
Qmdl6cY2R6dFEY3eRuZp_X3AREd2Qa5p
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
27
__ptq.gif
track.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1372317473&v=1.1&a=3478499&rcu=https%3A%2F%2Fwww.fortra.com%2Fblog%2Fcloudflare-pages-workers-domains-increasingly-abused-for-phishing&pu=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&t=Cloudflare%E2%80%99s+pages.dev+and+workers.dev+Domains+Increasingly+Abused+for&cts=1733278505374&vi=7b54f4eba3e998b4cd80af3977e168bd&nc=true&u=269143534.7b54f4eba3e998b4cd80af3977e168bd.1733278505371.1733278505371.1733278505371.1&b=269143534.1.1733278505371&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

x-robots-tag
none
x-request-id
df7f45d9-4749-4072-bf55-2359ae0066db
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x0jqWCfpcsgD4EYdwLNnwduYjUGZtIwu5f5Ps93ibvN23cj%2B0uUB3FQNfj1%2FhNmZadDvsorz4vuN5KIC0pqhD25n%2FRJl8hM992nXNfDJdlO6ZnI0y%2BYKKpWlT8uZ%2FSheyblDW5%2F9eNZtZoN%2FofXI"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
p3p
CP="NOI CUR ADM OUR NOR STA NID"
date
Wed, 04 Dec 2024 02:15:05 GMT
x-hubspot-correlation-id
df7f45d9-4749-4072-bf55-2359ae0066db
content-type
image/gif
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
no-cache, no-store, no-transform
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-c658cb6d4-5tthw
x-envoy-upstream-service-time
6
access-control-allow-credentials
false
cf-ray
8ec84963788d18c8-EWR
x-evy-trace-route-configuration
listener_https/all
content-length
45
server
cloudflare
x-evy-trace-virtual-host
all
rum
emailsecurity.fortra.com/cdn-cgi/ 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://emailsecurity.fortra.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8ec84962cc3e0f37-EWR
access-control-allow-origin
https://emailsecurity.fortra.com
date
Wed, 04 Dec 2024 02:15:05 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
api.min.js
a.omappapi.com/app/js/ 		47 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/api.min.js
Requested by
Host: emailsecurity.fortra.com
URL: https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
87c631607d118e02e847112aca0a2800bfd2a9cfe5bc01b48eeb60b0ff86804c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

perma-cache
HIT
cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"673cdc01-bb7b"
cdn-fileserver
388
date
Wed, 04 Dec 2024 02:15:05 GMT
cdn-storageserver
NY-346
last-modified
Tue, 19 Nov 2024 18:42:09 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
11/19/2024 18:43:03
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
ff84cb01aa5c2fbe5ff9432a3a42718f
cdn-pullzone
293267
cdn-proxyver
1.06
access-control-allow-origin
*
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
US
json
forms.hubspot.com/lead-flows-config/v1/config/ 		178 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=3478499&utk=7b54f4eba3e998b4cd80af3977e168bd&__hstc=269143534.7b54f4eba3e998b4cd80af3977e168bd.1733278505371.1733278505371.1733278505371.1&__hssc=269143534.1.1733278505371&currentUrl=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Requested by
Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e4a4c64c27c2f3e6e5d5f3325ac3a2e5b63fca7546ee3a5221e61cb0e089048
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

x-robots-tag
none
access-control-max-age
180
x-request-id
7511473b-9d6a-468b-88ef-db1ab56d8007
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V8s6uBIiLhP2jRW0IofHk3TkPcybkeyfidjQ3IKuGY8U3LNqf%2BdNB%2F0YocTAokRDFZMQbjW39JgDJgnLET7dxiIRd1zTql2dAc7%2FnTPIwnJfQ9LpNRCt2HZTdFJ3AYKlrdUdkcjH5s6cRjLqVB7I"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-evy-trace-listener
listener_https
date
Wed, 04 Dec 2024 02:15:05 GMT
x-hubspot-correlation-id
7511473b-9d6a-468b-88ef-db1ab56d8007
content-type
application/json;charset=utf-8
vary
origin
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=0, no-cache, no-store
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-b967ccf5d-zpgzg
x-envoy-upstream-service-time
18
access-control-allow-credentials
false
cf-ray
8ec84962dede1a0b-EWR
access-control-allow-origin
https://emailsecurity.fortra.com
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all
img.gif
b.6sc.co/v1/beacon/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=b0e7a654cb6a9f76b986f2b6cbdbfabf&svisitor=null&visitor=57fc98ad-e80d-459e-8ad6-2c43a6bfbd06&session=826610c0-12d9-4930-8c9c-bdec722afe30&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2004%20Dec%202024%2002%3A15%3A05%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2004%20Dec%202024%2002%3A15%3A04%20GMT%22%2C%22timeSpent%22%3A%221003%22%2C%22totalTimeSpent%22%3A%221003%22%7D&isIframe=false&m=%7B%22description%22%3A%22Fortra%20has%20observed%20a%20rising%20trend%20in%20legitimate%20service%20abuse%2C%20with%20a%20significant%20volume%20of%20attacks%20targeting%20Cloudflare%20Pages.%20Workers.dev%20is%20a%20domain%20used%20by%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cloudflare%E2%80%99s%20pages.dev%20and%20workers.dev%20Domains%20Increasingly%20Abused%20for%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&pageViewId=c56c35d0-42d6-4cd3-8447-b3d0f22d3a07&an_uid=0&ipv6=2600%3A803%3Aa88%3A3168%3A%3A168&v=1.1.29
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.203.49 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-48-203-49.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"63f02dad-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 02:15:05 GMT
accept-ranges
bytes
content-length
43
date
Wed, 04 Dec 2024 02:15:05 GMT
content-type
image/gif
last-modified
Sat, 18 Feb 2023 01:45:17 GMT
server
nginx/1.14.0 (Ubuntu)
api.min.css
a.omappapi.com/app/js/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/api.min.css
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
bf283fef88d8fe04783a585b86d196a404a9b2d3ed87fad6758db1ab311fd0e0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

perma-cache
HIT
cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"673cdbf7-2644"
cdn-fileserver
749
date
Wed, 04 Dec 2024 02:15:05 GMT
cdn-storageserver
NY-427
last-modified
Tue, 19 Nov 2024 18:41:59 GMT
content-type
text/css
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
11/19/2024 18:42:40
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
7bd836756aaf7b9c75e558e5ca3c9839
cdn-pullzone
293267
cdn-proxyver
1.06
access-control-allow-origin
*
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
US
29348
api.omappapi.com/v2/embed/ 		44 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.omappapi.com/v2/embed/29348?d=emailsecurity.fortra.com
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2908 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c6725986c33db06d2bf5b28ac03880f1747208213e017a28e8d1cb26ac90807

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

x-optinmonster-account
16176
x-user-agent
standard--
access-control-expose-headers
X-OptinMonster-Account, X-User-Agent
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"5454b7f8d17c7953863643e0515a91a7"
expires
Wed, 04 Dec 2024 02:09:18 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
l0mlKMpoziOMAq_z8j_T_XAY6wKE2_N2158WHXem9jtEG2XTR1DPaA==
date
Wed, 04 Dec 2024 02:15:05 GMT
x-cache-config
0 0
content-type
application/json
last-modified
Wed, 27 Nov 2024 19:50:46 GMT
vary
Accept-Encoding, User-Agent
access-control-allow-headers
X-CSRF-Token
x-cache-status
HIT
cache-control
public, max-age=30, stale-while-revalidate=1800
via
1.1 11140291d542e546b40770525cf1e1b4.cloudfront.net (CloudFront)
cf-ray
8ec8496529e543e9-EWR
access-control-allow-origin
*
x-amz-cf-pop
EWR53-P1
server
cloudflare
5.8d87cdc9.min.js
a.omappapi.com/app/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/5.8d87cdc9.min.js
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
7d5c91bba288f8d52bece6eb27a646578f0c935f8890f9f1fb5349060c7ce77b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

x-amz-server-side-encryption
AES256
cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"c73fbe3f0cf913da77cf06d1659eeaee"
date
Wed, 04 Dec 2024 02:15:05 GMT
last-modified
Tue, 19 Nov 2024 18:41:53 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
BwSQWkiAkmAzBCpG+ev2Pi5UCAsUSI7Ba9PFc9PsTDHm70kg1Jr4VWpx3TlQRLTqUJiqSSKiQFY=
cdn-requestpullcode
200
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-storagebalancer
NY-427
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
3208c909b59943dc4815038eac994722
cdn-pullzone
293267
cdn-proxyver
1.06
x-amz-request-id
PVZJEHHW33C6CPP8
access-control-allow-origin
*
cdn-cachedat
11/19/2024 18:42:02
cdn-edgestorageid
925
perma-cache
MISS
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
US
json
api.omappapi.com/v3/geolocate/ 		585 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.omappapi.com/v3/geolocate/json
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2908 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b8d9ad3b174aacd7848b43b341030a4177fc8b148d1386bf573411c616050ad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

x-user-agent
standard--
content-encoding
br
cf-cache-status
DYNAMIC
x-pagely-debug
mainblock
x-cache
Miss from cloudfront
x-amz-cf-id
DoLVfkuiOCG5gTrElrt75gA0A6NDf1j_UnATZ-pAo71IiH9DvIPn3g==
date
Wed, 04 Dec 2024 02:15:05 GMT
x-cache-config
0 0
content-type
application/json
x-cache-status
BYPASS
x-ratelimit-reset
1733278565
via
1.1 11140291d542e546b40770525cf1e1b4.cloudfront.net (CloudFront)
x-ratelimit-remaining
999
cf-ray
8ec84965dad143e9-EWR
access-control-allow-origin
*
x-ratelimit-limit
1000
x-amz-cf-pop
EWR53-P1
server
cloudflare
4.22b86587.min.js
a.omappapi.com/app/js/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/4.22b86587.min.js
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
a95f4f272fb7ee161327a5f3f4f669d3d5a7974b6bba7cb936b01b5468394ab4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

