cloudphish.lpages.co Open in urlscan Pro
35.202.21.90 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cloudphish.lpages.co/
Effective URL:
https://cloudphish.lpages.co/
Submission: On May 24 via manual (May 24th 2024, 5:54:14 pm UTC) from CA — Scanned from CA

Summary HTTP 45 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 25 IPs in 2 countries across 26 domains to perform 45 HTTP transactions. The main IP is 35.202.21.90, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is cloudphish.lpages.co.
TLS certificate: Issued by R3 on May 14th 2024. Valid for: 3 months.

This is the only time cloudphish.lpages.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	35.202.21.90 35.202.21.90	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	34.107.203.240 34.107.203.240	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	34.120.132.252 34.120.132.252	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	173.194.205.132 173.194.205.132	15169 (GOOGLE) (GOOGLE)
1	216.239.38.21 216.239.38.21	15169 (GOOGLE) (GOOGLE)
2	142.251.174.97 142.251.174.97	15169 (GOOGLE) (GOOGLE)
1	216.239.34.21 216.239.34.21	15169 (GOOGLE) (GOOGLE)
1	35.192.151.63 35.192.151.63	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	37.19.207.34 37.19.207.34	60068 (CDN77 _) (CDN77 _)
1	18.238.49.117 18.238.49.117	16509 (AMAZON-02) (AMAZON-02)
2	31.13.66.19 31.13.66.19	32934 (FACEBOOK) (FACEBOOK)
3	13.107.21.237 13.107.21.237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.96.221.72 104.96.221.72	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.16.139.209 104.16.139.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	130.211.5.208 130.211.5.208	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.17.175.201 104.17.175.201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.223.152 104.17.223.152	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.75.142 104.16.75.142	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	173.194.68.154 173.194.68.154	15169 (GOOGLE) (GOOGLE)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	31.13.66.35 31.13.66.35	32934 (FACEBOOK) (FACEBOOK)
1	209.85.144.99 209.85.144.99	15169 (GOOGLE) (GOOGLE)
1	209.85.201.94 209.85.201.94	15169 (GOOGLE) (GOOGLE)
2	104.16.117.116 104.16.117.116	13335 (CLOUDFLAR...) (CLOUDFLARENET)
45	25

1 35.202.21.90 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.21.202.35.bc.googleusercontent.com

cloudphish.lpages.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.203.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.203.107.34.bc.googleusercontent.com

static.leadpages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.leadpages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.120.132.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.132.120.34.bc.googleusercontent.com

user.lpcontent.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.205.132 (United States)

ASN15169 (GOOGLE, US)
PTR: qm-in-f132.1e100.net

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.38.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2615.1e100.net

js.center.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.174.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.34.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2215.1e100.net

js.center.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.192.151.63 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.151.192.35.bc.googleusercontent.com

api.leadpages.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.19.207.34 (Ashburn, United States)

ASN60068 (CDN77 _, GB)
PTR: 37-19-207-34.bunnyinfra.net

cdn.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hits-i.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.49.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-117.jfk52.r.cloudfront.net

public.profitwell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.21.237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.96.221.72 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-96-221-72.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.139.209 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.5.208 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 208.5.211.130.bc.googleusercontent.com

cdn4.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.175.201 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.223.152 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.75.142 (None, )

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.68.154 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f154.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.66.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-iad3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.85.144.99 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f99.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.85.201.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qu-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.117.116 (None, )

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	iubenda.com cdn.iubenda.com — Cisco Umbrella Rank: 11925 cs.iubenda.com — Cisco Umbrella Rank: 13727 hits-i.iubenda.com — Cisco Umbrella Rank: 14004	70 KB
5	lpcontent.net user.lpcontent.net — Cisco Umbrella Rank: 185444	138 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 345	14 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	4 KB
2	hubspot.com js.hubspot.com Failed api.hubspot.com — Cisco Umbrella Rank: 4890	973 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	71 KB
2	leadpages.com static.leadpages.com — Cisco Umbrella Rank: 455016	5 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	192 KB
2	center.io js.center.io — Cisco Umbrella Rank: 53739	5 KB
2	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 44	40 KB
1	google.ca www.google.ca — Cisco Umbrella Rank: 10035	64 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	64 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 338	761 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	1 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4801	24 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3146	4 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2225	24 KB
1	mxpnl.com cdn4.mxpnl.com — Cisco Umbrella Rank: 12727	19 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2460	1 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 803	17 KB
1	profitwell.com public.profitwell.com — Cisco Umbrella Rank: 12342	9 KB
1	leadpages.io api.leadpages.io — Cisco Umbrella Rank: 45465	668 B
1	leadpages.net static.leadpages.net — Cisco Umbrella Rank: 51482	26 KB
1	lpages.co cloudphish.lpages.co	18 KB
0	hscollectedforms.net Failed js.hscollectedforms.net Failed
0	hs-banner.com Failed js.hs-banner.com Failed
45	26

	Domain	Requested by
5	user.lpcontent.net	cloudphish.lpages.co user.lpcontent.net
3	bat.bing.com	cloudphish.lpages.co bat.bing.com
3	cdn.iubenda.com	www.googletagmanager.com cdn.iubenda.com
2	api.hubspot.com	js.usemessages.com
2	www.facebook.com	cloudphish.lpages.co
2	connect.facebook.net	cloudphish.lpages.co connect.facebook.net
2	static.leadpages.com	www.googletagmanager.com
2	www.googletagmanager.com	cloudphish.lpages.co www.googletagmanager.com
2	js.center.io	cloudphish.lpages.co js.center.io
2	lh3.googleusercontent.com	cloudphish.lpages.co
1	www.google.ca	cloudphish.lpages.co
1	www.google.com	cloudphish.lpages.co
1	px.ads.linkedin.com	snap.licdn.com cloudphish.lpages.co
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	hits-i.iubenda.com	cdn.iubenda.com
1	cdn4.mxpnl.com	cloudphish.lpages.co
1	js.hs-scripts.com	www.googletagmanager.com
1	snap.licdn.com	cloudphish.lpages.co
1	cs.iubenda.com	cdn.iubenda.com
1	public.profitwell.com	cloudphish.lpages.co
1	api.leadpages.io	js.center.io
1	static.leadpages.net	cloudphish.lpages.co
1	cloudphish.lpages.co
0	js.hscollectedforms.net Failed	js.hs-scripts.com
0	js.hubspot.com Failed	js.hs-scripts.com
0	js.hs-banner.com Failed	js.hs-scripts.com
45	29

This site contains links to these domains. Also see Links.

