terranovasecurity.com Open in urlscan Pro
2606:4700:20::681a:e15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cq4wg04.na1.hs-sales-engage.com/Ctc/RF+23284/cq4WG04/JjT5fj_kW50kH_H6lZ3pMW7TwDKz1CPSW-W1tgTYz6G_v4GW6yyvlX5DwHj0W7bMMxb6k7d3KW3...
Effective URL:
https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_med...
Submission: On January 04 via manual (January 4th 2024, 8:55:11 pm UTC) from IN — Scanned from DE

Summary HTTP 108 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 27 IPs in 3 countries across 28 domains to perform 108 HTTP transactions. The main IP is 2606:4700:20::681a:e15, located in United States and belongs to CLOUDFLARENET, US. The main domain is terranovasecurity.com.
TLS certificate: Issued by E1 on January 2nd 2024. Valid for: 3 months.

This is the only time terranovasecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:440... 2606:4700:4400::6812:265b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2606:4700:20:... 2606:4700:20::681a:e15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	65.9.95.23 65.9.95.23	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:88ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:bb59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:212... 2600:9000:2127:b200:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	65.9.95.128 65.9.95.128	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6811:cff9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:22e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4fba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:7c0c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:fba8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	2a05:d018:cc3... 2a05:d018:cc3:fe04:8e67:cce2:569e:ad7f	16509 (AMAZON-02) (AMAZON-02)
14	65.9.95.46 65.9.95.46	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:b07d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	65.9.95.79 65.9.95.79	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:a07d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a04:4e42::644 2a04:4e42::644	54113 (FASTLY) (FASTLY)
1	2600:9000:212... 2600:9000:2127:d000:1e:c86:4140:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:600... 2a04:4e42:600::644	54113 (FASTLY) (FASTLY)
2	2600:9000:212... 2600:9000:2127:1400:3:471f:5240:93a1	16509 (AMAZON-02) (AMAZON-02)
1	65.9.95.116 65.9.95.116	16509 (AMAZON-02) (AMAZON-02)
108	27

2 2606:4700:4400::6812:265b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cq4wg04.na1.hs-sales-engage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2606:4700:20::681a:e15 (United States)

ASN13335 (CLOUDFLARENET, US)

terranovasecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 65.9.95.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-23.prg50.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:88ce (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:bb59 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:b200:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-128.prg50.r.cloudfront.net

linoma.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:cff9 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22e5 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4fba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7c0c (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:fba8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a05:d018:cc3:fe04:8e67:cce2:569e:ad7f (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 65.9.95.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-46.prg50.r.cloudfront.net

consent-pref.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:b07d (United States)

ASN13335 (CLOUDFLARENET, US)

forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-79.prg50.r.cloudfront.net

consent-st.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:a07d (United States)

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a04:4e42::644 (United States)

ASN54113 (FASTLY, US)

fast.wistia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:d000:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed-ssl.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::644 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2127:1400:3:471f:5240:93a1 (United States)

ASN16509 (AMAZON-02, US)

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-116.prg50.r.cloudfront.net

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	terranovasecurity.com terranovasecurity.com	1 MB
21	trustarc.com consent.trustarc.com — Cisco Umbrella Rank: 4240 consent-pref.trustarc.com — Cisco Umbrella Rank: 17761 consent-st.trustarc.com — Cisco Umbrella Rank: 48236	225 KB
11	wistia.net fast.wistia.net — Cisco Umbrella Rank: 21447	342 KB
8	hubspot.com js.hubspot.com — Cisco Umbrella Rank: 11380 api.hubspot.com — Cisco Umbrella Rank: 10046 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 11108 track.hubspot.com — Cisco Umbrella Rank: 5095 forms.hubspot.com — Cisco Umbrella Rank: 11250	30 KB
7	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 9216 forms-na1.hsforms.com — Cisco Umbrella Rank: 17099 perf-na1.hsforms.com — Cisco Umbrella Rank: 12287	21 KB
6	wistia.com linoma.wistia.com embed-ssl.wistia.com — Cisco Umbrella Rank: 19585 fast.wistia.com — Cisco Umbrella Rank: 11192 pipedream.wistia.com — Cisco Umbrella Rank: 16748 distillery.wistia.com — Cisco Umbrella Rank: 17080	27 KB
6	adroll.com 1 redirects s.adroll.com — Cisco Umbrella Rank: 4806 d.adroll.com — Cisco Umbrella Rank: 2450 ipv4.d.adroll.com Failed	29 KB
3	gstatic.com fonts.gstatic.com	24 KB
2	doubleclick.net 2 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 338	850 B
2	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 15786	307 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 438	59 KB
2	hs-sales-engage.com 1 redirects cq4wg04.na1.hs-sales-engage.com	3 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 11386	24 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 10691	88 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 5159	23 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 5122	20 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	99 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 5454	1 KB
0	adnxs.com Failed ib.adnxs.com Failed
0	3lift.com Failed eb2.3lift.com Failed
0	taboola.com Failed sync.taboola.com Failed
0	yahoo.com Failed ups.analytics.yahoo.com Failed
0	pubmatic.com Failed image2.pubmatic.com Failed
0	outbrain.com Failed sync.outbrain.com Failed
0	openx.net Failed us-u.openx.net Failed
0	rubiconproject.com Failed pixel.rubiconproject.com Failed
0	casalemedia.com Failed dsum-sec.casalemedia.com Failed
0	bidswitch.net Failed x.bidswitch.net Failed
108	28

	Domain	Requested by
25	terranovasecurity.com	cq4wg04.na1.hs-sales-engage.com terranovasecurity.com
14	consent-pref.trustarc.com	consent.trustarc.com consent-pref.trustarc.com terranovasecurity.com
11	fast.wistia.net	linoma.wistia.com fast.wistia.net terranovasecurity.com
6	consent.trustarc.com	terranovasecurity.com consent.trustarc.com
5	d.adroll.com	1 redirects s.adroll.com terranovasecurity.com
4	forms.hsforms.com	js.hsforms.net terranovasecurity.com
3	track.hubspot.com
3	fonts.gstatic.com	terranovasecurity.com
2	pipedream.wistia.com	fast.wistia.net
2	cm.g.doubleclick.net	2 redirects
2	forms-na1.hsforms.com	terranovasecurity.com
2	api.hubspot.com	js.usemessages.com
2	js.hsforms.net	terranovasecurity.com
2	cdn.jsdelivr.net	terranovasecurity.com cdn.jsdelivr.net
2	cq4wg04.na1.hs-sales-engage.com	1 redirects
1	forms.hubspot.com	js.hsleadflows.net
1	distillery.wistia.com	fast.wistia.net
1	fast.wistia.com	fast.wistia.net
1	embed-ssl.wistia.com	terranovasecurity.com
1	perf-na1.hsforms.com	terranovasecurity.com
1	consent-st.trustarc.com	consent-pref.trustarc.com
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hubspot.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	linoma.wistia.com	terranovasecurity.com
1	s.adroll.com	terranovasecurity.com
1	www.googletagmanager.com	terranovasecurity.com
1	js.hs-scripts.com	terranovasecurity.com
0	ipv4.d.adroll.com Failed	terranovasecurity.com
0	ib.adnxs.com Failed	terranovasecurity.com
0	eb2.3lift.com Failed	terranovasecurity.com
0	sync.taboola.com Failed	terranovasecurity.com
0	ups.analytics.yahoo.com Failed	terranovasecurity.com
0	image2.pubmatic.com Failed	terranovasecurity.com
0	sync.outbrain.com Failed	terranovasecurity.com
0	us-u.openx.net Failed	terranovasecurity.com
0	pixel.rubiconproject.com Failed	terranovasecurity.com
0	dsum-sec.casalemedia.com Failed	terranovasecurity.com
0	x.bidswitch.net Failed	terranovasecurity.com
108	42