perma-cache
HIT
cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"672cd5df-ae69"
cdn-fileserver
622
date
Wed, 04 Dec 2024 02:15:05 GMT
cdn-storageserver
NY-346
last-modified
Thu, 07 Nov 2024 14:59:43 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
11/08/2024 00:59:03
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
ccda024bea51d0e7a4f3b693a853e61d
cdn-pullzone
293267
cdn-proxyver
1.06
access-control-allow-origin
*
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
US
20.a5ee147c.min.js
a.omappapi.com/app/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/20.a5ee147c.min.js
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
3adb64bef3f3f91a1946fa2213808d4ca67ab45cc8ed4a6c31d136e58c7f0c4e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

perma-cache
HIT
cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"66fefc7d-c3f"
cdn-fileserver
388
date
Wed, 04 Dec 2024 02:15:06 GMT
cdn-storageserver
NY-267
last-modified
Thu, 03 Oct 2024 20:20:13 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
11/11/2024 03:33:01
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
7f4724b3045803426633a2dd2af0d6f2
cdn-pullzone
293267
cdn-proxyver
1.06
access-control-allow-origin
*
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
US
13.0d9bec5f.min.js
a.omappapi.com/app/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/13.0d9bec5f.min.js
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
9ee00d07b79fe34f2bd25d5b4341483cc9b3561b414a986f542c9f903acc2835

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

perma-cache
HIT
cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"66fefc89-8b1"
cdn-fileserver
749
date
Wed, 04 Dec 2024 02:15:06 GMT
cdn-storageserver
NY-427
last-modified
Thu, 03 Oct 2024 20:20:25 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
11/11/2024 05:10:01
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
1c78d77bd06a9a94e84b2f865821f910
cdn-pullzone
293267
cdn-proxyver
1.06
access-control-allow-origin
*
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
US
25.7a0ef50d.min.js
a.omappapi.com/app/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/25.7a0ef50d.min.js
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
39bb5021d0931d53358aacc884ca5af95bc5cb960c2dc459f4955c80d6f2ab12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

perma-cache
HIT
cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"66fefc7e-aed"
cdn-fileserver
749
date
Wed, 04 Dec 2024 02:15:06 GMT
cdn-storageserver
NY-267
last-modified
Thu, 03 Oct 2024 20:20:14 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
11/11/2024 05:10:01
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
3be2fb47ca6d9edeedde3ea330bd07a4
cdn-pullzone
293267
cdn-proxyver
1.06
access-control-allow-origin
*
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
US
19.a0925dda.min.js
a.omappapi.com/app/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/19.a0925dda.min.js
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
8f299bce1c4968647aa3727f390aef0cd75da150a614ae61540d6cce44207e20

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

perma-cache
HIT
cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"6707e1a9-ed6"
cdn-fileserver
749
date
Wed, 04 Dec 2024 02:15:06 GMT
cdn-storageserver
NY-267
last-modified
Thu, 10 Oct 2024 14:16:09 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
11/13/2024 16:35:39
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
b6c50526b1fa0158b95b9b535fe809ff
cdn-pullzone
293267
cdn-proxyver
1.06
access-control-allow-origin
*
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
US
27.78befebd.min.js
a.omappapi.com/app/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/27.78befebd.min.js
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
b536245d5d1912397f06964694ae416b45a26a3bc39021850852c647bee46bab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

perma-cache
HIT
cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"66fefc81-174f"
cdn-fileserver
388
date
Wed, 04 Dec 2024 02:15:06 GMT
cdn-storageserver
NY-427
last-modified
Thu, 03 Oct 2024 20:20:17 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
11/17/2024 20:04:52
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
7ce1a602057209cfc52acde0ee7ecab8
cdn-pullzone
293267
cdn-proxyver
1.06
access-control-allow-origin
*
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
US
33.db83743a.min.js
a.omappapi.com/app/js/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/33.db83743a.min.js
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
eff50ee97749192a01ffbe5c7d7b3b88d11cc53dcbd6d659b22b37e8cc0754d7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

perma-cache
HIT
cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"6728ef64-878e"
cdn-fileserver
622
date
Wed, 04 Dec 2024 02:15:06 GMT
cdn-storageserver
NY-268
last-modified
Mon, 04 Nov 2024 15:59:32 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
11/08/2024 00:59:03
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
d09fed1b7f41702725aa0d19a145c765
cdn-pullzone
293267
cdn-proxyver
1.06
access-control-allow-origin
*
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
US
10.f3e1fec4.min.js
a.omappapi.com/app/js/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/10.f3e1fec4.min.js
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
46be8975c077af9ee628b95903df417598a0df10350acb20e678ab3fe9a54f36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

perma-cache
HIT
cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"673cdbfa-7cf4"
cdn-fileserver
861
date
Wed, 04 Dec 2024 02:15:06 GMT
cdn-storageserver
DE-680
last-modified
Tue, 19 Nov 2024 18:42:02 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
11/19/2024 18:42:02
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-storagebalancer
NY-346
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
5b8265497f92c808f43490067b939c06
cdn-pullzone
293267
cdn-proxyver
1.06
access-control-allow-origin
*
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
US
0.8d8ea138.min.js
a.omappapi.com/app/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/0.8d8ea138.min.js
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
7d83be6c00b69fd13021966579f40390e19a7638de7a33fbb01997f793937432

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

perma-cache
HIT
cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"66fefc81-1a8f"
cdn-fileserver
749
date
Wed, 04 Dec 2024 02:15:06 GMT
cdn-storageserver
NY-427
last-modified
Thu, 03 Oct 2024 20:20:17 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
11/08/2024 00:59:03
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
7fa84d1fd5fba842687f1bef30801f4a
cdn-pullzone
293267
cdn-proxyver
1.06
access-control-allow-origin
*
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
US
9.b36e2a05.min.js
a.omappapi.com/app/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/9.b36e2a05.min.js
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
f14b33b9d5a249b41c2c3ab1065df21780f8d7d681c6a745244848dff1845c58

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

perma-cache
HIT
cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"66fefc88-650"
cdn-fileserver
388
date
Wed, 04 Dec 2024 02:15:06 GMT
cdn-storageserver
NY-427
last-modified
Thu, 03 Oct 2024 20:20:24 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
11/14/2024 14:45:28
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
6a7501f1655af359b8f2cbadbc82a8d8
cdn-pullzone
293267
cdn-proxyver
1.06
access-control-allow-origin
*
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
US
11.c5ec45ff.min.js
a.omappapi.com/app/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/11.c5ec45ff.min.js
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
39dd4eedf59461aa0bb42f57f4663d3b3224f5efcdf95f7e571e829aae135905

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

perma-cache
HIT
cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"66fefc89-838"
cdn-fileserver
749
date
Wed, 04 Dec 2024 02:15:06 GMT
cdn-storageserver
NY-346
last-modified
Thu, 03 Oct 2024 20:20:25 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
11/14/2024 14:45:12
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
ac1899763d51df79dd9dd8fc6bda5a17
cdn-pullzone
293267
cdn-proxyver
1.06
access-control-allow-origin
*
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
US
28.43a9d7cb.min.js
a.omappapi.com/app/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/28.43a9d7cb.min.js
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
215d04e8a15809c25cc259626bfdf609ea695c32199d1b1b482cf7395a19faaf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

perma-cache
HIT
cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"66fefca5-b21"
cdn-fileserver
749
date
Wed, 04 Dec 2024 02:15:06 GMT
cdn-storageserver
NY-268
last-modified
Thu, 03 Oct 2024 20:20:53 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
11/08/2024 00:59:03
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
1
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
52abf554b6459f884dcdeaa735f1c39c
cdn-pullzone
293267
cdn-proxyver
1.06
access-control-allow-origin
*
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
US
26.6128bd2e.min.js
a.omappapi.com/app/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/26.6128bd2e.min.js
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
7c345c812c6c32c007d7fe0f4968df8f847ea5006e76c8633da70d446b1936a5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

perma-cache
HIT
cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"66fefc81-4e1"
cdn-fileserver
749
date
Wed, 04 Dec 2024 02:15:06 GMT
cdn-storageserver
NY-353
last-modified
Thu, 03 Oct 2024 20:20:17 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
11/08/2024 00:59:03
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
d689cab2039eeb947090efed16389f2c
cdn-pullzone
293267
cdn-proxyver
1.06
access-control-allow-origin
*
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
US
16.d9461827.min.js
a.omappapi.com/app/js/ 		830 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/16.d9461827.min.js
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
140eedc23b5929c1bb8a74d021936779b48156ccb5445431659d656f8aa104cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

perma-cache
HIT
cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"66fefc7f-33e"
cdn-fileserver
388
date
Wed, 04 Dec 2024 02:15:06 GMT
cdn-storageserver
NY-267
last-modified
Thu, 03 Oct 2024 20:20:15 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
11/08/2024 00:59:03
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
fc2461b268874c8808243805382be9a5
cdn-pullzone
293267
cdn-proxyver
1.06
access-control-allow-origin
*
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
US
1.45b31b69.min.js
a.omappapi.com/app/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/1.45b31b69.min.js
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
83a3d365514cd49659d6d7906936b0f3ac0db4d743643006afdbe09f6d5b3d03