Domain
www.leadpages.com
my.leadpages.com
lp.leadpages.com

Subject Issuer	Validity	Valid
*.lpages.co R3	`2024-05-14` - `2024-08-12`	3 months	crt.sh
static.leadpages.net GTS CA 1D4	`2024-04-08` - `2024-07-07`	3 months	crt.sh
user.lpcontent.net GTS CA 1D4	`2024-04-11` - `2024-07-10`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
js.center.io GTS CA 1D4	`2024-04-27` - `2024-07-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.leadpages.io R3	`2024-05-14` - `2024-08-12`	3 months	crt.sh
*.iubenda.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-01` - `2025-03-03`	a year	crt.sh
*.profitwell.com Amazon RSA 2048 M02	`2024-05-03` - `2025-06-01`	a year	crt.sh
static.leadpages.com WR3	`2024-05-21` - `2024-08-19`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-03` - `2024-06-01`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-05-01` - `2024-06-27`	2 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
hs-scripts.com E1	`2024-04-01` - `2024-06-30`	3 months	crt.sh
*.mxpnl.com GeoTrust TLS RSA CA G1	`2023-07-12` - `2024-08-11`	a year	crt.sh
hs-analytics.net GTS CA 1P5	`2024-04-13` - `2024-07-12`	3 months	crt.sh
hsadspixel.net E1	`2024-04-16` - `2024-07-15`	3 months	crt.sh
usemessages.com E1	`2024-04-12` - `2024-07-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
*.google.com GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
hubspot.com E1	`2024-05-23` - `2024-08-21`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://cloudphish.lpages.co/
Frame ID: 7AACA7C33DBE432A06BF7F97CA25D360
Requests: 43 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: 52D4F03A5540159EA2D65553CDD66BA8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

404 Error

Page URL History Show full URLs

http://cloudphish.lpages.co/ HTTP 307
https://cloudphish.lpages.co/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Iubenda (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

iubenda\.com/cookie-solution/confs/js/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Profitwell (Analytics) Expand

Overall confidence: 100%
Detected patterns

public\.profitwell\.com/js/profitwell\.js

Page Statistics

45
Requests

91 %
HTTPS

0 %
IPv6

26
Domains

29
Subdomains

25
IPs

2
Countries

687 kB
Transfer

1937 kB
Size

7
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.leadpages.com/
Title: .css-qcy3kw{display:inline-block;vertical-align:middle;max-width:6012px;}@media (max-width:530px){.site-header .composite .widget .css-qcy3kw{max-width:calc(100% - 80px);}}

Search URL Search Domain Scan URL

URL: https://my.leadpages.com/login
Title: Log in

Search URL Search Domain Scan URL

URL: https://lp.leadpages.com/free-trial
Title: Sign Up Free

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cloudphish.lpages.co/ HTTP 307
https://cloudphish.lpages.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request / Show response
cloudphish.lpages.co/
Redirect Chain

http://cloudphish.lpages.co/
https://cloudphish.lpages.co/

98 KB
18 KB

191ms
85ms

Document
text/html

35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cloudphish.lpages.co/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 90.21.202.35.bc.googleusercontent.com
Software: Leadpages /
Resource Hash: 5494ffe6a4e4683455c4ae9e3f1126a710ccad353f5ca3db2842fc2e40c81f13

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Fri, 24 May 2024 17:54:09 GMT
server: Leadpages
vary: Accept-Encoding

Redirect headers

Location: https://cloudphish.lpages.co/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 all.min.css
static.leadpages.net/fonts/font-awesome/6.4.2/css/ 100 KB
26 KB 70ms
20ms Stylesheet
text/css 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/6.4.2/css/all.min.css
Requested by: Host: cloudphish.lpages.co
URL: https://cloudphish.lpages.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 16 May 2024 13:08:20 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 708349
etag: "-6uIpg"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: f540ef100b9625b99bc6250fb51c32a4
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26836
expires: Fri, 16 May 2025 13:08:20 GMT

GET
H2 200 c7HHm2unNp3hi8ghK3bQ6V.css
user.lpcontent.net/fonts/SWj8CcTJn4MW4eGBBDcRXg/ 786 B
1 KB 71ms
22ms Stylesheet
text/css 34.120.132.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://user.lpcontent.net/fonts/SWj8CcTJn4MW4eGBBDcRXg/c7HHm2unNp3hi8ghK3bQ6V.css?time=1620848825
Requested by: Host: cloudphish.lpages.co
URL: https://cloudphish.lpages.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.132.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.132.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3def9a50a9e6fd7ad93a7c0b5040e4c60c15215b1b7fcf40f15e313d7f292d36

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cloudphish.lpages.co/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 17:42:23 GMT
via: 1.1 google
age: 706
x-guploader-uploadid: ABPtcPqKdNHpVrNI2H3uQTwo3OLZINu4l__ERWM3FIY4WrDE0VnpOaG0GpD3_Bi1vyg2OITdVBEqJ6b-2g
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 786
last-modified: Wed, 12 May 2021 19:47:04 GMT
server: UploadServer
etag: "2826942559f7b28429635b3cec7e297b"
x-goog-generation: 1620848824936216
content-type: text/css
access-control-allow-origin: *
x-goog-hash: crc32c=GBQdDA==, md5=KCaUJVn3soQpY1s87H4pew==
access-control-expose-headers: content-type
cache-control: public, max-age=3600
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
x-goog-stored-content-length: 786
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Fri, 24 May 2024 18:42:23 GMT

GET
H2 200 FBgakARR2Ssfv2iQ68iZjg.css
user.lpcontent.net/fonts/SWj8CcTJn4MW4eGBBDcRXg/ 1 KB
2 KB 70ms
21ms Stylesheet
text/css 34.120.132.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://user.lpcontent.net/fonts/SWj8CcTJn4MW4eGBBDcRXg/FBgakARR2Ssfv2iQ68iZjg.css?time=1620848897
Requested by: Host: cloudphish.lpages.co
URL: https://cloudphish.lpages.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.132.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.132.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 807d72e55b4c3cb21d7bc66fb69f957218a0e3ea149492495a2403ac301e0896

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cloudphish.lpages.co/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 17:10:07 GMT
via: 1.1 google
age: 2642
x-guploader-uploadid: ABPtcPqjOI4HLFHZ-r7r2FOGTMk3HrHuq2JXd-t5pN_3EY8HOvyMwZqEzzDbjH3Mclnic3Nx8MzfafVXAg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1175
last-modified: Wed, 12 May 2021 19:48:16 GMT
server: UploadServer
etag: "f0a316ab7fb54aeff2e380ed51f5705b"
x-goog-generation: 1620848896855294
content-type: text/css
access-control-allow-origin: *
x-goog-hash: crc32c=X3vwHg==, md5=8KMWq3+1Su/y44DtUfVwWw==
access-control-expose-headers: content-type
cache-control: public, max-age=3600
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
x-goog-stored-content-length: 1175
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Fri, 24 May 2024 18:10:07 GMT