This site contains links to these domains. Also see Links.

Domain
learn.microsoft.com
www.fortra.com

Subject Issuer	Validity	Valid
hs-sales-engage.com Cloudflare Inc ECC CA-3	`2023-05-23` - `2024-05-21`	a year	crt.sh
terranovasecurity.com E1	`2024-01-02` - `2024-04-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.trustarc.com Amazon RSA 2048 M02	`2023-04-17` - `2024-05-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
s.adroll.com Amazon RSA 2048 M01	`2023-06-03` - `2024-07-01`	a year	crt.sh
webservices-production-com-cloudfront-app-cname.wistia.com Amazon RSA 2048 M02	`2023-05-16` - `2024-06-13`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2023-10-09` - `2024-11-07`	a year	crt.sh
fast.wistia.net GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-02` - `2024-08-02`	a year	crt.sh
*.wistia.com Amazon RSA 2048 M02	`2024-01-01` - `2025-01-28`	a year	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-02` - `2024-08-02`	a year	crt.sh
pipedream-production-cloudfront-app-cname.wistia.com Amazon RSA 2048 M03	`2023-09-11` - `2024-10-09`	a year	crt.sh
stats-tap-production-cloudfront-app-cname.wistia.com Amazon RSA 2048 M01	`2023-09-13` - `2024-10-11`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Frame ID: 4DF6628A3E85A523BE938B2DA2DA4E79
Requests: 73 HTTP requests in this frame

Frame: https://linoma.wistia.com/embed/iframe/i12p9inb16
Frame ID: 32B9EC269221E18FA018C4211089C49B
Requests: 18 HTTP requests in this frame

Frame: https://consent.trustarc.com/get?name=crossdomain.html&domain=helpsystems.com
Frame ID: 5ECF6B23D28CB0FE92444053CA34BAD9
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=notice&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.fortra.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.fortra.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=f4f8d2ef-547e-4eb3-a8f1-4207c68c2629&userType=NEW
Frame ID: CFF359B7AF8714B3D145B9E25A865EF9
Requests: 15 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/defaultpreferencemanager/53754F6B83F1077EA08A2F9035B0EEBF.cache.html
Frame ID: 51494BA9C0F001E4BD7E071EC84BD87A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gone Phishing Tournament | Terranova Security

Page URL History Show full URLs

https://cq4wg04.na1.hs-sales-engage.com/Ctc/RF+23284/cq4WG04/JjT5fj_kW50kH_H6lZ3pMW7TwDKz1CPSW-W1tgTYz6G_v4GW6yyvlX5... Page URL
https://cq4wg04.na1.hs-sales-engage.com/events/public/v1/encoded/track/tc/RF+23284/cq4WG04/JjT5fj_kW50kH_H6lZ3pMW7Tw... HTTP 307
https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-g... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

TrustArc (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.trustarc\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

108
Requests

89 %
HTTPS

78 %
IPv6

28
Domains

42
Subdomains

27
IPs

3
Countries

2616 kB
Transfer

8018 kB
Size

16
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://learn.microsoft.com/en-us/azure/azure-sql/database/transparent-data-encryption-tde-overview?view=azuresql&tabs=azure-portal
Title: visiting Microsoft’s website

Search URL Search Domain Scan URL

URL: https://www.fortra.com/cookie-policy?__hstc=76129290.4026018d53025298a1370001d0184f9e.1704401707076.1704401707076.1704401707076.1&__hssc=76129290.1.1704401707077&__hsfp=1132539230
Title: Cookie Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cq4wg04.na1.hs-sales-engage.com/Ctc/RF+23284/cq4WG04/JjT5fj_kW50kH_H6lZ3pMW7TwDKz1CPSW-W1tgTYz6G_v4GW6yyvlX5DwHj0W7bMMxb6k7d3KW35FHqm8s61b-Mjq-wcGGw0YN6dBcdQl4VvlN7Gjys9mr78bW1pLvh56WjkZvW4dqWCz76tNmCVNNMrj8Dy1m4N6Y1SvQBTl43N80LV8PRxLFMN3YSw7-zY4fpW3yncNK688QHDW6y7Gjp3Dhvc9VZVQhX4Hr8bmW5hwpqt4xZVjhW6wnDV71Qh0B0W5LlFkD6GQ07bW4LxK613cpCCgF2_jjb7VsLNW1SbWc-70LKyFW4c9zxJ2gFHtVW8jT8pn7F9jVDW1XHjW1690yCDW1d_pmS7K1Mk5N4bFTqymh3McW5zD6962mqZlGW7qLTd_7x_6BGW939cQt86YJfkW95GZQH5tMS0tf2-LF-s04 Page URL
https://cq4wg04.na1.hs-sales-engage.com/events/public/v1/encoded/track/tc/RF+23284/cq4WG04/JjT5fj_kW50kH_H6lZ3pMW7TwDKz1CPSW-W1tgTYz6G_v4GW6yyvlX5DwHj0W7bMMxb6k7d3KW35FHqm8s61b-Mjq-wcGGw0YN6dBcdQl4VvlN7Gjys9mr78bW1pLvh56WjkZvW4dqWCz76tNmCVNNMrj8Dy1m4N6Y1SvQBTl43N80LV8PRxLFMN3YSw7-zY4fpW3yncNK688QHDW6y7Gjp3Dhvc9VZVQhX4Hr8bmW5hwpqt4xZVjhW6wnDV71Qh0B0W5LlFkD6GQ07bW4LxK613cpCCgF2_jjb7VsLNW1SbWc-70LKyFW4c9zxJ2gFHtVW8jT8pn7F9jVDW1XHjW1690yCDW1d_pmS7K1Mk5N4bFTqymh3McW5zD6962mqZlGW7qLTd_7x_6BGW939cQt86YJfkW95GZQH5tMS0tf2-LF-s04?_ud=e286ed73-6d7c-4e84-923b-61fe5edd6b04&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://d.adroll.com/cm/b/out?adroll_fpc=7a55cc0a4876de97d24c23cda8d40e45-1704401705191&pv=68339983887.278114&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&advertisable=YZJZ3MVNCZDDFHWIXHLWUO HTTP 0
https://x.bidswitch.net/sync?dsp_id=44&user_id=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY

Request Chain 54

https://d.adroll.com/cm/g/out?adroll_fpc=7a55cc0a4876de97d24c23cda8d40e45-1704401705191&pv=68339983887.278114&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&advertisable=YZJZ3MVNCZDDFHWIXHLWUO HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=oZKZ7arv_ECsYJTLTAjaLw HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=oZKZ7arv_ECsYJTLTAjaLw&google_tc= HTTP 302
https://d.adroll.com/cm/g/in

Request Chain 55

https://d.adroll.com/cm/index/out?adroll_fpc=7a55cc0a4876de97d24c23cda8d40e45-1704401705191&pv=68339983887.278114&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&advertisable=YZJZ3MVNCZDDFHWIXHLWUO HTTP 0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY&expiration=1735937705

Request Chain 57

https://d.adroll.com/cm/n/out?adroll_fpc=7a55cc0a4876de97d24c23cda8d40e45-1704401705191&pv=68339983887.278114&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&advertisable=YZJZ3MVNCZDDFHWIXHLWUO HTTP 0
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY&expires=365

Request Chain 58

https://d.adroll.com/cm/o/out?adroll_fpc=7a55cc0a4876de97d24c23cda8d40e45-1704401705191&pv=68339983887.278114&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&advertisable=YZJZ3MVNCZDDFHWIXHLWUO HTTP 0
https://us-u.openx.net/w/1.0/sd?id=537103138&val=a19299edaaeffc40ac6094cb4c08da2f&gdpr=1&gdpr_consent=

Request Chain 59

https://d.adroll.com/cm/outbrain/out?adroll_fpc=7a55cc0a4876de97d24c23cda8d40e45-1704401705191&pv=68339983887.278114&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&advertisable=YZJZ3MVNCZDDFHWIXHLWUO HTTP 0
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY&gdpr=1&gdpr_consent=&us_privacy=1---

Request Chain 60

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=7a55cc0a4876de97d24c23cda8d40e45-1704401705191&pv=68339983887.278114&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&advertisable=YZJZ3MVNCZDDFHWIXHLWUO HTTP 0
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 61

https://d.adroll.com/cm/r/out?adroll_fpc=7a55cc0a4876de97d24c23cda8d40e45-1704401705191&pv=68339983887.278114&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&advertisable=YZJZ3MVNCZDDFHWIXHLWUO HTTP 0
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 62

https://d.adroll.com/cm/taboola/out?adroll_fpc=7a55cc0a4876de97d24c23cda8d40e45-1704401705191&pv=68339983887.278114&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&advertisable=YZJZ3MVNCZDDFHWIXHLWUO HTTP 0
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY

Request Chain 63

https://d.adroll.com/cm/triplelift/out?adroll_fpc=7a55cc0a4876de97d24c23cda8d40e45-1704401705191&pv=68339983887.278114&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&advertisable=YZJZ3MVNCZDDFHWIXHLWUO HTTP 0
https://eb2.3lift.com/xuid?mid=4714&xuid=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY&dongle=c85e

Request Chain 64

https://d.adroll.com/cm/x/out?adroll_fpc=7a55cc0a4876de97d24c23cda8d40e45-1704401705191&pv=68339983887.278114&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&advertisable=YZJZ3MVNCZDDFHWIXHLWUO HTTP 0
https://ib.adnxs.com/setuid?entity=172&code=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY

108 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 JjT5fj_kW50kH_H6lZ3pMW7TwDKz1CPSW-W1tgTYz6G_v4GW6yyvlX5DwHj0W7bMMxb6k7d3KW35FHqm8s61b-Mjq-wcGGw0YN6dBcdQl4VvlN7Gjys9mr78bW1pLvh56WjkZvW4dqWCz76tNmCVNNMrj8Dy1m4N6Y1SvQBTl43N80LV8PRxLFMN3YSw7-zY4fpW3...
cq4wg04.na1.hs-sales-engage.com/Ctc/RF+23284/cq4WG04/ 8 KB
3 KB 377ms
348ms Document
text/html 2606:4700:4400::6812:265b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cq4wg04.na1.hs-sales-engage.com/Ctc/RF+23284/cq4WG04/JjT5fj_kW50kH_H6lZ3pMW7TwDKz1CPSW-W1tgTYz6G_v4GW6yyvlX5DwHj0W7bMMxb6k7d3KW35FHqm8s61b-Mjq-wcGGw0YN6dBcdQl4VvlN7Gjys9mr78bW1pLvh56WjkZvW4dqWCz76tNmCVNNMrj8Dy1m4N6Y1SvQBTl43N80LV8PRxLFMN3YSw7-zY4fpW3yncNK688QHDW6y7Gjp3Dhvc9VZVQhX4Hr8bmW5hwpqt4xZVjhW6wnDV71Qh0B0W5LlFkD6GQ07bW4LxK613cpCCgF2_jjb7VsLNW1SbWc-70LKyFW4c9zxJ2gFHtVW8jT8pn7F9jVDW1XHjW1690yCDW1d_pmS7K1Mk5N4bFTqymh3McW5zD6962mqZlGW7qLTd_7x_6BGW939cQt86YJfkW95GZQH5tMS0tf2-LF-s04

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:265b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-ray: 84066153ae049bce-FRA
content-encoding: br
content-type: text/html;charset=utf-8
date: Thu, 04 Jan 2024 20:55:03 GMT
referrer-policy: no-referrer
server: cloudflare
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 7
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/event-tracking-td/envoy-proxy-cb48dccbd-898h4
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 6547e99c-ed61-4b85-b7c9-852e0254fa6e
x-request-id: 6547e99c-ed61-4b85-b7c9-852e0254fa6e
x-robots-tag: none

GET
H2

200

Primary Request / Show response
terranovasecurity.com/gone-phishing-tournament/
Redirect Chain

https://cq4wg04.na1.hs-sales-engage.com/events/public/v1/encoded/track/tc/RF+23284/cq4WG04/JjT5fj_kW50kH_H6lZ3pMW7TwDKz1CPSW-W1tgTYz6G_v4GW6yyvlX5DwHj0W7bMMxb6k7d3KW35FHqm8s61b-Mjq-wcGGw0YN6dBcdQl4...
https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

237 KB
35 KB

1103ms
1031ms

Document
text/html

2606:4700:20::681a:e15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Requested by