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

perma-cache
HIT
cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"66fefc89-23d2"
cdn-fileserver
749
date
Wed, 04 Dec 2024 02:15:06 GMT
cdn-storageserver
NY-268
last-modified
Thu, 03 Oct 2024 20:20:25 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
11/08/2024 00:59:03
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
42c4e02a5f2ef07e734f1b65f03dff1a
cdn-pullzone
293267
cdn-proxyver
1.06
access-control-allow-origin
*
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
US
21.8fe2e52f.min.js
a.omappapi.com/app/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/21.8fe2e52f.min.js
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
e92b5c4af8c5c6115f09955c6aa8577a45c65effe782e0593540f09177f69a29

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

perma-cache
HIT
cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"66fefc89-65a"
cdn-fileserver
749
date
Wed, 04 Dec 2024 02:15:06 GMT
cdn-storageserver
NY-346
last-modified
Thu, 03 Oct 2024 20:20:25 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
11/08/2024 00:59:03
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
998c717bb5e963358916dc10d455aefe
cdn-pullzone
293267
cdn-proxyver
1.06
access-control-allow-origin
*
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
US
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

content-encoding
gzip
age
6085
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 02:33:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 00:33:41 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
css2
fonts.googleapis.com/ 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto%3Aital%2Cwght%400%2C400&family=Open+Sans%3Aital%2Cwght%400%2C400%3B0%2C600&display=swap
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/4.22b86587.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
96cc8db8cf3b09021dbdf45d57705167a6c5c1f9c6c4e52ddc122a82a1a3f3cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 02:15:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 02:15:06 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 04 Dec 2024 02:15:06 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,400;0,500;0,600;0,700;0,900;1,400;1,500;1,600;1,700;1,900&family=Roboto:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://emailsecurity.fortra.com
Referer
https://fonts.googleapis.com/

Response headers

age
472733
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 14:56:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 14:56:13 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto%3Aital%2Cwght%400%2C400&family=Open+Sans%3Aital%2Cwght%400%2C400%3B0%2C600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://emailsecurity.fortra.com
Referer
https://fonts.googleapis.com/

Response headers

age
472733
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 14:56:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 14:56:13 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto%3Aital%2Cwght%400%2C400&family=Open+Sans%3Aital%2Cwght%400%2C400%3B0%2C600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://emailsecurity.fortra.com
Referer
https://fonts.googleapis.com/

Response headers

age
481774
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 12:25:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 12:25:32 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto%3Aital%2Cwght%400%2C400&family=Open+Sans%3Aital%2Cwght%400%2C400%3B0%2C600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://emailsecurity.fortra.com
Referer
https://fonts.googleapis.com/

Response headers

age
481774
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 12:25:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 12:25:32 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
img.gif
b.6sc.co/v1/beacon/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=b0e7a654cb6a9f76b986f2b6cbdbfabf&svisitor=null&visitor=57fc98ad-e80d-459e-8ad6-2c43a6bfbd06&session=826610c0-12d9-4930-8c9c-bdec722afe30&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2004%20Dec%202024%2002%3A15%3A06%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2004%20Dec%202024%2002%3A15%3A05%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%222003%22%7D&isIframe=false&m=%7B%22description%22%3A%22Fortra%20has%20observed%20a%20rising%20trend%20in%20legitimate%20service%20abuse%2C%20with%20a%20significant%20volume%20of%20attacks%20targeting%20Cloudflare%20Pages.%20Workers.dev%20is%20a%20domain%20used%20by%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cloudflare%E2%80%99s%20pages.dev%20and%20workers.dev%20Domains%20Increasingly%20Abused%20for%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&pageViewId=c56c35d0-42d6-4cd3-8447-b3d0f22d3a07&an_uid=0&ipv6=2600%3A803%3Aa88%3A3168%3A%3A168&v=1.1.29
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.203.49 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-48-203-49.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"5e502810-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 02:15:06 GMT
accept-ranges
bytes
content-length
43
date
Wed, 04 Dec 2024 02:15:06 GMT
content-type
image/gif
last-modified
Fri, 21 Feb 2020 18:57:20 GMT
server
nginx/1.14.0 (Ubuntu)
favicon.svg
emailsecurity.fortra.com/themes/custom/fortra_parent_2022/ 		479 B
591 B 		Other
General
Check archive.org
Download Go to
Full URL
https://emailsecurity.fortra.com/themes/custom/fortra_parent_2022/favicon.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36413ff4f8f0ccef8e54a810ebd7ec3625c6fda31716f7dc2fa9fe5da2ef97a5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing

Response headers

x-pantheon-styx-hostname
styx-fe4-b-c88f69558-wc9jw
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"674f7b9f-1df"
age
15283
expires
Thu, 04 Dec 2025 21:45:05 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:06 GMT
content-type
image/svg+xml
last-modified
Tue, 03 Dec 2024 21:43:59 GMT
x-served-by
cache-chi-kigq8000030-CHI, cache-lga21972-LGA
x-cache-hits
1, 0
vary
Accept-Encoding
cache-control
max-age=31622400
x-timer
S1733278507.614895,VS0,VE5
x-styx-req-id
db96295f-b1bf-11ef-a0fb-36e8caf771c5
via
1.1 varnish, 1.1 varnish
cf-ray
8ec8496a3c2a0f37-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
336
server
cloudflare
favicon.ico
emailsecurity.fortra.com/themes/custom/fortra_parent_2022/ 		15 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://emailsecurity.fortra.com/themes/custom/fortra_parent_2022/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9a687650c8e56abe48c8ee0c232cfdd4ecff257c067669e9bf387b816c56781

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/blog/cloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing

Response headers

x-pantheon-styx-hostname
styx-fe4-b-c88f69558-4glg5
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
"674f7b9e-3aee"
age
15261
expires
Thu, 04 Dec 2025 22:00:45 GMT
x-cache
HIT, HIT
date
Wed, 04 Dec 2024 02:15:06 GMT
content-type
image/x-icon
last-modified
Tue, 03 Dec 2024 21:43:58 GMT
x-served-by
cache-chi-klot8100165-CHI, cache-lga21981-LGA
x-cache-hits
29, 0
vary
Accept-Encoding
cache-control
max-age=31622400
x-timer
S1733278507.818490,VS0,VE6
x-styx-req-id
0c3d8cdb-b1c2-11ef-8b89-ae882e0c4ddb
via
1.1 varnish, 1.1 varnish
cf-ray
8ec8496b6d5b0f37-EWR
accept-ranges
bytes
content-length
1655
server
cloudflare
37553b0355124433031cdd0d9c40318b-optin.json
a.omappapi.com/app/campaign-views/8277dd5ad1d7/qlzfwc1vxvqsd0kbwtld/ 		24 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/campaign-views/8277dd5ad1d7/qlzfwc1vxvqsd0kbwtld/37553b0355124433031cdd0d9c40318b-optin.json
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.19.207.34 Ashburn, United States, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
37-19-207-34.bunnyinfra.net
Software
BunnyCDN-ASB1-925 /
Resource Hash
0152edf6786b001b45f004966daecf8a8e585e281b672184b162606e34d4b47b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

perma-cache
HIT
cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
br
etag
"66b0f859-5f34"
cdn-fileserver
388
date
Wed, 04 Dec 2024 02:15:07 GMT
cdn-storageserver
NY-267
last-modified
Mon, 05 Aug 2024 16:05:45 GMT
content-type
application/json
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
cdn-cachedat
11/08/2024 02:00:18
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid
66b58f37167b20f896b6496c628bdc71
cdn-pullzone
293267
cdn-proxyver
1.06
access-control-allow-origin
*
cdn-edgestorageid
925
server
BunnyCDN-ASB1-925
cdn-requestcountrycode
US
i
z.omappapi.com/v3/ 		0
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://z.omappapi.com/v3/i?aid=29348&cid=qlzfwc1vxvqsd0kbwtld&sid=6310ea031593d&rt=false&dv=desktop&cty=floating&url=blog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&v=5
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2908 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ec8496d6fea43e9-EWR
access-control-allow-origin
https://emailsecurity.fortra.com
date
Wed, 04 Dec 2024 02:15:07 GMT
x-kong-response-latency
16
vary
Origin
server
cloudflare
collect
www.google-analytics.com/j/ 		3 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=731035877&t=event&ni=1&_s=1&dl=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&ul=en-us&de=UTF-8&dt=Cloudflare%E2%80%99s%20pages.dev%20and%20workers.dev%20Domains%20Increasingly%20Abused%20for&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Email%20Security%20Subdomain%20Announcement%3A%20July%2011&ea=impression&el=qlzfwc1vxvqsd0kbwtld&_u=qBDAAEABEAAAACAAI~&jid=1128099168&gjid=1180864093&cid=1675000885.1733278505&tid=UA-27386041-1&_gid=1390368531.1733278507&_r=1&_slc=1&z=1325102518
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://emailsecurity.fortra.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 02:15:07 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://emailsecurity.fortra.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
img.gif
b.6sc.co/v1/beacon/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=b0e7a654cb6a9f76b986f2b6cbdbfabf&svisitor=null&visitor=57fc98ad-e80d-459e-8ad6-2c43a6bfbd06&session=826610c0-12d9-4930-8c9c-bdec722afe30&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2004%20Dec%202024%2002%3A15%3A07%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2004%20Dec%202024%2002%3A15%3A06%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223004%22%7D&isIframe=false&m=%7B%22description%22%3A%22Fortra%20has%20observed%20a%20rising%20trend%20in%20legitimate%20service%20abuse%2C%20with%20a%20significant%20volume%20of%20attacks%20targeting%20Cloudflare%20Pages.%20Workers.dev%20is%20a%20domain%20used%20by%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cloudflare%E2%80%99s%20pages.dev%20and%20workers.dev%20Domains%20Increasingly%20Abused%20for%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&pageViewId=c56c35d0-42d6-4cd3-8447-b3d0f22d3a07&an_uid=0&ipv6=2600%3A803%3Aa88%3A3168%3A%3A168&v=1.1.29
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.203.49 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-48-203-49.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"63f020a0-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 02:15:07 GMT
accept-ranges
bytes
content-length
43
date
Wed, 04 Dec 2024 02:15:07 GMT
content-type
image/gif
last-modified
Sat, 18 Feb 2023 00:49:36 GMT
server
nginx/1.14.0 (Ubuntu)
destination
www.googletagmanager.com/gtag/ 		282 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-988686924&l=dataLayer&cx=c&gtm=45He4bk0v6702304za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSSNRJ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e71905f2cf6a11fe841a001be79273d60a14d88501231f4ca651b3d0f2883879
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Wed, 04 Dec 2024 02:15:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 02:15:07 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 04 Dec 2024 00:35:44 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
99486
x-xss-protection
0
server
Google Tag Manager
roundtrip.js
s.adroll.com/j/ 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSSNRJ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26c1:ec00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84de47ed6481524074cd5e375bb773f01b59fa6452539b3b60cdb916914ca0e1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