GET
H2 200 LIcVKv_Qh7-UNXEl9SQFS9iTwg4L2OdSs73GC0Zlq-oFBgGQJgTJBCwFzPxeW4Kp3Zl-DPrRPhETWJsH6dwtxg=w1064
lh3.googleusercontent.com/ 38 KB
39 KB 503ms
54ms Image
image/png 173.194.205.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/LIcVKv_Qh7-UNXEl9SQFS9iTwg4L2OdSs73GC0Zlq-oFBgGQJgTJBCwFzPxeW4Kp3Zl-DPrRPhETWJsH6dwtxg=w1064

Requested by

Host: cloudphish.lpages.co
URL: https://cloudphish.lpages.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.205.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f132.1e100.net

Software

fife /

Resource Hash

e5580c3b54b8e4148be84b8a93cc77bf08728b5737a3e744be7d10407f160356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cloudphish.lpages.co/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 17:54:06 GMT
x-content-type-options: nosniff
age: 3
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39145
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 25 May 2024 17:54:06 GMT

GET
H2 200 3MGPQa8ZEYlGGcQy08PtflX7z0ik_OzbsDnRc0UHj7h2Eh4vrpX9jkCxdAb6mLxA1sJc2F-88J3sO1CJjT7-XWA=s0
lh3.googleusercontent.com/ 1 KB
1 KB 540ms
91ms Image
image/png 173.194.205.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/3MGPQa8ZEYlGGcQy08PtflX7z0ik_OzbsDnRc0UHj7h2Eh4vrpX9jkCxdAb6mLxA1sJc2F-88J3sO1CJjT7-XWA=s0

Requested by

Host: cloudphish.lpages.co
URL: https://cloudphish.lpages.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.205.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qm-in-f132.1e100.net

Software

fife /

Resource Hash

9da1d24acad38b9a23a0ff180b0162475b86100412f5006c869830b09938f090

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cloudphish.lpages.co/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 17:54:06 GMT
x-content-type-options: nosniff
age: 3
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1418
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 25 May 2024 17:54:06 GMT

GET
H2 200 center.js Show response
js.center.io/ 12 KB
5 KB 393ms
43ms Script
application/javascript 216.239.38.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: cloudphish.lpages.co
URL: https://cloudphish.lpages.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.38.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2615.1e100.net
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cloudphish.lpages.co/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 17:53:54 GMT
content-encoding: gzip
server: Google Frontend
age: 15
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: 58ce43c7acac9dbd371a77b6def57a84
cache-control: public, max-age=300
content-length: 5417
expires: Fri, 24 May 2024 17:58:54 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 339 KB
109 KB 1213ms
84ms Script
application/javascript 142.251.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5QF22W

Requested by

Host: cloudphish.lpages.co
URL: https://cloudphish.lpages.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.174.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

4598467ae8c1ef3894e17b007e43dab84c5072ee386e065add7934eb1b87c4d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cloudphish.lpages.co/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 17:54:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 111013
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 24 May 2024 17:54:10 GMT

GET
H3 200 VpHK3tNeBcNAQpQHrQioTA.woff2
user.lpcontent.net/fonts/SWj8CcTJn4MW4eGBBDcRXg/FBgakARR2Ssfv2iQ68iZjg/ 46 KB
46 KB 48ms
25ms Font
fonts/woff2 34.120.132.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://user.lpcontent.net/fonts/SWj8CcTJn4MW4eGBBDcRXg/FBgakARR2Ssfv2iQ68iZjg/VpHK3tNeBcNAQpQHrQioTA.woff2?time=1620848896
Requested by: Host: user.lpcontent.net
URL: https://user.lpcontent.net/fonts/SWj8CcTJn4MW4eGBBDcRXg/FBgakARR2Ssfv2iQ68iZjg.css?time=1620848897
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.132.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.132.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 09d982564a92075d07999eae4fb9e1e8051397e2a8ad41931df5545ed4f78777

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://user.lpcontent.net/fonts/SWj8CcTJn4MW4eGBBDcRXg/FBgakARR2Ssfv2iQ68iZjg.css?time=1620848897
Origin: https://cloudphish.lpages.co
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 16:59:53 GMT
via: 1.1 google
age: 3256
x-guploader-uploadid: ABPtcPpctgsOC7SJt9ErH_FnPw-CrZQ5YyWXFxb-w3SUzUiCGzzdQK_9cmiArq5XNaEwVtHV4u6Wr_I8jA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46860
last-modified: Wed, 12 May 2021 19:48:16 GMT
server: UploadServer
etag: "8b6b3d38d4715faa322b5042bd8c5f57"
x-goog-generation: 1620848896205234
x-goog-hash: crc32c=X4AixA==, md5=i2s9ONRxX6oyK1BCvYxfVw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, content-type
cache-control: public, max-age=3600
x-goog-stored-content-length: 46860
accept-ranges: bytes
content-type: fonts/woff2
expires: Fri, 24 May 2024 17:59:53 GMT

GET
H3 200 dS2BiEmhUsz4GphQQRmemS.woff2
user.lpcontent.net/fonts/SWj8CcTJn4MW4eGBBDcRXg/FBgakARR2Ssfv2iQ68iZjg/ 46 KB
46 KB 42ms
21ms Font
fonts/woff2 34.120.132.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://user.lpcontent.net/fonts/SWj8CcTJn4MW4eGBBDcRXg/FBgakARR2Ssfv2iQ68iZjg/dS2BiEmhUsz4GphQQRmemS.woff2?time=1620848896
Requested by: Host: user.lpcontent.net
URL: https://user.lpcontent.net/fonts/SWj8CcTJn4MW4eGBBDcRXg/FBgakARR2Ssfv2iQ68iZjg.css?time=1620848897
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.132.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.132.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e21a2c50512b98f3bf118815326b95419de9931513e177d5ff7b99bbcf812f58

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://user.lpcontent.net/fonts/SWj8CcTJn4MW4eGBBDcRXg/FBgakARR2Ssfv2iQ68iZjg.css?time=1620848897
Origin: https://cloudphish.lpages.co
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 17:15:08 GMT
via: 1.1 google
age: 2341
x-guploader-uploadid: ABPtcPpqPObyPI9KUEHHWr69u5o04HlKWUcOJ2vF_d96gY6sw1uO7Xj3Ce8NbAjRB6jwuf2ls-U
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46896
last-modified: Wed, 12 May 2021 19:48:16 GMT
server: UploadServer
etag: "b76049f7b22b3bdc063bd1d394eabffc"
x-goog-generation: 1620848896135412
x-goog-hash: crc32c=57xZ7w==, md5=t2BJ97IrO9wGO9HTlOq//A==
access-control-allow-origin: *
access-control-expose-headers: content-type
cache-control: public, max-age=3600
x-goog-stored-content-length: 46896
accept-ranges: bytes
content-type: fonts/woff2
expires: Fri, 24 May 2024 18:15:08 GMT