Host: cq4wg04.na1.hs-sales-engage.com
URL: https://cq4wg04.na1.hs-sales-engage.com/Ctc/RF+23284/cq4WG04/JjT5fj_kW50kH_H6lZ3pMW7TwDKz1CPSW-W1tgTYz6G_v4GW6yyvlX5DwHj0W7bMMxb6k7d3KW35FHqm8s61b-Mjq-wcGGw0YN6dBcdQl4VvlN7Gjys9mr78bW1pLvh56WjkZvW4dqWCz76tNmCVNNMrj8Dy1m4N6Y1SvQBTl43N80LV8PRxLFMN3YSw7-zY4fpW3yncNK688QHDW6y7Gjp3Dhvc9VZVQhX4Hr8bmW5hwpqt4xZVjhW6wnDV71Qh0B0W5LlFkD6GQ07bW4LxK613cpCCgF2_jjb7VsLNW1SbWc-70LKyFW4c9zxJ2gFHtVW8jT8pn7F9jVDW1XHjW1690yCDW1d_pmS7K1Mk5N4bFTqymh3McW5zD6962mqZlGW7qLTd_7x_6BGW939cQt86YJfkW95GZQH5tMS0tf2-LF-s04

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

dee0df4033fccdefe604c08abcabfcb051cd399297a062bf06bd7e31f81ffb16

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cq4wg04.na1.hs-sales-engage.com/Ctc/RF+23284/cq4WG04/JjT5fj_kW50kH_H6lZ3pMW7TwDKz1CPSW-W1tgTYz6G_v4GW6yyvlX5DwHj0W7bMMxb6k7d3KW35FHqm8s61b-Mjq-wcGGw0YN6dBcdQl4VvlN7Gjys9mr78bW1pLvh56WjkZvW4dqWCz76tNmCVNNMrj8Dy1m4N6Y1SvQBTl43N80LV8PRxLFMN3YSw7-zY4fpW3yncNK688QHDW6y7Gjp3Dhvc9VZVQhX4Hr8bmW5hwpqt4xZVjhW6wnDV71Qh0B0W5LlFkD6GQ07bW4LxK613cpCCgF2_jjb7VsLNW1SbWc-70LKyFW4c9zxJ2gFHtVW8jT8pn7F9jVDW1XHjW1690yCDW1d_pmS7K1Mk5N4bFTqymh3McW5zD6962mqZlGW7qLTd_7x_6BGW939cQt86YJfkW95GZQH5tMS0tf2-LF-s04
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=31536000, stale-while-revalidate
cf-cache-status: DYNAMIC
cf-ray: 840661577d5265b3-FRA
content-encoding: br
content-security-policy: default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
content-type: text/html; charset=utf-8
date: Thu, 04 Jan 2024 20:55:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=() accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
referrer-policy: strict-origin-when-cross-origin strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bm%2Fwx3EohgkIqAb6fQq6fT19uJkESjmc7pfAwSRcFmT2obMCge4%2FHd9TvpMOQMcrfIOzoPMvvpjx%2Bv0tnvXnKjbWpfw19MYTef4UZi%2FyI3SHZzAP1KsBUIofnpv7g4RS3xBilDg8XCc77SVym6xNu627eA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-nextjs-cache: HIT
x-powered-by: Next.js
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-ray: 84066155f8e99bce-FRA
date: Thu, 04 Jan 2024 20:55:03 GMT
link: <https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot>; rel="canonical"
location: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
referrer-policy: no-referrer
server: cloudflare
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 34
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/event-tracking-td/envoy-proxy-cb48dccbd-cbm62
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 2f980f6e-0c41-47d5-8ff2-84d9b26d26a9
x-request-id: 2f980f6e-0c41-47d5-8ff2-84d9b26d26a9
x-robots-tag: none

GET
H2 200 themify-icons.css
cdn.jsdelivr.net/themify-icons/0.1.2/css/ 16 KB
3 KB 45ms
16ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/themify-icons/0.1.2/css/themify-icons.css

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f20e3068b2556a765a281d38b6fca12aed826607acea90394947a5640bb1ff55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4563652
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230094-FRA
server: cloudflare
etag: W/"4013-0RRdO5d1h6ftOnc3gS/c8qeWiyM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7fdNGFBNPPFkC1kKPyk3CGslWauyXlMOfYcd5y%2BJi50n7HUy8pQKVrRZngFdpCCzEilmdOyAvTXRT%2B05eR2JBI%2B6SDHCcyMavLyF4Ecq6Y4XPZXCeH4XH7Xgw%2Fn9pZsuYihA0wzL%2F12F13A8Ls%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8406615e181b4d64-FRA

GET
H2 200 notice Show response
consent.trustarc.com/ 14 KB
6 KB 119ms
87ms Script
text/javascript 65.9.95.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?domain=helpsystems.com&c=teconsent&gtm=1&text=true&pn=1-0&cookieLink=https://www.fortra.com/cookie-policy&privacypolicylink=https://www.fortra.com/privacy-policy

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-23.prg50.r.cloudfront.net

Software

Resource Hash

2eb50fa38c6cfe2818c76af62da81e46a7f43c5b16dc23e901cd836d6fe0cc7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
content-length: 5430
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: max-age=3600
timing-allow-origin: *
x-amz-cf-id: 7Q9kFp9lj0XVD5PTUNCi6uYxmCwBwM3riXMi41KS0NBeufPtMBrvXA==
expires: Thu, 04 Jan 2024 21:55:04 GMT

GET
H2 200 f85e205b9211a305.css
terranovasecurity.com/_next/static/css/ 1 MB
162 KB 55ms
54ms Stylesheet
text/css 2606:4700:20::681a:e15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://terranovasecurity.com/_next/static/css/f85e205b9211a305.css

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f60fef6529a81a918a89aeb56613e47bf51742e811700402c178f354ddd73368

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:04 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
age: 2569481
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified: Tue, 05 Dec 2023 22:26:50 GMT
server: cloudflare
etag: W/"13d9a2-18c3c17535d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iK1ONt%2Fx47BW1OyxgkvNLMezyvO85kBidV1kx34193M%2FZ6GzENwdEzkv%2FVfHKV%2F9vH5Vl32W0jYverNXD40MqbjGgz8y05SzNQWWIYMj1jEMaGvLeJ%2FRDRPuEr1XIsXaP8z5N1%2BPD5YgbukQZj5v9bmJ8A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
cf-ray: 8406615dfc3965b3-FRA

GET
H2 200 d2ff839667d4002a.css
terranovasecurity.com/_next/static/css/ 13 KB
4 KB 52ms
51ms Stylesheet
text/css 2606:4700:20::681a:e15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://terranovasecurity.com/_next/static/css/d2ff839667d4002a.css