Access-Control-Max-Age
600
Content-Encoding
gzip
X-Amz-Version-Id
XRapE5DFdXRGc5myIfsDq4zGHQVtai2E
Etag
W/"792eca3181a87960d692c005437f63e0"
Age
1747
Access-Control-Allow-Methods
GET
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
0mwPQ30BvDXu0zWlupnoY5E6-B3M8k6hd11sxteyzOOcXzFfjPdkjg==
Date
Wed, 04 Dec 2024 01:46:02 GMT
Content-Type
text/javascript
Vary
accept-encoding
Last-Modified
Tue, 15 Oct 2024 15:51:52 GMT
Access-Control-Allow-Headers
*
Transfer-Encoding
chunked
Cache-Control
max-age=3600, must-revalidate
Connection
keep-alive
Access-Control-Allow-Credentials
false
Via
1.1 05c82d802dd7dc7f98fd5d5083d604ba.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
IAD61-P1
Server
AmazonS3
X-Amz-Server-Side-Encryption
AES256
insight.min.js
snap.licdn.com/li.lms-analytics/ 		2 KB
1006 B 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSSNRJ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:5::17c7:3716 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
c57865ec6a6956797b18dc7d23a3ade16e7ced5271f4dc0796b2ed0a10f934dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

cache-control
max-age=53587
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
796
date
Wed, 04 Dec 2024 02:15:07 GMT
last-modified
Mon, 02 Dec 2024 19:27:08 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=731035877&t=event&ni=1&_s=2&dl=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&ul=en-us&de=UTF-8&dt=Cloudflare%E2%80%99s%20pages.dev%20and%20workers.dev%20Domains%20Increasingly%20Abused%20for&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Drift%20Widget&ea=Playbook%20Fired&el=Playbook%20ID%3A%201643464&_u=qDDAAEABEAAAACAAI~&jid=&gjid=&cid=1675000885.1733278505&tid=UA-27386041-1&_gid=1390368531.1733278507&z=773693109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

age
16771
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Dec 2024 21:35:37 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:5::17c7:3716 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
e6b8a90a2870483ace67380ff4a64b39bfecb7952a432393470d76a6614fc62c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

cache-control
max-age=53619
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
14634
date
Wed, 04 Dec 2024 02:15:08 GMT
last-modified
Mon, 02 Dec 2024 19:22:52 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
index.js
s.adroll.com/j/pre/
Redirect Chain
  • https://s.adroll.com/j/pre/4CHMHK3NYBBNPE45SZI7J7/WEZOG7LIMRH2FGLFDLOTEJ/fpconsent.js
  • https://s.adroll.com/j/pre/index.js
0
756 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/index.js
Protocol
HTTP/1.1
Server
2600:9000:26c1:ec00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

Access-Control-Max-Age
600
X-Amz-Version-Id
nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Age
57078
Access-Control-Allow-Methods
GET
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
hjQrWjGLnrtufEQgzEu8wK9kUv3VZDnWB85RIg6awCB3t39YG16m3w==
Date
Tue, 03 Dec 2024 10:23:51 GMT
Content-Type
application/javascript
Vary
Accept-Encoding
Last-Modified
Wed, 15 Jan 2020 23:54:18 GMT
Access-Control-Allow-Headers
*
Connection
keep-alive
Access-Control-Allow-Credentials
false
Via
1.1 05c82d802dd7dc7f98fd5d5083d604ba.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
0
X-Amz-Cf-Pop
IAD61-P1
Server
AmazonS3
X-Amz-Server-Side-Encryption
AES256

Redirect headers

Access-Control-Max-Age
600
Age
43520
Access-Control-Allow-Methods
GET
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
y-R0tN4ymYslVegw18LkoNnRb5bmxShXSFDDQ4CETywnKMxcxaiN-Q==
Date
Tue, 03 Dec 2024 14:09:47 GMT
Content-Type
application/xml
Access-Control-Allow-Headers
*
Location
https://s.adroll.com/j/pre/index.js
Connection
keep-alive
Access-Control-Allow-Credentials
false
Via
1.1 05c82d802dd7dc7f98fd5d5083d604ba.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
Content-Length
0
X-Amz-Cf-Pop
IAD61-P1
Server
AmazonS3
index.js
s.adroll.com/j/pre/4CHMHK3NYBBNPE45SZI7J7/WEZOG7LIMRH2FGLFDLOTEJ/ 		0
809 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/4CHMHK3NYBBNPE45SZI7J7/WEZOG7LIMRH2FGLFDLOTEJ/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26c1:ec00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

Access-Control-Max-Age
600
X-Amz-Version-Id
Jv0UFANRIU8ikacc18mSQrZ4Qprd14rY
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Age
2153
Access-Control-Allow-Methods
GET
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
RtKiJCPIgteXkYLyYLDeNeIGHf2M5WU2puP7G-j9YSKpgnuW3Kpm_w==
Date
Wed, 04 Dec 2024 01:39:16 GMT
Content-Type
text/javascript; charset=utf-8
Vary
Accept-Encoding
Last-Modified
Sat, 23 Nov 2024 11:52:50 GMT
Access-Control-Allow-Headers
*
Cache-Control
max-age=3600, must-revalidate
Connection
keep-alive
Access-Control-Allow-Credentials
false
Via
1.1 05c82d802dd7dc7f98fd5d5083d604ba.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
0
X-Amz-Cf-Pop
IAD61-P1
Server
AmazonS3
X-Amz-Server-Side-Encryption
AES256
/
px.ads.linkedin.com/wa/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://emailsecurity.fortra.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*
Content-Type
text/plain;charset=UTF-8

Response headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 1806E102CD0A4114A4FEFB0904512373 Ref B: PHL30EDGE0114 Ref C: 2024-12-04T02:15:08Z
x-li-fabric
prod-lor1
access-control-allow-credentials
true
x-li-uuid
AAYoaFnH3CiQmsvNbL/1+g==
x-li-proto
http/2
access-control-allow-origin
https://emailsecurity.fortra.com
x-cache
CONFIG_NOCACHE
x-li-source-fabric
prod-ltx1
date
Wed, 04 Dec 2024 02:15:07 GMT
vary
Origin
attribution_trigger
px.ads.linkedin.com/ 		2 B
764 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=4847249&time=1733278508101&url=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&tm=gtmv2
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*
Referer
https://emailsecurity.fortra.com/

Response headers

x-li-pop
afd-prod-lor1-x
content-encoding
gzip
x-fs-uuid
0006286859c829c840643ca81a446429
x-msedge-ref
Ref A: 15D0E9A6CA6F47C594E51D7A0A2DD59B Ref B: PHL30EDGE0418 Ref C: 2024-12-04T02:15:08Z
x-li-fabric
prod-lor1
x-restli-protocol-version
1.0.0
access-control-allow-methods
GET, OPTIONS
x-li-uuid
AAYoaFnIKchAZDyoGkRkKQ==
x-li-proto
http/2
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Wed, 04 Dec 2024 02:15:07 GMT
content-type
application/json
access-control-allow-headers
*
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4847249&time=1733278508101&li_adsId=45072aef-f294-45f0-b29d-a4006a0e34ea&url=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4847249&time=1733278508101&li_adsId=45072aef-f294-45f0-b29d-a4006a0e34ea&url=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4847249%26time%3D1733278508101%26li_adsId%3D45072aef-f294-45f0-b29d-a4006a0e34ea%...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4847249&time=1733278508101&li_adsId=45072aef-f294-45f0-b29d-a4006a0e34ea&url=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4847249&time=1733278508101&li_adsId=45072aef-f294-45f0-b29d-a4006a0e34ea&url=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev...
0
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4847249&time=1733278508101&li_adsId=45072aef-f294-45f0-b29d-a4006a0e34ea&url=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQIkUPk_cuewxQAAAZOPcyaz2CFXx-nzkpqt-8y5Ca_9T4GWD9tq4dsU0zS5dOOc-EqWkKvf_bk
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: A0CE57738BAA4ADBB421096AE574ED4D Ref B: PHL30EDGE0416 Ref C: 2024-12-04T02:15:08Z
x-li-fabric
prod-lor1
x-li-uuid
AAYoaFnSgqMFhpqzlqVnpw==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Wed, 04 Dec 2024 02:15:08 GMT
content-type
application/javascript