GET
H3 200 Gg8NMQJCLMy6e2h6qq4z76.woff2
user.lpcontent.net/fonts/SWj8CcTJn4MW4eGBBDcRXg/c7HHm2unNp3hi8ghK3bQ6V/ 44 KB
44 KB 55ms
33ms Font
fonts/woff2 34.120.132.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://user.lpcontent.net/fonts/SWj8CcTJn4MW4eGBBDcRXg/c7HHm2unNp3hi8ghK3bQ6V/Gg8NMQJCLMy6e2h6qq4z76.woff2?time=1620848824
Requested by: Host: user.lpcontent.net
URL: https://user.lpcontent.net/fonts/SWj8CcTJn4MW4eGBBDcRXg/c7HHm2unNp3hi8ghK3bQ6V.css?time=1620848825
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.132.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.132.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 36e2569671518a30e97f06b180abb3d8a2e31640fb731048b8e6d4070c8e38ff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://user.lpcontent.net/fonts/SWj8CcTJn4MW4eGBBDcRXg/c7HHm2unNp3hi8ghK3bQ6V.css?time=1620848825
Origin: https://cloudphish.lpages.co
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 17:10:26 GMT
via: 1.1 google
age: 2623
x-guploader-uploadid: ABPtcPpnxs3ZlQAUt3XZUVFCFy14SLkmSrwreZY1e6azF9Q6VI4-0Ae4KY98iGf4Fc6IqBFeU8c
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44672
last-modified: Wed, 12 May 2021 19:47:04 GMT
server: UploadServer
etag: "e3ca664444800ac8b93636dc52cd7334"
x-goog-generation: 1620848824314391
x-goog-hash: crc32c=oOZDJA==, md5=48pmRESACsi5NjbcUs1zNA==
access-control-allow-origin: *
access-control-expose-headers: content-type
cache-control: public, max-age=3600
x-goog-stored-content-length: 44672
accept-ranges: bytes
content-type: fonts/woff2
expires: Fri, 24 May 2024 18:10:26 GMT

GET
H2 200 identify.html
js.center.io/ Frame 52D4 0
0 104ms
42ms Document
text/html 216.239.34.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.21 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2215.1e100.net
Software: Google Frontend /
Resource Hash

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://cloudphish.lpages.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 91
cache-control: public, max-age=300
content-encoding: gzip
content-length: 2016
content-type: text/html
date: Fri, 24 May 2024 17:52:39 GMT
etag: "OMWYXg"
expires: Fri, 24 May 2024 17:57:39 GMT
server: Google Frontend
x-cloud-trace-context: 75b9ed538793d339561c0da41f9bb518

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/events/ 35 B
668 B 162ms
57ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=YnZqAcs7vPqAxVABjoh5H9&v=&e=&st=&lc=en-CA&pid=wVxPjLuS24uynHELZfsPrV&uid=ZmSue2ZoEpdgvScNm4RTCL&sid=cdZcyKLb3DmMEKi2SwqtHZ&cid=lp-YnZqAcs7vPqAxVABjoh5H9&uri=https%3A%2F%2Fcloudphish.lpages.co%2F&rf=&rx=1600&ry=1200&tz=-07%3A00
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cloudphish.lpages.co/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 24 May 2024 17:54:10 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://cloudphish.lpages.co
X-Forwarded-For: 149.88.16.248
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00bljrecpv0kmvnbhs0g

GET
H2 200 stub.js Show response
cdn.iubenda.com/cs/ccpa/ 4 KB
2 KB 126ms
44ms Script
application/javascript 37.19.207.34
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iubenda.com/cs/ccpa/stub.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QF22W
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 _, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: 60f3978fd96db4f213d594e2c6b6ad6811f6ef809988c09a0050c7957b681dbc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cloudphish.lpages.co/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 17:54:11 GMT
content-encoding: br
cdn-edgestorageid: 925
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
cdn-cachedat: 05/24/2024 17:54:11
cdn-pullzone: 954456
last-modified: Fri, 24 May 2024 10:01:42 GMT
server: BunnyCDN-ASB1-925
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "66506586-5f6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: BYPASS
cdn-uid: a7bd0c3f-43db-400a-80e2-073f933f3c99
cache-control: public, max-age=3600
cdn-requestid: 8ce59e9e8237d4fb36cf08121df91ace
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 profitwell.js Show response
public.profitwell.com/js/ 35 KB
9 KB 104ms
35ms Script
application/javascript 18.238.49.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.profitwell.com/js/profitwell.js?auth=52b5ac26c22bd2bd209d040d7465d0b7
Requested by: Host: cloudphish.lpages.co
URL: https://cloudphish.lpages.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-117.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d19b7af86a35dfda3a91657fb0f532541ad1bf34b75c68bb9992a374cd5fd5f2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cloudphish.lpages.co/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 17:54:07 GMT
x-amz-version-id: uxIt1SCydrYnaOCuzhsDaHENAdMuSyNO
content-encoding: gzip
last-modified: Thu, 21 Dec 2023 14:58:22 GMT
server: AmazonS3
via: 1.1 932c2b3276a26e6c28876ec88fecf714.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P3
etag: W/"40097cdf413c1f1f303c66489742cb44"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 5
x-amz-cf-id: qyx7gDonVQ0_A1eAYXWJzSHtl4nxkZ7nkkwjHcQPoD070Ycy9W6cVw==