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8007583d9447b0cdcc4f56931c615aace3a71b19702231bcfb16e4ecab02b265

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:04 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
age: 2569481
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified: Tue, 05 Dec 2023 22:26:50 GMT
server: cloudflare
etag: W/"34d0-18c3c17535d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0IsUzSJOjwprHuJT0l6NXLZRJaHPaBM%2FhP8gk%2F%2FFYKAG%2FYzC42aKpg0F3KXVhM%2F2NKqX2B3tDlo7GZ%2F0fUkn4uieDrSaAjjT6vixUOWQu0uAVFCL1QRgoogQZ8yABPg63RDvzpnKFbR0J0tRemnV1si0lg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
cf-ray: 8406615dfc3c65b3-FRA

GET
H3 200 webpack-38cee4c0e358b1a3.js Show response
terranovasecurity.com/_next/static/chunks/ 2 KB
3 KB 1117ms
1115ms Script
application/javascript 2606:4700:20::681a:e15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://terranovasecurity.com/_next/static/chunks/webpack-38cee4c0e358b1a3.js

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1e92a1c5827b02b976fdd931b13ee9f09d45d31db0edbaadf03ca82b96e9a5a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:05 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
age: 2573870
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified: Tue, 05 Dec 2023 22:26:50 GMT
server: cloudflare
etag: W/"6a4-18c3c175361"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PV7S6HMmErZhd%2BYrbvLSyJIx3UfeyRKRz%2BaZDzmuBtkko6PUVFQQuSf6%2B08YRtC5bD2AWq0WqLHse20MA7lqJCvVE7j5ZJnJguGnYKQ1o3uKf5Ori94xWXRaX0RpBsUWCDUlwHGgqPBNAOQPAWfWZ%2FNrHg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
cf-ray: 8406615e3fbe194b-FRA

GET
H3 200 framework-caa50651a91d07b1.js Show response
terranovasecurity.com/_next/static/chunks/ 127 KB
44 KB 1309ms
1307ms Script
application/javascript 2606:4700:20::681a:e15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://terranovasecurity.com/_next/static/chunks/framework-caa50651a91d07b1.js

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3707b6549f3877b7397dd6b4b168742deaccaf321dc930704c1843228fba2a4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:05 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
age: 2573870
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified: Tue, 05 Dec 2023 22:26:50 GMT
server: cloudflare
etag: W/"1fc11-18c3c175361"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0FsmJucRRjM6usY4M1ZBXB91USqWplEc5eDJDJ4Cd5bYu8IVInkLqOb3YPKllLWLvKcBnndfJUFIdigjN1enPGw6sni20eWx8cOzEBs9xiEv4nuRhf%2B2MNcEuvIHP4U2tgtsEzhMfahEhkq3IY9OP12rug%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
cf-ray: 8406615e3fbf194b-FRA

GET
H3 200 main-ec88316ff67b2a6d.js Show response
terranovasecurity.com/_next/static/chunks/ 117 KB
38 KB 649ms
647ms Script
application/javascript 2606:4700:20::681a:e15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://terranovasecurity.com/_next/static/chunks/main-ec88316ff67b2a6d.js

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cce1bef48b3bf7fd4bfdd0cad214e7aff14758b79cbef56537fbc9bbf7dddc7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:05 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
age: 2573871
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified: Tue, 05 Dec 2023 22:26:50 GMT
server: cloudflare
etag: W/"1d5c7-18c3c17535d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L7ebn6E6qJ41n4amqFG4nHwzzAVjpQC%2FDycwse%2Fb39yZvmNx5DyPvqlUXt5hp2A8DeCEhb17qW7aYkTwEEGzfbdMwY7prz69OOi%2BSgUigSLJeoosmCXdBkkstB7j%2F9kUt78%2FYQ%2FbdagMJptgkNmP1DLNfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
cf-ray: 8406615e3fc1194b-FRA

GET
H3 200 _app-638328fc91092ed1.js Show response
terranovasecurity.com/_next/static/chunks/pages/ 62 KB
23 KB 898ms
897ms Script
application/javascript 2606:4700:20::681a:e15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://terranovasecurity.com/_next/static/chunks/pages/_app-638328fc91092ed1.js

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41fb8d5a1d31b2c1414f677d1e6e5b6dc0163818018b5a0c1a094ca8ac3064c8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:05 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
age: 2573870
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified: Tue, 05 Dec 2023 22:26:50 GMT
server: cloudflare
etag: W/"f715-18c3c17535d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=edUCaaPrHlxZjKIRZ2nK807%2BVU6HERXZ7PWx%2FjyStzIBqNlh%2B56pRlold9G9pnWfqoZDpX3aSW05Q4ry7aOnGRzzUSnyn08hjVAWg1aFdoY9jXzO8gmCJdzqBIhiR7CZj%2F1S3onjj0DINVwr%2F6S9U5%2Bgdw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
cf-ray: 8406615e3fc3194b-FRA

GET
H3 200 363-e1e6bada824b96ac.js Show response
terranovasecurity.com/_next/static/chunks/ 572 KB
155 KB 1382ms
1380ms Script
application/javascript 2606:4700:20::681a:e15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://terranovasecurity.com/_next/static/chunks/363-e1e6bada824b96ac.js

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf8b177dd324a72d23a77126badfdc81f18b7a59c7f7c4ba1e9f3c96a71fd531

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:06 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
age: 2573871
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified: Tue, 05 Dec 2023 22:26:50 GMT
server: cloudflare
etag: W/"8f1d2-18c3c175361"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6nzJWsyRxKdLPs918F1zPW9JJ6R6i91icovG3LzqGmWaPQpr7Ry0XLisafq6PjeKbACJElbyGzLdt5yCmUKdgeN7G0jLkftQE6S4%2Bu5YJeFL6iOo4uBQ2Oh6IdwHBViRxyWFtULYyOaaS78qlVotk96Vg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
cf-ray: 8406615e3fc4194b-FRA

GET
H3 200 %5B%5B...page%5D%5D-d72f473945786026.js Show response
terranovasecurity.com/_next/static/chunks/pages/ 162 KB
39 KB 1067ms
1065ms Script
application/javascript 2606:4700:20::681a:e15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://terranovasecurity.com/_next/static/chunks/pages/%5B%5B...page%5D%5D-d72f473945786026.js

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39a1a1948bd1639798e87cd62a7375f5c0393ea7f2b76f3137db58b8817cd873

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:05 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
age: 2573870
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified: Tue, 05 Dec 2023 22:26:50 GMT
server: cloudflare
etag: W/"28775-18c3c175361"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AAs79yLgVhc790bdFm%2BdYXBcq7qoWMbrG9JwH8ruqNnaz0DX2RzV%2F034xNEdBqFWXukeOy30T9p7qFN%2BmHDROu5VHG9QUhYxbKIU5gVXnxTGVhr%2Ba2jgJZfUNAqAipP6Fnz4lo%2Fhrwjn89mBpwaVnF6g7g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
cf-ray: 8406615e3fc5194b-FRA