Redirect headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4847249&time=1733278508101&li_adsId=45072aef-f294-45f0-b29d-a4006a0e34ea&url=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQIkUPk_cuewxQAAAZOPcyaz2CFXx-nzkpqt-8y5Ca_9T4GWD9tq4dsU0zS5dOOc-EqWkKvf_bk
x-msedge-ref
Ref A: 2B7C3C46BFDB494EB9266A1F255AFCCF Ref B: PHL30EDGE0114 Ref C: 2024-12-04T02:15:08Z
x-li-fabric
prod-lor1
x-li-uuid
AAYoaFnPEFZBUR04iPXK2w==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Wed, 04 Dec 2024 02:15:08 GMT
4CHMHK3NYBBNPE45SZI7J7
d.adroll.com/consent/check/ 		535 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/4CHMHK3NYBBNPE45SZI7J7?flg=1&pv=69823632740.85115&arrfrr=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&_s=56423b9f11b5ea1815ce913ed1760a94&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2205:590a:48c9:2cc8:5c9c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
9d8ff4cd76df4d98c57ba2fe69be6c2c337ee8ba15092de9a7bca8fdf96afc26

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

cache-control
no-store, no-cache, must-revalidate
content-length
535
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date
Wed, 04 Dec 2024 02:15:08 GMT
pragma
no-cache
content-type
application/javascript
server
nginx/1.22.1
iframe_content.html
x.adroll.com/pxl/ Frame 2EF9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://x.adroll.com/pxl/iframe_content.html?adroll_fpc=2c56fdc58e8ee9d4a9cf9ebe21d5c373-1733278508498&flg=1&pv=69823632740.85115&arrfrr=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&advertisable=4CHMHK3NYBBNPE45SZI7J7
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:61c0:220a:a875:536d:6ba9:cccb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://emailsecurity.fortra.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
ad-auction-allowed
true
content-encoding
zstd
content-length
427
content-type
text/html
date
Wed, 04 Dec 2024 02:15:08 GMT
last-modified
Tue, 03 Dec 2024 03:25:59 GMT
WEZOG7LIMRH2FGLFDLOTEJ
d.adroll.com/pixel/4CHMHK3NYBBNPE45SZI7J7/ 		486 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/pixel/4CHMHK3NYBBNPE45SZI7J7/WEZOG7LIMRH2FGLFDLOTEJ?adroll_fpc=2c56fdc58e8ee9d4a9cf9ebe21d5c373-1733278508498&flg=1&pv=69823632740.85115&arrfrr=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&cookie=&adroll_s_ref=&keyw=&p0=4524&xa4=1
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2205:590a:48c9:2cc8:5c9c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
6dd0640a014b8a0ca3052efb5da28fe355ec1d148cb1f6a1d3d5a876995cc7b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

x-segment-display-name
Visitors to Unsegmented Pages
x-rule-type
p
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-conversion-currency
x-conversion-value
0.00
x-segment-eid
RCSFJM27MNFZJPG63N3K5L
x-advertisable-eid
4CHMHK3NYBBNPE45SZI7J7
x-segment-name
*_xpgow45jxnbkzcjla34vsc
content-length
486
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date
Wed, 04 Dec 2024 02:15:08 GMT
x-pixel-eid
WEZOG7LIMRH2FGLFDLOTEJ
server
nginx/1.22.1
x-rule
*
WEZOG7LIMRH2FGLFDLOTEJ
ipv4.d.adroll.com/px4/4CHMHK3NYBBNPE45SZI7J7/ 		42 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ipv4.d.adroll.com/px4/4CHMHK3NYBBNPE45SZI7J7/WEZOG7LIMRH2FGLFDLOTEJ?adroll_fpc=2c56fdc58e8ee9d4a9cf9ebe21d5c373-1733278508498&flg=1&pv=69823632740.85115&arrfrr=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&cookie=&adroll_s_ref=&keyw=&p0=4524&xa4=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
98.85.23.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-85-23-175.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

cache-control
no-store, no-cache, must-revalidate
content-length
42
date
Wed, 04 Dec 2024 02:15:08 GMT
pragma
no-cache
content-type
image/gif
server
nginx/1.22.1
img.gif
b.6sc.co/v1/beacon/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=b0e7a654cb6a9f76b986f2b6cbdbfabf&svisitor=null&visitor=57fc98ad-e80d-459e-8ad6-2c43a6bfbd06&session=826610c0-12d9-4930-8c9c-bdec722afe30&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2004%20Dec%202024%2002%3A15%3A08%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2004%20Dec%202024%2002%3A15%3A07%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%224004%22%7D&isIframe=false&m=%7B%22description%22%3A%22Fortra%20has%20observed%20a%20rising%20trend%20in%20legitimate%20service%20abuse%2C%20with%20a%20significant%20volume%20of%20attacks%20targeting%20Cloudflare%20Pages.%20Workers.dev%20is%20a%20domain%20used%20by%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cloudflare%E2%80%99s%20pages.dev%20and%20workers.dev%20Domains%20Increasingly%20Abused%20for%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&pageViewId=c56c35d0-42d6-4cd3-8447-b3d0f22d3a07&an_uid=0&ipv6=2600%3A803%3Aa88%3A3168%3A%3A168&v=1.1.29
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.203.49 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-48-203-49.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"5e502810-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 02:15:08 GMT
accept-ranges
bytes
content-length
43
date
Wed, 04 Dec 2024 02:15:08 GMT
content-type
image/gif
last-modified
Fri, 21 Feb 2020 18:57:20 GMT
server
nginx/1.14.0 (Ubuntu)
RCSFJM27MNFZJPG63N3K5L.js
s.adroll.com/pixel/4CHMHK3NYBBNPE45SZI7J7/WEZOG7LIMRH2FGLFDLOTEJ/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/pixel/4CHMHK3NYBBNPE45SZI7J7/WEZOG7LIMRH2FGLFDLOTEJ/RCSFJM27MNFZJPG63N3K5L.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26c1:ec00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38b6fa55688df181f4980257c5a4df29249ac0e3b9379b33da85a85e828e3940

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

Access-Control-Max-Age
600
Content-Encoding
gzip
X-Amz-Version-Id
Y4SIPBJsnZoOrr6riKl0NrQMvuiZVelx
Etag
W/"7709bf1521e09fbe2118775bfc830d64"
Age
3342
Access-Control-Allow-Methods
GET
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
9UBqLVz5TYhASRQVmSQWA10t3Nwh6hN01L34Jxn62AnvVR3KGvnOlg==
Date
Wed, 04 Dec 2024 01:19:26 GMT
Content-Type
text/javascript; charset=utf-8
Vary
accept-encoding
Last-Modified
Tue, 10 Sep 2024 11:46:35 GMT
Access-Control-Allow-Headers
*
Transfer-Encoding
chunked
Cache-Control
max-age=3600, must-revalidate
Connection
keep-alive
Access-Control-Allow-Credentials
false
Via
1.1 05c82d802dd7dc7f98fd5d5083d604ba.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
IAD61-P1
Server
AmazonS3
X-Amz-Server-Side-Encryption
AES256
trigger
x.adroll.com/attribution/ 		2 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.adroll.com/attribution/trigger?fpc=2c56fdc58e8ee9d4a9cf9ebe21d5c373&advertisable_eid=4CHMHK3NYBBNPE45SZI7J7&conversion_type=PageView&conversion_value=0.00&currency=USC&flg=1&pv=69823632740.85115&arrfrr=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f18:61c0:2208:b8ef:d7f3:6816:21b1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

content-length
2
date
Wed, 04 Dec 2024 02:15:08 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0","priority":"0","deduplication_key":"9360081586799857313","filters":{"source_type":["event"]}},{"trigger_data":"0","priority":"0","deduplication_key":"9360081586799857313","filters":{"source_type":["navigation"]}}],"debug_key":"459679044437176022","debug_reporting":true,"filters":{"0":["4CHMHK3NYBBNPE45SZI7J7"]}}
content-type
text/plain; charset=utf-8
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/988686924/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/988686924/?random=1733278508084&cv=11&fst=1733278508084&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9173652615z86702304za201zb6702304&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&hn=www.googleadservices.com&frm=0&tiba=Cloudflare%E2%80%99s%20pages.dev%20and%20workers.dev%20Domains%20Increasingly%20Abused%20for&did=dNTIxZG&gdid=dNTIxZG&npa=0&pscdl=noapi&auid=1587506684.1733278505&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-988686924&l=dataLayer&cx=c&gtm=45He4bk0v6702304za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c21::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
44e54344109a60a129e2999e272190aae751bb711cb550b5c343d05f97191cc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2449
date
Wed, 04 Dec 2024 02:15:08 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
988686924
td.doubleclick.net/td/rul/ Frame 5C3C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/988686924?random=1733278508084&cv=11&fst=1733278508084&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9173652615z86702304za201zb6702304&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&hn=www.googleadservices.com&frm=0&tiba=Cloudflare%E2%80%99s%20pages.dev%20and%20workers.dev%20Domains%20Increasingly%20Abused%20for&did=dNTIxZG&gdid=dNTIxZG&npa=0&pscdl=noapi&auid=1587506684.1733278505&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-988686924&l=dataLayer&cx=c&gtm=45He4bk0v6702304za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://emailsecurity.fortra.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Dec 2024 02:15:08 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://d.adroll.com/cm/experian/out?adroll_fpc=2c56fdc58e8ee9d4a9cf9ebe21d5c373-1733278508498&flg=1&pv=69823632740.85115&arrfrr=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3521&partner_device_id=YTdhMDk1NWQ5NzE2NDc5NTU5ZGRlZTRkYWIwY2RmZTU&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3521&partner_device_id=YTdhMDk1NWQ5NzE2NDc5NTU5ZGRlZTRkYWIwY2RmZTU&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=902af7c2-9c6b-441a-af73-002e125a8a32%252C%252C&gdpr=0&gdpr_consent=
0
0
/
www.google.com/pagead/1p-user-list/988686924/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/988686924/?random=1733278508084&cv=11&fst=1733277600000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9173652615z86702304za201zb6702304&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&hn=www.googleadservices.com&frm=0&tiba=Cloudflare%E2%80%99s%20pages.dev%20and%20workers.dev%20Domains%20Increasingly%20Abused%20for&did=dNTIxZG&gdid=dNTIxZG&npa=0&pscdl=noapi&auid=1587506684.1733278505&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7de9XfVtDFjK1YFGWrWWCzTkTM7uX5NFfp3WxrzM8P5Lwx1Sj8&random=523836976&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::6a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 04 Dec 2024 02:15:08 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
img.gif
b.6sc.co/v1/beacon/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=b0e7a654cb6a9f76b986f2b6cbdbfabf&svisitor=null&visitor=57fc98ad-e80d-459e-8ad6-2c43a6bfbd06&session=826610c0-12d9-4930-8c9c-bdec722afe30&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2004%20Dec%202024%2002%3A15%3A09%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2004%20Dec%202024%2002%3A15%3A08%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%225004%22%7D&isIframe=false&m=%7B%22description%22%3A%22Fortra%20has%20observed%20a%20rising%20trend%20in%20legitimate%20service%20abuse%2C%20with%20a%20significant%20volume%20of%20attacks%20targeting%20Cloudflare%20Pages.%20Workers.dev%20is%20a%20domain%20used%20by%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Cloudflare%E2%80%99s%20pages.dev%20and%20workers.dev%20Domains%20Increasingly%20Abused%20for%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Femailsecurity.fortra.com%2Fblog%2Fcloudflares-pagesdev-and-workersdev-domains-increasingly-abused-phishing&pageViewId=c56c35d0-42d6-4cd3-8447-b3d0f22d3a07&an_uid=0&ipv6=2600%3A803%3Aa88%3A3168%3A%3A168&v=1.1.29
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.203.49 Ashburn, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-48-203-49.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://emailsecurity.fortra.com/