GET
H2 200 iubenda_cs.js Show response
cdn.iubenda.com/cs/ 1 KB
1 KB 40ms
39ms Script
application/javascript 37.19.207.34
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iubenda.com/cs/iubenda_cs.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QF22W
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 _, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: a29490f34602b08eac1eeb6a2c9d7e6cb687f182a315065713238b3ce3cfef5c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cloudphish.lpages.co/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 17:54:11 GMT
content-encoding: br
cdn-edgestorageid: 925
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
cdn-cachedat: 05/24/2024 17:54:11
cdn-pullzone: 954456
last-modified: Fri, 24 May 2024 10:01:42 GMT
server: BunnyCDN-ASB1-925
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "66506586-242"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: BYPASS
cdn-uid: a7bd0c3f-43db-400a-80e2-073f933f3c99
cache-control: public, max-age=3600
cdn-requestid: 20adc5bcb72682747d7e1fa3f724aa1f
cdn-requestcountrycode: CA
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 core-en.js Show response
cdn.iubenda.com/cookie_solution/iubenda_cs/1.61.0/ 335 KB
66 KB 43ms
43ms Script
application/javascript 37.19.207.34
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.61.0/core-en.js
Requested by: Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cs/iubenda_cs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 37.19.207.34 Ashburn, United States, ASN60068 (CDN77 _, GB),
Reverse DNS: 37-19-207-34.bunnyinfra.net
Software: BunnyCDN-ASB1-925 /
Resource Hash: dbcd51f11191e14b0dce5a69fa308c0070f5df13f0625f7f5e1709547b12dd8a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cloudphish.lpages.co/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cdn-requestpullsuccess: True
date: Fri, 24 May 2024 17:54:11 GMT
content-encoding: br
cdn-edgestorageid: 925
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
cdn-cachedat: 05/24/2024 10:41:34
cdn-pullzone: 954456
last-modified: Fri, 24 May 2024 10:01:41 GMT
server: BunnyCDN-ASB1-925
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "66506585-10535"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a7bd0c3f-43db-400a-80e2-073f933f3c99
cache-control: public, must-revalidate, proxy-revalidate, max-age=3600
cdn-requestid: dca73442991e3392ab2e517bce693ca3
cdn-requestcountrycode: CA
cdn-status: 200
expires: Fri, 24 May 2024 11:41:34 GMT

GET
H2 200 14952535.js Show response
cs.iubenda.com/cookie-solution/confs/js/ 204 B
779 B 38ms
37ms Script
application/javascript 37.19.207.34
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://cs.iubenda.com/cookie-solution/confs/js/14952535.js

Requested by

Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.61.0/core-en.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.19.207.34 Ashburn, United States, ASN60068 (CDN77 _, GB),

Reverse DNS

37-19-207-34.bunnyinfra.net

Software

BunnyCDN-ASB1-925 /

Resource Hash

287c6bd687162409f07cdc941c0458cfe637c9ad50c3254a6486203a75a98e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cloudphish.lpages.co/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

cdn-requestpullsuccess: True
date: Fri, 24 May 2024 17:54:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cdn-edgestorageid: 925
cdn-cachedat: 05/23/2024 16:26:03
cdn-pullzone: 1019485
last-modified: Thu, 07 Mar 2024 23:50:50 GMT
server: BunnyCDN-ASB1-925
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"65ea52da-cc"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a7bd0c3f-43db-400a-80e2-073f933f3c99
cache-control: public, max-age=3600
access-control-allow-credentials: true
cdn-requestid: 1d6c8e01383370467abc15f7a7262f05
cdn-requestcountrycode: CA
cdn-status: 200
expires: Thu, 23 May 2024 17:26:03 GMT

GET
H2 200 mixdown.js Show response
static.leadpages.com/mktg/mixdown/current/ 9 KB
4 KB 64ms
20ms Script
application/javascript 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.com/mktg/mixdown/current/mixdown.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QF22W
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: fc78e072732d24a90a63cbcdee55789b7f3d98ef159707ba81241e76913c26fe

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cloudphish.lpages.co/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 17:53:23 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 48
etag: "-6uIpg"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: 69d6675af92e3a36ac547eb37eb846fb
cache-control: public, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3434
expires: Fri, 24 May 2024 17:58:23 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 236 KB
84 KB 66ms
63ms Script
application/javascript 142.251.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-975363878&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QF22W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.174.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

0d94d38ea2b26e9d904ea5e75de196d12d33644904ff716eba3b7747ef621af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cloudphish.lpages.co/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 17:54:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85438
x-xss-protection: 0
last-modified: Fri, 24 May 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 May 2024 17:54:11 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 121ms
36ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cloudphish.lpages.co
URL: https://cloudphish.lpages.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cloudphish.lpages.co/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 24 May 2024 17:54:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57845
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=12, mss=1380, tbw=2817, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: lbkDpH/UBz75fkSIfXjG9ZGoxv8JzMhSSlqkLsa6wdgECpUeJe4avHwFpUIAV7Ri5im96DEpAVqqMrPjBbSt6Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 133ms
49ms Script
application/javascript 13.107.21.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: cloudphish.lpages.co
URL: https://cloudphish.lpages.co/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cloudphish.lpages.co/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 24 May 2024 17:54:10 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FA12A12259D24B998908AF49B9DD5951 Ref B: YTO01EDGE0512 Ref C: 2024-05-24T17:54:11Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 47 KB
17 KB 178ms
87ms Script
application/javascript 104.96.221.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: cloudphish.lpages.co
URL: https://cloudphish.lpages.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.96.221.72 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-96-221-72.deploy.static.akamaitechnologies.com

Software

Resource Hash

899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cloudphish.lpages.co/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 17:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 06 May 2024 17:20:18 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=84916
accept-ranges: bytes
content-length: 16683

GET
H2 200 attribution-syncer.js Show response
static.leadpages.com/mktg/attribution-syncer/current/ 4 KB
2 KB 61ms
21ms Script
application/javascript 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.com/mktg/attribution-syncer/current/attribution-syncer.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QF22W
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 6b68baa257dae3591e46d6e9b1bbc3aef1ebb5ee112bedbd1fb418afe2a38293

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cloudphish.lpages.co/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 17:50:52 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 199
etag: "-6uIpg"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: 336972c690a3807691c0853c6ef5c668
cache-control: public, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1832
expires: Fri, 24 May 2024 17:55:52 GMT

GET
H2 200 21794907.js Show response
js.hs-scripts.com/ 3 KB
1 KB 93ms
40ms Script
application/javascript 104.16.139.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/21794907.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QF22W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.139.209 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83c2b6d9d8cff6bee0896d849acf7771a0844b0d3b1489f132a5fb380ddde35d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cloudphish.lpages.co/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 17:54:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-hubspot-correlation-id: c86ea1fc-df8d-4ff9-a36f-37cac4a89ea0
x-evy-trace-route-service-name: envoyset-translator
cf-polished: origSize=2998
age: 48
x-envoy-upstream-service-time: 22
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: c86ea1fc-df8d-4ff9-a36f-37cac4a89ea0
cf-bgj: minify
last-modified: Fri, 24 May 2024 17:53:23 GMT
server: cloudflare
access-control-max-age: 3600
vary: origin, Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://backtoherroots.lpages.co
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-l9tqr
x-evy-trace-virtual-host: all
access-control-allow-credentials: true
cache-control: public, max-age=90
cf-ray: 888f2644ec2436c7-YYZ
expires: Fri, 24 May 2024 17:55:41 GMT