GET
H3 200 _buildManifest.js Show response
terranovasecurity.com/_next/static/x3BA_F7w7Ycm7SusPftQ0/ 862 B
3 KB 1124ms
1122ms Script
application/javascript 2606:4700:20::681a:e15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://terranovasecurity.com/_next/static/x3BA_F7w7Ycm7SusPftQ0/_buildManifest.js

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c339c3965ea8715fb47e9087f632ceff2769a8c41ea49098ae02a02394aa46ea

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:05 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
age: 79063
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified: Wed, 03 Jan 2024 19:59:57 GMT
server: cloudflare
etag: W/"35e-18cd0e944fa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stjT406YBC%2BtXk3KPeUknYC414IxHImsntq6zpWmdDJDcyxJ6faZyCC%2B5l2SEN162ljhJ0vDPLIg2RRbYUv2ZXWE2H7SyXFi8gp0Dan32dBCzrDz8KIt2A0Fs1L1vwjBwIchRbI1okINWvUDObsOpIHh5A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
cf-ray: 8406615e3fc6194b-FRA

GET
H3 200 _ssgManifest.js Show response
terranovasecurity.com/_next/static/x3BA_F7w7Ycm7SusPftQ0/ 99 B
2 KB 890ms
889ms Script
application/javascript 2606:4700:20::681a:e15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://terranovasecurity.com/_next/static/x3BA_F7w7Ycm7SusPftQ0/_ssgManifest.js

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

110d161aa5999066042d12f7cd25b37043af32363e703125ccb5d03f0f27fa60

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:05 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
age: 79063
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified: Wed, 03 Jan 2024 20:05:35 GMT
server: cloudflare
etag: W/"63-18cd0ee6aec"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pqLkfhyt3HFf4LsWDiBEdGemLrYfE7dJoPID92yXgkHN1KiMFjEL9AnODEKhXLHAc%2By1Kn2ZLK0K1HHFLUALs5yzUlqo5vR%2FXrgQemJC3T9rvRBfWbUXdeVxIh6Pk0uEBzHzOY8VvKpQ8Lte1Bg7Hv81Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
cf-ray: 8406615e3fc7194b-FRA

GET
H2 200 fta-terranova-security-light-no-padding.png
terranovasecurity.com/wp-content/uploads/2023/05/ 7 KB
7 KB 71ms
70ms Image
image/webp 2606:4700:20::681a:e15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://terranovasecurity.com/wp-content/uploads/2023/05/fta-terranova-security-light-no-padding.png

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1feb1702e51b432160dcfb04b2c55eb6822cc0d77f13a0273f41d60d96d6853

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:04 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
age: 4122
cf-polished: origFmt=png, origSize=16161
content-disposition: inline; filename="fta-terranova-security-light-no-padding.webp"
alt-svc: h3=":443"; ma=86400
content-length: 6994
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified: Thu, 04 May 2023 20:39:37 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "64541809-3f21"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YCLT9fkO5q7q%2BSEZUttG00qlnHMl6Vv6XwjXW5CJHgKHDyIRLJIWTmJ8WYho3EtkMr3GHniz0Nxe093jQcD6Qj0amSe%2FZ4Hkijk5tAy55NO6UWbDBn7iNcLcb8WuKohxTLVUPYnS48AgUTAzimlcU7%2BJfw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=16070400
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
cf-ray: 8406615dfc3f65b3-FRA

GET
H2 200 bars-solid.svg
terranovasecurity.com/images/ 569 B
646 B 51ms
51ms Image
image/svg+xml 2606:4700:20::681a:e15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://terranovasecurity.com/images/bars-solid.svg
Requested by: Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1846f7f9ed8915e7c3c7741661a7e58fbfa5faf95070c18fcc70333542bce6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2284
content-disposition: attachment
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified: Fri, 28 May 2021 15:30:42 GMT
server: cloudflare
etag: W/"60b10ca2-239"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tARBJBTtb493qZYvvuiAn85R8ISrpGFlBDRKZWDvjmhb6rUP5nChsWIdFMm2BGWQEsIdkJVpriIsXmECeAaJIphCOYGZ37azlwm%2BXiDcc0ccHItG%2F5V9GqPeF3%2FYnvXovGffj6QXpGKkLbfATkxfVTyoAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=16070400
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
cf-ray: 8406615dfc4065b3-FRA

GET
H3 200 GPT-logo-Dark.png
terranovasecurity.com/wp-content/uploads/2023/06/ 12 KB
14 KB 1034ms
1033ms Image
image/png 2606:4700:20::681a:e15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://terranovasecurity.com/wp-content/uploads/2023/06/GPT-logo-Dark.png

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91d9683d310155987ed8031c5312272f6f611815a80b8e4b33f81f9beee01638

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:05 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
alt-svc: h3=":443"; ma=86400
content-length: 12175
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified: Wed, 14 Jun 2023 15:42:13 GMT
server: cloudflare
etag: "6489dfd5-2f8f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5nZmgwD%2F5pxNa4WsJKD54yaBDpRZFT%2FUYtOLf4ktxiHxsolp3MJ3l6QLGZVxhkVp6%2F33J1fA6J7e5rJ2WM7GY18KAEGNuLFeba56heJPOLYQ7ZiI6paAeRGYobea8zRL2gLPcVNqB5gDAR76zqBB3Wu3Dw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=16070400
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
cf-ray: 8406615e3fbc194b-FRA

GET
H3 200 Microsoft-smaller-300x134.png
terranovasecurity.com/wp-content/uploads/2020/04/ 2 KB
5 KB 1202ms
1201ms Image
image/webp 2606:4700:20::681a:e15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://terranovasecurity.com/wp-content/uploads/2020/04/Microsoft-smaller-300x134.png

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5ba900cd5cf929170a2faa841b526060c9004467d21a16a8ae044bd340b60b9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:05 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
cf-polished: origFmt=png, origSize=2841
content-disposition: inline; filename="Microsoft-smaller-300x134.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2414
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified: Thu, 16 Sep 2021 12:31:41 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "6143392d-b19"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8HIFwL101APyYCzfQvTslyeBvBgbdrtmmpJbO%2B6xjext6vrYhPtUKr7n01LKlMMAMk3Gd3yZQiwFJbg8lV4YwYJnE%2BClLeH8tFWO8QOEeYn3%2BzOFlKi1tOcYuK%2BB7M%2FsX5S2Oc2vi1KBw2kmf%2FBOVmLImg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=16070400
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
cf-ray: 8406615e3fbd194b-FRA