Response headers

cache-control
max-age=0, no-cache, no-store
etag
"63f020a0-2b"
pragma
no-cache
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 02:15:09 GMT
accept-ranges
bytes
content-length
43
date
Wed, 04 Dec 2024 02:15:09 GMT
content-type
image/gif
last-modified
Sat, 18 Feb 2023 00:49:36 GMT
server
nginx/1.14.0 (Ubuntu)

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=902af7c2-9c6b-441a-af73-002e125a8a32%252C%252C&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

203 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| __dispatched__ function| getCookie object| element function| vwoConsent object| dataLayer function| $ function| jQuery function| once object| drupalSettings object| Drupal object| a2a object| a2a_config function| a2a_init function| Popper function| iFrameResize function| GartnerPI_Widget object| bootstrap object| __cfBeacon object| truste function| shouldRepop function| shouldResolveConsent string| userType object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| consentListeners function| onConsentChange function| addConsentListenerTA function| hj object| _hjSettings function| process6senseData object| _6si function| drift object| code object| _vwo_code number| _vwo_settings_timer number| cnt number| hubspotInterval function| hubspotCampaignTracking function| _truste_eu object| PREF_MGR_API_DEBUG object| PrivacyManagerAPI object| TRUSTE_CMAPI_DEBUG function| onYouTubeIframeAPIReady number| _vwo_acc_id object| vwoCode object| _vwo_style string| _vwo_css function| commonWrapper function| pushBasedCommonWrapper function| surveyDataCommonWrapper function| gcpfb string| _vwo_cookieDomain string| _vwo_uuid string| _vis_opt_file number| _vwo_library_timer string| _vis_opt_lib function| loadLib function| _vwo_err object| _VWO string| _vwo_mt object| VWO object| vwo_iehack_queue object| _vwo_exp_ids object| _vwo_exp object| VWOOmni string| _vwo_cdn object| _hsp object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| 3eiXJRXgVuLsYGH9303q object| regeneratorRuntime object| _driftFrames object| __post_robot_10_0_46__ string| __DRIFT_ENV__ string| __DRIFT_BUILD_ID__ string| __DRIFT_BRANCH__ boolean| drift_invoked function| vwo_$ string| _vwo_server_url object| _vis_opt_queue object| _vis_opt_check_segment object| _vwo_evq function| _vwo_ev boolean| DISABLE_NATIVE_CONSTANTS object| _vwo_t object| _vwo_editorOperationTracker function| _vwo_handleMutations object| _vwo_api_section_callback object| _vis_opt_comb_name function| _vwo_s object| _vwo_campaignData function| _vis_opt_top_initialize function| _vis_opt_bottom_initialize function| _vis_opt_goal_conversion function| _vis_opt_revenue_conversion function| _vis_opt_pause function| _vis_opt_readCookie function| _vis_opt_createCookie function| _vis_opt_element_loaded function| _vis_opt_GA_track function| _vis_opt_register_conversion function| _vis_opt_get_campaign_xPath string| _vis_opt_experiment_id boolean| _storagePopulated object| _hsq function| sanitizeKey boolean| _hstc_loaded boolean| hubspot_live_messages_running object| HubSpotConversations object| globalRoot function| bindToWindowOnError object| leadflows object| hubspot function| OutpostErrorReporter function| _registerAvailablePopup object| _availablePopups boolean| popupPoliceActive boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran object| gaGlobal object| hsCtasOnReady object| __PRIVATE__HubspotCtaClient object| hsCallsToActionsReady object| __hsWebInteractiveInstance object| HubSpotCallsToActions boolean| hubspot_web_interactives_running object| vwo_6sense_company_details object| drift_event_listeners string| drift_display_mode string| drift_campaign_refresh number| drift_page_view_started number| drift_session_started string| drift_session_id object| drift_frameFactory object| drift_audio_context boolean| _hstc_ran string| __hsUserToken number| expireDateTime boolean| LEAD_FLOW_DOCUMENT_READY_RAN object| webpackChunkom_api_js object| _omapp function| OptinMonsterApp boolean| om_loaded object| om16176_29348 object| _omq function| omq object| ommazhuygdxaeybgnavvts object| omczbrm1a3vthz1ddyaayv object| omwjmpsolsqd2ibqf14aak object| omw3w9b6hamzyvjwpkwqwi object| omqlzfwc1vxvqsd0kbwtld object| omr86pkuuw2gv2fyzkaocd object| omyht58oxqqvu6ctyc1v8v object| omutnvezl0nrs8eblg4bil function| ga object| gaplugins object| _omns object| gaData object| drift_sentry_config string| adroll_adv_id string| adroll_pix_id boolean| __adroll_loaded object| _linkedin_data_partner_ids boolean| _already_called_lintrk function| gtag string| adroll_sid object| __adroll_consent_data object| adroll object| __adroll object| adroll_loaded object| adroll_callbacks function| lintrk object| ORIBILI object| adroll_exp_list boolean| __adroll_consent string| __adroll_consent_user_country string| __adroll_consent_adv_country number| adroll_lex33_called object| GooglebQhCsO string| adroll_seg_eid object| adroll_form_fields object| adroll_third_party_forms object| adroll_third_party_detected object| adroll_snippet_errors object| adroll_f_obs string| adroll_rule_type