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn4.mxpnl.com/libs/ 54 KB
19 KB 72ms
20ms Script
text/javascript 130.211.5.208
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: cloudphish.lpages.co
URL: https://cloudphish.lpages.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.5.208 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 208.5.211.130.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 87a9dc9be70cd0233d8ce1e472fe0751e178b7a1a42f5adde35f275ef0cefcc3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cloudphish.lpages.co/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 17:53:40 GMT
content-encoding: gzip
age: 31
x-guploader-uploadid: ABPtcPpyXpwFGRjiwt3LsZYMj0jJEenpFt5JL4RemPXn9z_6Omn8edl1mBvekJZezyBaWMYdOA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18793
last-modified: Fri, 26 Apr 2024 20:55:25 GMT
server: UploadServer
etag: "699087d24603faf41a8ef844dd0c55d1"
vary: Accept-Encoding
x-goog-generation: 1714164925156474
x-goog-hash: crc32c=4oRQEw==, md5=aZCH0kYD+vQajvhE3QxV0Q==
access-control-allow-origin: *
content-type: text/javascript
cache-control: public,max-age=600
x-goog-stored-content-length: 18793
accept-ranges: bytes
expires: Fri, 24 May 2024 18:03:40 GMT

POST
H2 204 write Show response
hits-i.iubenda.com/ 0
593 B 231ms
137ms XHR
text/plain 37.19.207.34
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://hits-i.iubenda.com/write?db=hits1

Requested by

Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.61.0/core-en.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.19.207.34 Ashburn, United States, ASN60068 (CDN77 _, GB),

Reverse DNS

37-19-207-34.bunnyinfra.net

Software

BunnyCDN-ASB1-925 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://cloudphish.lpages.co/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 24 May 2024 17:54:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cdn-edgestorageid: 925
x-influxdb-build: OSS
x-influxdb-version: v2.7.5
cdn-cachedat: 05/24/2024 17:54:11
cdn-pullzone: 967785
server: BunnyCDN-ASB1-925
cdn-proxyver: 1.04
cdn-requestpullcode: 204
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cdn-uid: a7bd0c3f-43db-400a-80e2-073f933f3c99
cache-control: public, max-age=0
access-control-allow-credentials: true
cdn-requestid: a7c5957e3a15fe3994299f5548bfbf4d
cdn-requestcountrycode: CA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
cdn-requestpullsuccess: True

GET
H2 200 21794907.js Show response
js.hs-analytics.net/analytics/1716573000000/ 67 KB
24 KB 114ms
52ms Script
text/javascript 104.17.175.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1716573000000/21794907.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21794907.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.175.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4499ef6bf3a5ae468b7afb4ab6f42ec825d8562c5bc7de1bd2213a8f9b7f15e5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cloudphish.lpages.co/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 17:54:11 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: EJCQWHM3F080JSZR
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 1cb1bf69-d896-4925-8454-6b82c9a33c2f
age: 150
x-envoy-upstream-service-time: 28
x-amz-id-2: V2lQ2UpOxy0NJlN94mwhvPB1rBE0PGGqtvYn0ONfYi4QJC5XkFdYR6gxZKTs3wapvjQSjGNYVHA=
x-evy-trace-listener: listener_https
x-request-id: 1cb1bf69-d896-4925-8454-6b82c9a33c2f
x-evy-trace-route-configuration: listener_https/all
last-modified: Fri, 24 May 2024 16:15:30 GMT
server: cloudflare
etag: W/"7bbce5e76727e1e7f33ff012cc9c794b"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-gnznr
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 888f26459e67ac30-YYZ
expires: Fri, 24 May 2024 17:56:41 GMT

GET banner.js
js.hs-banner.com/v2/21794907/ 0
0

GET web-interactives-embed.js
js.hubspot.com/ 0
0

GET collectedforms.js
js.hscollectedforms.net/ 0
0

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 1660ms
29ms Script
application/javascript 104.17.223.152
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21794907.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.223.152 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

081cf70b8e6c0d1d978f810f4537e84501c1940d54cd19aee0b065fb8fea3c5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cloudphish.lpages.co/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 17:54:13 GMT
x-amz-version-id: 3uRfq0xkxtJ5qmNotyFivu_Hfg8U.PRS
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 6b29c936420d116b13807604a0e67044.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 364
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.562/bundles/pixels-release.js&cfRay=888f1d6cae16ac31-YYZ
x-cache: Hit from cloudfront
x-hubspot-correlation-id: b00ba8b6-d613-4887-9268-bb818f20f60e
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b00ba8b6-d613-4887-9268-bb818f20f60e
last-modified: Thu, 23 May 2024 14:45:23 UTC
server: cloudflare
etag: W/"8c40e1f5f100c96c8a0884459629fdec"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-wlmbb
cf-ray: 888f264f6e3c36ca-YYZ
x-amz-cf-id: H74PV1gqPsu71PqaSugfXS8S-FgKMwGv0P6-Fw1ZlNh7w0Ik883wfw==
x-hs-target-asset: adsscriptloaderstatic/static-1.562/bundles/pixels-release.js

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 86 KB
24 KB 1666ms
33ms Script
application/javascript 104.16.75.142
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21794907.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.75.142 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fcc2d62aa56006d7087b11b473c6f12aa61eab39d385475bf68cd96391ffcb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cloudphish.lpages.co/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 17:54:13 GMT
x-amz-version-id: .qDGC7zo0zmijZixEpdNGhvW8Rd7SOzn
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 3d4bfc42e9575ee1f9559241c9e3f464.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 240
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.16462/bundles/project.js&cfRay=888f2073aaf436fa-YYZ
x-cache: Hit from cloudfront
x-hubspot-correlation-id: eabc5f60-a34f-4e14-b12a-429918760302
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 2
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: eabc5f60-a34f-4e14-b12a-429918760302
last-modified: Thu, 23 May 2024 14:37:23 UTC
server: cloudflare
etag: W/"725a8590d0b92cb071bed0679fb11bd0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-rl62l
cf-ray: 888f264f6c7dac81-YYZ
x-amz-cf-id: msW_uhRhD9axGwqqiY2L2lR8Y31MSU3K3h18NQQfShihii2gpQmRpQ==
x-hs-target-asset: conversations-embed/static-1.16462/bundles/project.js

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/975363878/ 3 KB
1 KB 169ms
58ms Script
text/javascript 173.194.68.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975363878/?random=1716573251409&cv=11&fst=1716573251409&bg=ffffff&guid=ON&async=1&gtm=45be45m0v9105622081z86789581za201zb6789581&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcloudphish.lpages.co%2F&hn=www.googleadservices.com&frm=0&tiba=404%20Error&npa=0&us_privacy=1---&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-975363878&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.68.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qr-in-f154.1e100.net