GET
H3 200 Email-phishing.png
terranovasecurity.com/wp-content/uploads/2023/03/ 726 B
3 KB 949ms
947ms Image
image/webp 2606:4700:20::681a:e15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://terranovasecurity.com/wp-content/uploads/2023/03/Email-phishing.png

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ce2638addfb0f00f88b2a05d5d420c535045d0d52d30ec9d278242858142e30

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:05 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
cf-polished: origFmt=png, origSize=1886
content-disposition: inline; filename="Email-phishing.webp"
alt-svc: h3=":443"; ma=86400
content-length: 726
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified: Thu, 23 Mar 2023 15:35:36 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "641c71c8-75e"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=083jfow2X6BSd0t3VAX76wCjSRFYgOS0jDxSPV0lXwZBdJkCqT7EmJEiKodOJqlyliXRsj0wr1DSKlOiPVs27gVs1IyCHphBZ9wkpZ1ggVI05ukgUQQZ6soZkYFK8kveTH9QYt5rSJkgesOpjsHKQU87Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=16070400
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
cf-ray: 8406615e3fc8194b-FRA

GET
H3 200 discovery.png
terranovasecurity.com/wp-content/uploads/2023/06/ 638 B
3 KB 1730ms
1729ms Image
image/webp 2606:4700:20::681a:e15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://terranovasecurity.com/wp-content/uploads/2023/06/discovery.png

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddb3630a75fbd3d11638406782bc5794dc9b688e6d507687ac32ec0d1dcf98b8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:06 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
cf-polished: origFmt=png, origSize=1550
content-disposition: inline; filename="discovery.webp"
alt-svc: h3=":443"; ma=86400
content-length: 638
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified: Thu, 15 Jun 2023 14:56:52 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "648b26b4-60e"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yP9yYVx1MOSenFpvPko0KE42dYpUBFhfq4F2lrwxv1bP%2FNvaIK%2B9T2RyqGEjdn6tFi5iVNE8TUmsqnpTmyN4iXinKrA60OM3LoOtqnz41pf%2Bqm66WKj6wG%2FfuOMveQG2IqP59KX4LmxTgcLuq2k8lOJurQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=16070400
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
cf-ray: 8406615e3fca194b-FRA

GET
H3 200 compare.png
terranovasecurity.com/wp-content/uploads/2023/06/ 1010 B
3 KB 1476ms
1475ms Image
image/webp 2606:4700:20::681a:e15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://terranovasecurity.com/wp-content/uploads/2023/06/compare.png

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe6b0268fa234e4e2daef6e97043f6e1bd5715563c15b168f8cd2b1275b0044e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:06 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
cf-polished: origFmt=png, origSize=2398
content-disposition: inline; filename="compare.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1010
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified: Thu, 15 Jun 2023 14:52:11 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "648b259b-95e"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xi%2FZGZHjZV16QDxpbx9IuhpUFiQMZAUXemyQ5pzrsDxOOYtSG3lKhGoS84li8f9b6oE%2FsUaNGkh8mUCwVkWkj8tltmWNt9HANLeGw1PWGlKq66yxyGF8KEohupwC5Ej8qibR1yY%2BB%2FP%2Fhk5w%2BhK%2BaDh%2FuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=16070400
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
cf-ray: 8406615e3fcc194b-FRA

GET
H2 200 v2.js Show response
js.hsforms.net/forms/embed/ 485 KB
154 KB 76ms
41ms Script
application/javascript 2606:4700::6810:88ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/embed/v2.js

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:88ce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc2e1c7db0ffa63e5333bc3771c96bf5c5d704332d79dfcfbff8bc16187b1abf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-encoding: br
age: 426
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.4371/bundles/project-v2.js&cfRay=840656f3b97d3600-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"982d8d22d576c26eb044b0e746926bef"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.4371/bundles/project-v2.js
date: Thu, 04 Jan 2024 20:55:04 GMT
x-amz-version-id: wkCPEW5SoVMi9CoHH5BglhAxVEpTVVPC
via: 1.1 66b6cd04ec22251498906e833eb08668.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: cdc97541-28fb-41ef-abca-d6e3c620fa9d
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: cdc97541-28fb-41ef-abca-d6e3c620fa9d
last-modified: Wed, 20 Dec 2023 09:57:15 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jrn2CVDEK%2F6SrOIyeIZlM9koDmhMcPJkJyGjqgOtWFwsmlsoGWmcm86tM25hoMTwQm6kfNdRE%2BQc5TSxS3GTfZMSXNdJLPf65TmpMuDsKb%2FF7u5LOMVU4SKhxGqju%2FBU5tXXdr7ZZd8Ht2yy"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-798df77cc5-rdh4x
cf-ray: 8406615e69d53657-FRA
x-amz-cf-id: 0bXvwSkIM_fNVHYvyUbBtMAZkQWbaEBs5H1QswGWsSEt0y88JGddew==

GET
H2 200 3478499.js Show response
js.hs-scripts.com/ 2 KB
1 KB 159ms
139ms Script
application/javascript 2606:4700::6810:bb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/3478499.js

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bb59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d397a1a82954b84171f704b990718fba52e6589cf13bad607194efd62241a7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: cb3be839-a4bf-4267-95df-7069cbcfbc14
x-envoy-upstream-service-time: 4
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: cb3be839-a4bf-4267-95df-7069cbcfbc14
last-modified: Thu, 04 Jan 2024 19:57:17 GMT
server: cloudflare
x-trace: 2B41760B53C61A474D9169C897FFA4AD0E9FB46D88000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://terranovasecurity.com
x-evy-trace-virtual-host: all
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-57d4fb94bb-vf7wj
cf-ray: 8406615e5db0bba4-FRA
expires: Thu, 04 Jan 2024 20:56:04 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 300 KB
99 KB 84ms
56ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KVH26CK

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8556d15886b7985ee590f68c35e27086f9a06a6e42d526465a236207137e403f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100852
x-xss-protection: 0
last-modified: Thu, 04 Jan 2024 19:42:09 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Jan 2024 20:55:04 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/YZJZ3MVNCZDDFHWIXHLWUO/ 84 KB
26 KB 82ms
58ms Script
text/javascript 2600:9000:2127:b200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/YZJZ3MVNCZDDFHWIXHLWUO/roundtrip.js
Requested by: Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:b200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d8d5dc8bc1a7fd19740f0b72b44c0054d53a693d9887f01b2b50924dc74ef7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

X-Amz-Version-Id: x9xtsH4gP0WtsYyHtz86gT6eGTED4X6L
Content-Encoding: gzip
Via: 1.1 d9c696d6d0c92f63870873ced2895baa.cloudfront.net (CloudFront)
Date: Thu, 04 Jan 2024 20:55:04 GMT
Age: 1002
X-Amz-Cf-Pop: PRG50-C1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 02 Jan 2024 12:02:42 GMT
Server: AmazonS3
Etag: W/"3cdb6ef605bb7e35e771d9f76f84bc59"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: XXUMvIlLfVGiIhwsjjWe2rm6Gu0K5qPpa5J_Uj142WHnzdJg_Yqsig==