53 Cookies

Domain/Path Name / Value
.fortra.com/ Name: __cf_bm
Value: zwVK6kE_k4ECQsT.LBsYjoBU.TL1TdwS79BqLwip3cU-1733278503-1.0.1.1-c6nveakEXk62Pq_i4LW963U7v6YrWuOj9lNlTArmTY0mOvVH2wJ2H7tc5UOAKZcPVytt6_62CKjMslu7u7cBjQ
.emailsecurity.fortra.com/ Name: TAsessionID
Value: 9d75347d-1756-41ab-a329-c923568b2072|NEW
.emailsecurity.fortra.com/ Name: notice_behavior
Value: implied,us
.fortra.com/ Name: _vwo_uuid_v2
Value: D47633118A1B4E74470A4342726637D1F|07fb86223902417d853ce3129d2c9c8e
.g2crowd.com/ Name: __cf_bm
Value: DEC8sLFXTAjIYoCk4c9FK9PuSnVLaVQUwGSlh0tdcQE-1733278504-1.0.1.1-MoOIRaBvLSHutpJKv9aJESJ9oyf4Zek_N4.qRj3tZf0aI1MPzBNtEOicdDOYmR9CSdeObSAQaLHvSHjd29smgQ
.fortra.com/ Name: _vis_opt_s
Value: 1%7C
.fortra.com/ Name: _vis_opt_test_cookie
Value: 1
.fortra.com/ Name: _vwo_uuid
Value: D47633118A1B4E74470A4342726637D1F
.fortra.com/ Name: _vwo_ds
Value: 3%241733278503%3A56.33781238%3A%3A
.fortra.com/ Name: _vwo_sn
Value: 0%3A1%3A%3A%3A1
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
emailsecurity.fortra.com/ Name: _an_uid
Value: 0
emailsecurity.fortra.com/ Name: _gd_visitor
Value: 57fc98ad-e80d-459e-8ad6-2c43a6bfbd06
emailsecurity.fortra.com/ Name: _gd_session
Value: 826610c0-12d9-4930-8c9c-bdec722afe30
.fortra.com/ Name: _hjSessionUser_5137026
Value: eyJpZCI6IjdkZTk4MGY0LTk2Y2UtNTVkNC05NGRjLTNjZmJjMDE1M2NjZiIsImNyZWF0ZWQiOjE3MzMyNzg1MDQ5ODgsImV4aXN0aW5nIjpmYWxzZX0=
.fortra.com/ Name: _hjSession_5137026
Value: eyJpZCI6IjA4NzY1OTdmLWRkMjEtNGE0My1iMTM2LWFkYTgzZDUyOWIwYSIsImMiOjE3MzMyNzg1MDQ5ODksInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.fortra.com/ Name: _gcl_au
Value: 1.1.1587506684.1733278505
.fortra.com/ Name: _ga_NHMHGJWX49
Value: GS1.1.1733278504.1.0.1733278504.60.0.0
.hsforms.com/ Name: __cf_bm
Value: eO6TUIT3gG5.1QdhZjFCTKGTLWjS0aw01f1tqNrHSC0-1733278505-1.0.1.1-BwPUqmS4kIagPkOm4oj_4AAd5aEnnm06_BnCUjLuf_SvtHj5it7F8E39kYJDRfoSQtB35N72Kl4A1PADClxtZg
.hsforms.com/ Name: _cfuvid
Value: GZ.CzRX_3c9RDbzXgybl8qpfP7_4ea6h7Ooe8BVXBE4-1733278505318-0.0.1.1-604800000
emailsecurity.fortra.com/ Name: drift_campaign_refresh
Value: 29049050-6680-4a70-83f8-5feb463cd38c
.fortra.com/ Name: _vis_opt_exp_248_combi
Value: 1
.fortra.com/ Name: __hstc
Value: 269143534.7b54f4eba3e998b4cd80af3977e168bd.1733278505371.1733278505371.1733278505371.1
.fortra.com/ Name: hubspotutk
Value: 7b54f4eba3e998b4cd80af3977e168bd
.fortra.com/ Name: __hssrc
Value: 1
.fortra.com/ Name: __hssc
Value: 269143534.1.1733278505371
.hubspot.com/ Name: __cf_bm
Value: 4Xig7ckNDeW6r9LTe1QYa3h24Bqwmko8HkWqhQS_k8Q-1733278505-1.0.1.1-1m96vGJUGIOR5PTSE2Z4q78FmbqS_RbBLb1AGyK3F.S4.FKS8fSGPBUm6F27I_aZNxOVb7QxFbAKw7KFz5_GLw
.hubspot.com/ Name: _cfuvid
Value: QmtOxhCmZbxufjx.P6ub1Ob6U.T2cCxmdqpOSsWdTWU-1733278505551-0.0.1.1-604800000
emailsecurity.fortra.com/ Name: _omappvp
Value: SqSVap1ZHpAgcA2a02BSberOV4ruXJ3DUPeBWVcZX5LGorIaWwqPrArF9tjK1QgiDEDjd3XJpFFGk6fkkognTir6Gwq1GQlq
emailsecurity.fortra.com/ Name: _omappvs
Value: 1733278505624
emailsecurity.fortra.com/ Name: drift_aid
Value: 1675b6e1-0b5e-4a02-9a71-4adf132c49b6
emailsecurity.fortra.com/ Name: driftt_aid
Value: 1675b6e1-0b5e-4a02-9a71-4adf132c49b6
.fortra.com/ Name: _ga
Value: GA1.2.1675000885.1733278505
.fortra.com/ Name: _gid
Value: GA1.2.1390368531.1733278507
.fortra.com/ Name: _gat_omTrackerqlzfwc1vxvqsd0kbwtld
Value: 1
.fortra.com/ Name: _ga_TGW7SE44X4
Value: GS1.1.1733278504.1.0.1733278507.57.0.0
.linkedin.com/ Name: li_sugr
Value: 4a8e3c06-f5f8-4738-a06b-036862b51340
.linkedin.com/ Name: lidc
Value: "b=OGST03:s=O:r=O:a=O:p=O:g=3412:u=1:x=1:i=1733278508:t=1733364908:v=2:sig=AQGqk9oxwp5unIvwZq-TpvSZXXqaPvgn"
.linkedin.com/ Name: UserMatchHistory
Value: AQLMd09EMzLnMgAAAZOPcyVxz3wD6FWe0l7AErjg9t-QvwTQzhpUJ7bVozVZN8nQ9WTPGPK8LDXBFg
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQITbMYXNZICCwAAAZOPcyVxbYJ1QOfHXYFCTv--Ov2zpuAHHAD00kFVDn21dQqGO0KTcZj730OL8UxV74QAVw
.linkedin.com/ Name: bcookie
Value: "v=2&ef247669-c0ef-4f87-875e-d71710c9ea2a"
.d.adroll.com/ Name: __adroll
Value: a7a0955d9716479559ddee4dab0cdfe5-a_1733278508
.d.adroll.com/ Name: receive-cookie-deprecation
Value: 1
.adroll.com/ Name: receive-cookie-deprecation
Value: 1
.adroll.com/ Name: __adroll_shared
Value: a7a0955d9716479559ddee4dab0cdfe5-a_1733278508
.fortra.com/ Name: __adroll_fpc
Value: 2c56fdc58e8ee9d4a9cf9ebe21d5c373-1733278508498
.www.linkedin.com/ Name: bscookie
Value: "v=1&2024120402150807d582cf-5dc6-46ed-8e3b-a689d69bcf28AQEInI807Ny6Q6Qvq_Dd0k79x94qE0yg"
.emailsecurity.fortra.com/ Name: __ar_v4
Value: %7C4CHMHK3NYBBNPE45SZI7J7%3A20250003%3A1%7CWEZOG7LIMRH2FGLFDLOTEJ%3A20250003%3A1%7CRCSFJM27MNFZJPG63N3K5L%3A20250003%3A1
x.adroll.com/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUn7CEcM8LdSMU_QCzVMwSjSzHBUW662aFyAZen-PQ6zYeFUD5H2kDKv16x3
.tapad.com/ Name: TapAd_TS
Value: 1733278508869
.tapad.com/ Name: TapAd_DID
Value: 902af7c2-9c6b-441a-af73-002e125a8a32
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:

1 Console Messages

Source Level URL
Text
security warning URL: https://emailsecurity.fortra.com/themes/custom/fortra_parent_2022/js/iframeResizer.min.js?v=10.3.9(Line 7)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://static.addtoany.com') does not match the recipient window's origin ('https://emailsecurity.fortra.com').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
analytics.google.com
api.hubspot.com
api.omappapi.com
b.6sc.co
c.6sc.co
consent.trustarc.com
cta-service-cms2.hubspot.com
d.adroll.com
dev.visualwebsiteoptimizer.com
emailsecurity.fortra.com
eps.6sc.co
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
googleads.g.doubleclick.net
ipv4.d.adroll.com
ipv6.6sc.co
j.6sc.co
js.driftt.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsleadflows.net
js.hubspot.com
js.usemessages.com
match.adsrvr.org
perf-na1.hsforms.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.adroll.com
script.hotjar.com
secure.adnxs.com
snap.licdn.com
static.addtoany.com
static.cloudflareinsights.com
static.fortra.com
static.hotjar.com
stats.g.doubleclick.net
td.doubleclick.net
track.hubspot.com
tracking.g2crowd.com
v.eps.6sc.co
vc.hotjar.io
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.linkedin.com
x.adroll.com
z.omappapi.com
match.adsrvr.org
13.107.42.14
18.160.18.33
18.160.18.4
18.160.41.112
18.160.46.48
2001:4860:4802:36::181
2001:4860:4802:38::178
23.48.203.166
23.48.203.49
2600:1408:c400:5::17c7:3716
2600:1408:ec00:c::1730:cb8e
2600:1f18:61c0:2205:590a:48c9:2cc8:5c9c
2600:1f18:61c0:2208:b8ef:d7f3:6816:21b1
2600:1f18:61c0:220a:a875:536d:6ba9:cccb
2600:9000:26c1:ec00:6:9280:1080:93a1
2600:9000:27c2:4800:4:d683:27c0:93a1
2606:4700:10::6816:46c5
2606:4700:10::6816:47c5
2606:4700:3108::ac42:2908
2606:4700:4400::ac40:9310
2606:4700::6810:4c8e
2606:4700::6810:4f49
2606:4700::6810:7574
2606:4700::6810:7674
2606:4700::6810:8cd1
2606:4700::6810:a0a8
2606:4700::6812:15a5
2606:4700::6812:1eb0
2606:4700::6812:8d11
2606:4700::6813:afbc
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c09::9c
2607:f8b0:4004:c17::61
2607:f8b0:4004:c1b::9a
2607:f8b0:4004:c1d::6a
2607:f8b0:4004:c21::5e
2607:f8b0:4004:c21::9a
2620:1ec:21::14
3.167.56.26
3.171.76.19
3.171.85.26
3.171.85.62
34.96.102.137
37.19.207.34
68.67.160.186
75.2.108.141
98.85.23.175
0152edf6786b001b45f004966daecf8a8e585e281b672184b162606e34d4b47b
027f9fef93a2d620715de7311a5bf674cb3df18a352d2a0a7266c147c157333f
0570581bf787cbb4a26d1508cf4ed96ef19d1a2465df5b9d5c4003813a2ebd35
063b9237e402c98dfb77a66e5de0d02d953640fc8fe44911808c2fdcb80df26e
08917ce03bf43e31f728f6aa830cd2f8d252e39a8f6d769578f07b500c3eb87f
0b8a851688b2b102b98f7f497f1603bd7a8204408aa07b41fd406e28e9af26d3
0b8d9ad3b174aacd7848b43b341030a4177fc8b148d1386bf573411c616050ad
0c47080feb6fe854cb361dc2471f19799e8773617f10e33cf78aea069d41a4e6
0f1f00c1b8869d8ca4d4e65c1a75fd26511d67885c84ae7916f1f8e7e77dc6a7
12e37ff48c5f4d5678814f95639f82fb34b04e762d262bd825fb5f21b904631f
140eedc23b5929c1bb8a74d021936779b48156ccb5445431659d656f8aa104cd
1805b14279760e2a9338b71f40649c45fe37dbc3839bb573a9737cdd495e9752
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d137f9b816994ff3dd240ef04942ebf47c48131c32b0acc640db3065755d496
1d58970695e5df8e8873bab1abe4c314525c191f121e48d2699375b43dde4297
1d6664321569126983b6dc3cd001887c2a6ad4c6210f2624dbdfb241461d74d6
1e8ceb252d7c242bc66561b79b29880592a4419b8b44d486eacf014038c24736
215d04e8a15809c25cc259626bfdf609ea695c32199d1b1b482cf7395a19faaf
21d28329bee038ef4160232a6060de918107ec67d30e7922c01947aa0bb4bdc6
2471f4232ccca845a9da8b10e5be81e7323faa5891b9715f425661505f183434
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2ccb66eceb05e6d15ca71a6605ec4e75dbb7d25f97cfe15409204fa2f7e212df
2dc08d5788eb290f3da4da3fb3ece34d347bea310b5a75117aa27a364b9b6101
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
36413ff4f8f0ccef8e54a810ebd7ec3625c6fda31716f7dc2fa9fe5da2ef97a5
38b2e62bfbbeed100be9d1de0fcbd08fbe4dec34d2fb7f5986ce2ee233ad6546
38b6fa55688df181f4980257c5a4df29249ac0e3b9379b33da85a85e828e3940
39bb5021d0931d53358aacc884ca5af95bc5cb960c2dc459f4955c80d6f2ab12
39dd4eedf59461aa0bb42f57f4663d3b3224f5efcdf95f7e571e829aae135905
3adb64bef3f3f91a1946fa2213808d4ca67ab45cc8ed4a6c31d136e58c7f0c4e
3bd4bdc0592b9e477b5705975275206ab14339a7ef422c450fa92ad4983b0a51
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e4a4c64c27c2f3e6e5d5f3325ac3a2e5b63fca7546ee3a5221e61cb0e089048
423217abf8775cea2dc30fa1fe3e1c5e24dc359a80f1c37ad29a86094bfe81d1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4483ff575508dfc55d2f2a4a0915677bf73719cc25fd4466f262767c75ffd5da
44e54344109a60a129e2999e272190aae751bb711cb550b5c343d05f97191cc5
46be8975c077af9ee628b95903df417598a0df10350acb20e678ab3fe9a54f36
4b0864712c6e7ca75f8c003f7bc1a9270af33d6becd4119463771593274c48d2
4f7c2e8ddba9f7d905e064df1f7aa250bac4fe5f386fdc7f58ad029d4e3e7646
5092d37720c5a4b6b7b4768599df2e43ed0c19b7502f20800500948125d9df89
50be820de886ca2746d2811daadfed53b75332624517ab318585e7eb1bb8ea04
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
512a4f403d30a587ad5ab0b9fa7b2fd4f078249ee03f9c23c445332838f6a436
524a26296a15b30679d9f0582bb7aff5979a33c4129920561f7363e67230f8bf
540d2a1642172892b01053409b7b3ad1a8df58bc6f35415ec57421a8548e8547
56df5bf2317bc2156b954c3fd2913afcce23eb4947c47f3ac401017dc4a0151d
605ff692b1f8e2c8240b81857086e4576612b4d1a1e8fefb993114027a0c300b
642a89d4c0baf5122e5f2e568900187b072977596ac62bbbff2c8bdbfcd7b79f
66d9f819046ced8beccd45efdc8a923329173d27747c01aefd6b8de89b84c53a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6af937301b20d4f7bd7b84b07dd3cb9c5a2c35af0bcc6a0469adebff15381505
6dd0640a014b8a0ca3052efb5da28fe355ec1d148cb1f6a1d3d5a876995cc7b2
765af7670638baf4c8e525c7ccbd30befc2f61fbefbda43f39a4a80b5cffe386
777f49b915eb3a000d70e81bbbae273e08b11efde71724164dc33e6f5b1e6c04
7c345c812c6c32c007d7fe0f4968df8f847ea5006e76c8633da70d446b1936a5
7d5c91bba288f8d52bece6eb27a646578f0c935f8890f9f1fb5349060c7ce77b
7d83be6c00b69fd13021966579f40390e19a7638de7a33fbb01997f793937432
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
81984ce57cf65fec51c4961c73ece1fb00b1c570de24ef0616785852d45cacfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a3d365514cd49659d6d7906936b0f3ac0db4d743643006afdbe09f6d5b3d03
84de47ed6481524074cd5e375bb773f01b59fa6452539b3b60cdb916914ca0e1
87c631607d118e02e847112aca0a2800bfd2a9cfe5bc01b48eeb60b0ff86804c
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8c6725986c33db06d2bf5b28ac03880f1747208213e017a28e8d1cb26ac90807
8eb09e0b0303384fe6acc8cafa2c12f0e0d4cfe619677cb8a2b7fc7f4a19e1d1
8f299bce1c4968647aa3727f390aef0cd75da150a614ae61540d6cce44207e20
90bd0cf0a38f1a8bc611c41efeebf569d1de1b5cb3100a8727122c590e018675
923935d813106205b31d3953b21e34a007f32758ec0c3d2ba6dd3dda1f8cf6e9
931bf45c889c9e964c3f3b0141fc95350fef7aed68f253b6d2ea8180b711710b
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
96cc8db8cf3b09021dbdf45d57705167a6c5c1f9c6c4e52ddc122a82a1a3f3cd
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9d8ff4cd76df4d98c57ba2fe69be6c2c337ee8ba15092de9a7bca8fdf96afc26
9ee00d07b79fe34f2bd25d5b4341483cc9b3561b414a986f542c9f903acc2835
a00f889a0515536923bea5006569a4eb45df026e4b2c19bd6f20815ae56f5db3
a0f011847dded3545c5762cecd211f53cc41554e2cd72d5e00d690f67d0b74ae
a2db06993a81eb3ebd33897015d64c8ab5c9fcad5c3f8c4ad9329bce36440c4c
a561a82aff9cb2300f5c1364487b05f19de3c769294eb7dc97ea4453e398e167
a8f85fb708ed9db0d4e2f877ffdba90a5ebd3ef520d17e09c1f7eb640905016a
a95f4f272fb7ee161327a5f3f4f669d3d5a7974b6bba7cb936b01b5468394ab4
b14dd8572d41acd561188da5417cef18c475b3621a03be38f12fe100ef84a795
b536245d5d1912397f06964694ae416b45a26a3bc39021850852c647bee46bab
b6f14de767657bd7f07d993f75b8d1dc1d5536e55cba3676a37a98a4a153de87
b9a687650c8e56abe48c8ee0c232cfdd4ecff257c067669e9bf387b816c56781
bc7c43259a284773cef1587cebed859f46dd0fddfde5cc84d16cc68b07255c48
bf283fef88d8fe04783a585b86d196a404a9b2d3ed87fad6758db1ab311fd0e0
c26f9b1c07124af49c54679fd7ceea0a9adffe24dd36b53df650eddfde35446a
c2cce703727df24c2620843ecdf23acd64a4f96c67622267be00dc2dc68d595d
c57865ec6a6956797b18dc7d23a3ade16e7ced5271f4dc0796b2ed0a10f934dc
c6dbea358c770232d65488985fbebe3d3f4d75949c9fdcc293c316388545098b
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d3f6c9cbee240b9e1025946dbfd8364e324d7f1f5da58736ac2509e3ec9d76c1
d44882ab82adeef2856a0d52fb54bb70e472be45d50aa3a16b4cb39223391a99
d6f514ddc18e496f04ad9fad4afcec13d365dfa49efa5dac94d6fff64b95a623
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd734ba3e15301099dcc5c397caf3c65a83de25ecf7d5f78d1c7849b824e5fff
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2318db4a3a84a057a2ca511cecb63381022c8c7a5e83a4d74111bf1cc79f241
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c84df8985cb000828147ef89c09306c1d7de7fb789b4cd059f8ae77982f974
e4d5b584f8aaebcbd62557be8dda444670d6da60d7a3dbaba851da81e8c2da14
e6b8a90a2870483ace67380ff4a64b39bfecb7952a432393470d76a6614fc62c
e71905f2cf6a11fe841a001be79273d60a14d88501231f4ca651b3d0f2883879
e92b5c4af8c5c6115f09955c6aa8577a45c65effe782e0593540f09177f69a29
ecf3a78f9a9811c30fc9b3cdf087af8c2c845fc15081ac1cc3564c2e50c1e972
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa4aed518b4728e6d4b4bdd1c5fe289c63a0d071a4edf329f560171f6e7b472
eff50ee97749192a01ffbe5c7d7b3b88d11cc53dcbd6d659b22b37e8cc0754d7
f14b33b9d5a249b41c2c3ab1065df21780f8d7d681c6a745244848dff1845c58
f3b575febcbcd29e815fad9655dd01f028edd0f3d641ffc202e9b04e02443051
f40e09b407cb0a0e12881ef4b23ff94befb9334d0d7498b0f15e1789580efaad
f47d56f4e42a0fd576ee274454e24c085010b464b849cabe80041c88aaf45363
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f8d6f6ded6faa1d4d7ba4baa44c2ff5414f972ac8e3f5696aaa9478ce8baa369
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f