Software

cafe /

Resource Hash

7501a3a991d6bcab65f59a0919b62f52db5e226a793df36ac39a7210002af153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cloudphish.lpages.co/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 17:54:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1396
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 5129109.js Show response
bat.bing.com/p/action/ 0
119 B 63ms
52ms Script
text/plain 13.107.21.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5129109.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cloudphish.lpages.co/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 24 May 2024 17:54:10 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2FDB4FBCFFD04A66B59BBE454537BF84 Ref B: YTO01EDGE0512 Ref C: 2024-05-24T17:54:11Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
361 B 67ms
63ms Image
text/plain 13.107.21.237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5129109&Ver=2&mid=8acf5156-b608-4bad-890b-76ac2c352c78&sid=a05459a019f611ef9ae0cbdee7b57fcd&vid=a0554da019f611ef82437da1d0e8f8ff&vids=1&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=404%20Error&p=https%3A%2F%2Fcloudphish.lpages.co%2F&r=&lt=341&evt=pageLoad&sv=1&rn=801198

Requested by

Host: cloudphish.lpages.co
URL: https://cloudphish.lpages.co/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cloudphish.lpages.co/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 24 May 2024 17:54:10 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A1E49A98E0D54A74A899CF574DDEF1C0 Ref B: YTO01EDGE0512 Ref C: 2024-05-24T17:54:11Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1482449758700184 Show response
connect.facebook.net/signals/config/ 58 KB
13 KB 67ms
36ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1482449758700184?v=2.9.156&r=stable&domain=cloudphish.lpages.co&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

4e407828f46180d6f2b8c1c83bec89549df5ec0f109ddba2ffbaf467a2649297

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cloudphish.lpages.co/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 24 May 2024 17:54:11 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12676
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=62, mss=1380, tbw=63394, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: ho4RiBjJsAH9yct0BWYlL1yIQrwB+IKJUkt59nE3PEnWX64POHk+yLa3H3Qaq/5O07YTuVl8SKux8mKHODmBow==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
761 B 471ms
124ms XHR
application/json 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=62142&time=1716573251501&url=https%3A%2F%2Fcloudphish.lpages.co%2F
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: *
Referer: https://cloudphish.lpages.co/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 17:54:10 GMT
content-encoding: gzip
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 3156B59BB30B41B0A8E941FED28708B9 Ref B: YTO01EDGE0808 Ref C: 2024-05-24T17:54:11Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lor1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYZNtrpAm8il8V9p3e+OA==
x-fs-uuid: 00061936dae9026f2297c57da777be38

GET collect
px.ads.linkedin.com/ 0
0

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 1474ms
36ms Image
text/plain 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1482449758700184&ev=PageView&dl=https%3A%2F%2Fcloudphish.lpages.co%2F&rl=&if=false&ts=1716573251579&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.2.1716573251578.556897820&ler=empty&cdl=API_unavailable&it=1716573251494&coo=false&rqm=GET

Requested by

Host: cloudphish.lpages.co
URL: https://cloudphish.lpages.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cloudphish.lpages.co/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1380, tbw=2799, tp=-1, tpl=-1, uplat=1, ullat=1
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 24 May 2024 17:54:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 1539ms
102ms Image
image/png 31.13.66.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1482449758700184&ev=PageView&dl=https%3A%2F%2Fcloudphish.lpages.co%2F&rl=&if=false&ts=1716573251579&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.2.1716573251578.556897820&ler=empty&cdl=API_unavailable&it=1716573251494&coo=false&rqm=FGET

Requested by

Host: cloudphish.lpages.co
URL: https://cloudphish.lpages.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-iad3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cloudphish.lpages.co/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x0583d8d8a8bab68c","source_keys":["1","2"]},{"key_piece":"0x861b1daa9e73fa1e","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 24 May 2024 17:54:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1380, tbw=3117, tp=-1, tpl=-1, uplat=66, ullat=0
pragma: no-cache
x-fb-debug: fnaj8te1ETtFoW72m7O9zMfK235XDqPMWKuZqrvdYc3UrlrAbab/mHoJ+Tl9M9SWj1IVXoILD4j3/KO747Br1Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/975363878/ 42 B
64 B 169ms
60ms Image
image/gif 209.85.144.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/975363878/?random=1716573251409&cv=11&fst=1716570000000&bg=ffffff&guid=ON&async=1&gtm=45be45m0v9105622081z86789581za201zb6789581&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcloudphish.lpages.co%2F&hn=www.googleadservices.com&frm=0&tiba=404%20Error&npa=0&us_privacy=1---&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooL6V5AI2o0PSaUAHJSxqyvlgE5e9eztw&random=2465444096&rmt_tld=0&ipr=y

Requested by

Host: cloudphish.lpages.co
URL: https://cloudphish.lpages.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.144.99 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f99.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cloudphish.lpages.co/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 17:54:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/975363878/ 42 B
64 B 117ms
60ms Image
image/gif 209.85.201.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/975363878/?random=1716573251409&cv=11&fst=1716570000000&bg=ffffff&guid=ON&async=1&gtm=45be45m0v9105622081z86789581za201zb6789581&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcloudphish.lpages.co%2F&hn=www.googleadservices.com&frm=0&tiba=404%20Error&npa=0&us_privacy=1---&pscdl=noapi&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooL6V5AI2o0PSaUAHJSxqyvlgE5e9eztw&random=2465444096&rmt_tld=1&ipr=y

Requested by

Host: cloudphish.lpages.co
URL: https://cloudphish.lpages.co/

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cloudphish.lpages.co/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 17:54:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 117ms
71ms Preflight
text/plain 104.16.117.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=21794907&conversations-embed=static-1.16462&mobile=false&messagesUtk=58d4034ece4d4a41a7796059a28bdd67&traceId=58d4034ece4d4a41a7796059a28bdd67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://cloudphish.lpages.co
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://cloudphish.lpages.co
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 888f26502bf9b40a-YYZ
content-length: 18
content-type: text/plain; charset=utf-8
date: Fri, 24 May 2024 17:54:13 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yt44tEE6Cwr5t8hvobPlAsQqJ8A8Nm5D2pMtlC3QVDGCUOOSUREPIZrWj1LfS05boxTUSPnMhepe9BURyyVF7Z3fidHe0zKw7RNtwz%2FTYZlR%2Bnhrv4LtAAfy4JaWCv0n7A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 3
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-jpg76
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 2fc68c6a-537b-4db6-9d85-6433e1d9f972
x-request-id: 2fc68c6a-537b-4db6-9d85-6433e1d9f972

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 264 B
973 B 77ms
77ms XHR
application/json 104.16.117.116
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ed9e663ce1406fe2698b64be5f74fb32da848c574550a1699f82d282e04f9f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cloudphish.lpages.co/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
X-HubSpot-Messages-Uri: https://cloudphish.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 17:54:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 818a1b3b-3316-49b4-aa44-36c32db10f0e
x-envoy-upstream-service-time: 10
content-length: 210
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 818a1b3b-3316-49b4-aa44-36c32db10f0e
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://cloudphish.lpages.co
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-k9jtd
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4h8qrO1LYAjNQEM5Rh1SS9ns3rjhvnImx15F1l5r7rOuDC2KXQ6JKj%2BIHEZO7EL3KPZ23BZkIc6ro%2BBo%2FJlLJKljOTCpt6RKgu%2B3tH45UsWfOWC%2B0cQFHhewaYUxpzvAKA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 888f26509c79b40a-YYZ
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: js.hs-banner.com
URL: https://js.hs-banner.com/v2/21794907/banner.js

Domain: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Domain: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Domain: px.ads.linkedin.com
URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=62142&time=1716573251501&url=https%3A%2F%2Fcloudphish.lpages.co%2F

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.api.leadpages.io/analytics/v1/events/capture	1970-01-20 20:50:59	Name: view.wVxPjLuS24uynHELZfsPrV.YnZqAcs7vPqAxVABjoh5H9 Value: 1716573250000
.cloudphish.lpages.co/	1970-01-20 20:50:59	Name: _uetsid Value: a05459a019f611ef9ae0cbdee7b57fcd
.cloudphish.lpages.co/	1970-01-21 06:11:09	Name: _uetvid Value: a0554da019f611ef82437da1d0e8f8ff
.bing.com/	1970-01-21 06:11:09	Name: MUID Value: 33724346008C696423F857CF0126680E
.bat.bing.com/	1970-01-20 20:59:38	Name: MR Value: 0
.cloudphish.lpages.co/	1970-01-20 22:59:09	Name: _fbp Value: fb.2.1716573251578.556897820
.doubleclick.net/	1970-01-20 20:49:34	Name: test_cookie Value: CheckForPermission

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cloudphish.lpages.co/ Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://cloudphish.lpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cloudphish.lpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cloudphish.lpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cloudphish.lpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubspot.com
api.leadpages.io
bat.bing.com
cdn.iubenda.com
cdn4.mxpnl.com
cloudphish.lpages.co
connect.facebook.net
cs.iubenda.com
googleads.g.doubleclick.net
hits-i.iubenda.com
js.center.io
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hubspot.com
js.usemessages.com
lh3.googleusercontent.com
public.profitwell.com
px.ads.linkedin.com
snap.licdn.com
static.leadpages.com
static.leadpages.net
user.lpcontent.net
www.facebook.com
www.google.ca
www.google.com
www.googletagmanager.com
js.hs-banner.com
js.hscollectedforms.net
js.hubspot.com
px.ads.linkedin.com
104.16.117.116
104.16.139.209
104.16.75.142
104.17.175.201
104.17.223.152
104.96.221.72
13.107.21.237
13.107.42.14
130.211.5.208
142.251.174.97
173.194.205.132
173.194.68.154
18.238.49.117
209.85.144.99
209.85.201.94
216.239.34.21
216.239.38.21
31.13.66.19
31.13.66.35
34.107.203.240
34.120.132.252
35.192.151.63
35.202.21.90
37.19.207.34
081cf70b8e6c0d1d978f810f4537e84501c1940d54cd19aee0b065fb8fea3c5b
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
09d982564a92075d07999eae4fb9e1e8051397e2a8ad41931df5545ed4f78777
0d94d38ea2b26e9d904ea5e75de196d12d33644904ff716eba3b7747ef621af9
0ed9e663ce1406fe2698b64be5f74fb32da848c574550a1699f82d282e04f9f5
287c6bd687162409f07cdc941c0458cfe637c9ad50c3254a6486203a75a98e3d
36e2569671518a30e97f06b180abb3d8a2e31640fb731048b8e6d4070c8e38ff
3def9a50a9e6fd7ad93a7c0b5040e4c60c15215b1b7fcf40f15e313d7f292d36
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4499ef6bf3a5ae468b7afb4ab6f42ec825d8562c5bc7de1bd2213a8f9b7f15e5
4598467ae8c1ef3894e17b007e43dab84c5072ee386e065add7934eb1b87c4d1
4e407828f46180d6f2b8c1c83bec89549df5ec0f109ddba2ffbaf467a2649297
5494ffe6a4e4683455c4ae9e3f1126a710ccad353f5ca3db2842fc2e40c81f13
60f3978fd96db4f213d594e2c6b6ad6811f6ef809988c09a0050c7957b681dbc
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b68baa257dae3591e46d6e9b1bbc3aef1ebb5ee112bedbd1fb418afe2a38293
7501a3a991d6bcab65f59a0919b62f52db5e226a793df36ac39a7210002af153
807d72e55b4c3cb21d7bc66fb69f957218a0e3ea149492495a2403ac301e0896
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
83c2b6d9d8cff6bee0896d849acf7771a0844b0d3b1489f132a5fb380ddde35d
87a9dc9be70cd0233d8ce1e472fe0751e178b7a1a42f5adde35f275ef0cefcc3
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
8fcc2d62aa56006d7087b11b473c6f12aa61eab39d385475bf68cd96391ffcb4
9da1d24acad38b9a23a0ff180b0162475b86100412f5006c869830b09938f090
a29490f34602b08eac1eeb6a2c9d7e6cb687f182a315065713238b3ce3cfef5c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
d19b7af86a35dfda3a91657fb0f532541ad1bf34b75c68bb9992a374cd5fd5f2
dbcd51f11191e14b0dce5a69fa308c0070f5df13f0625f7f5e1709547b12dd8a
e21a2c50512b98f3bf118815326b95419de9931513e177d5ff7b99bbcf812f58
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5580c3b54b8e4148be84b8a93cc77bf08728b5737a3e744be7d10407f160356
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc78e072732d24a90a63cbcdee55789b7f3d98ef159707ba81241e76913c26fe

cloudphish.lpages.co Open in urlscan Pro 35.202.21.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

91 %HTTPS

0 %IPv6

26 Domains

29 Subdomains

25 IPs

2 Countries

687 kBTransfer

1937 kBSize

7 Cookies

3 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cloudphish.lpages.co Open in urlscan Pro
35.202.21.90 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

91 %
HTTPS

0 %
IPv6

26
Domains

29
Subdomains

25
IPs

2
Countries

687 kB
Transfer

1937 kB
Size

7
Cookies

45 HTTP transactions
0 data transactions