GET
H2 200 i12p9inb16 Show response
linoma.wistia.com/embed/iframe/ Frame 32B9 10 KB
4 KB 663ms
563ms Document
text/html 65.9.95.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://linoma.wistia.com/embed/iframe/i12p9inb16

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.128 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-128.prg50.r.cloudfront.net

Software

envoy /

Resource Hash

03e94e0bf26854c84af27e8d35f0802ed296a20e53930a321fb5eed3ad296bac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://terranovasecurity.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: public, no-cache
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 04 Jan 2024 20:55:05 GMT
etag: W/"03e94e0bf26854c84af27e8d35f0802e"
server: envoy
surrogate-control: max-age=87201, stale-while-revalidate=2629746, stale-if-error=2629746
surrogate-key: account_33597 media_i12p9inb16 git-sha_d9326f05304d601e6e41c88fbda7163a8da5cb14
timing-allow-origin: *
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
via: 1.1 badae0844eca8f0bad6677607d947120.cloudfront.net (CloudFront)
x-amz-cf-id: 8pQKvwnIKlI_V0SNW0-kqz2vqCedQj8c8UvT0Wa2SM_ZKuCpANc3bg==
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-envoy-upstream-service-time: 109
x-permitted-cross-domain-policies: none
x-request-id: f5e84f5f-1b03-49f9-86b3-cf57f6570611
x-runtime: 0.106982

GET
H3 200 GPT2021-01-02-v2.png
terranovasecurity.com/wp-content/uploads/2021/08/ 61 KB
63 KB 2315ms
2315ms Image
image/png 2606:4700:20::681a:e15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://terranovasecurity.com/wp-content/uploads/2021/08/GPT2021-01-02-v2.png?id=16745

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38bd79fe14f72f6c06682105fd7e2a5af3bb634f5d1e310e8d44d1a09e011019

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:07 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
alt-svc: h3=":443"; ma=86400
content-length: 62469
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified: Thu, 16 Sep 2021 12:31:42 GMT
server: cloudflare
etag: "6143392e-f405"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Cw3gEKyf6PnOB0873TGQYSkFvrClNCmmVukgYFyKkdc7hm6O6Q7VFoBwrj5IuuuS7giSBcKQX64TU41ldn0FA5KSodBze6RGBDInpDIESFv%2FQcpvokFNLSxfwJu7goI92JQz42vX0QfVtovO33O8Lw0Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=16070400
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
cf-ray: 8406615eb83b194b-FRA

GET
H3 200 GPT2021-03.png
terranovasecurity.com/wp-content/uploads/2021/07/ 22 KB
24 KB 1948ms
1948ms Image
image/png 2606:4700:20::681a:e15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://terranovasecurity.com/wp-content/uploads/2021/07/GPT2021-03.png?id=16540

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8057f810ccac33762c8504aae8b1bdeb148be632d16e57ea4bd8f8426e0ca58

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:06 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
alt-svc: h3=":443"; ma=86400
content-length: 22448
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified: Thu, 16 Sep 2021 12:31:42 GMT
server: cloudflare
etag: "6143392e-57b0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LRqU0M6X74aXbxaUKsB3S4kAndLvHI%2FQ0wcAsaqDkG7gcooeP50TBgQDrXiXwUUOLWODlnhQs8ZNIUBjogl2q8fC%2Fhk5%2BIBo9QJ1dtkYMDxAn2Onud8F7QlxqHoZt4QvwBoI0qC%2FcctKllUAVRTbAYG5og%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=16070400
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
cf-ray: 8406615eb83e194b-FRA

GET
H3 200 GPT2021-04-v2.png
terranovasecurity.com/wp-content/uploads/2021/08/ 116 KB
118 KB 2032ms
2032ms Image
image/png 2606:4700:20::681a:e15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://terranovasecurity.com/wp-content/uploads/2021/08/GPT2021-04-v2.png?id=16720

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd8d679af5e4c8f823875322af9d8d87a40d313409dd5aeb1ca86c57fbefa1c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:06 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
alt-svc: h3=":443"; ma=86400
content-length: 118450
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified: Thu, 16 Sep 2021 12:31:42 GMT
server: cloudflare
etag: "6143392e-1ceb2"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBmkWK4ugruR1WyxiZq8pFoC1Buo%2FuWtZByWFknK5P1mDnJ73ZRFvPNsGJvd528QkyhgR0pYveP4FFx7d%2FJVpbWs560CjUY3Y0d6Pcigp81zuzjoOukWihFmafBKBVZPRNo7b1P%2F26KjgPVDnAX3seb6uA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=16070400
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
cf-ray: 8406615ec83f194b-FRA

GET
H3 200 GPT2021-05-06.png
terranovasecurity.com/wp-content/uploads/2021/08/ 303 KB
305 KB 1747ms
1745ms Image
image/png 2606:4700:20::681a:e15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://terranovasecurity.com/wp-content/uploads/2021/08/GPT2021-05-06.png?id=16717

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a56da184efd39a5e42bba0bbbd3ceb1700e02237041825fef1eee34d57555226

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:06 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
alt-svc: h3=":443"; ma=86400
content-length: 310518
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified: Thu, 16 Sep 2021 12:31:42 GMT
server: cloudflare
etag: "6143392e-4bcf6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkGjUea7UYedzZga5P31obLiUQSH6iSBqiMhP8haLTGZokx9tqd9LE8kKOBoZZh%2Bqh7%2BpYwSyKJeOIUC%2BR6fkYwRBK0uxlZc3ZbFkO5IQUGldOY9eLB1VoeSp2Xz3SHfBKQwVtBN4BB%2FrHIoen6%2FPADAIw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=16070400
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
cf-ray: 8406615ec843194b-FRA

GET
H3 200 fontawesome-webfont.e9955780.woff2
terranovasecurity.com/_next/static/media/ 75 KB
78 KB 1570ms
1569ms Font
font/woff2 2606:4700:20::681a:e15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://terranovasecurity.com/_next/static/media/fontawesome-webfont.e9955780.woff2

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/_next/static/css/f85e205b9211a305.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://terranovasecurity.com/_next/static/css/f85e205b9211a305.css
Origin: https://terranovasecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:06 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
age: 819719
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified: Mon, 25 Dec 2023 15:52:05 GMT
server: cloudflare
etag: W/"12d68-18ca1ad1b7e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBBTxiwjIVREdboLIel24JL9O0d5hfMGdXeXFOGODYeEcs4iJXsegVSGhyocs%2FiPoZDs%2FoxYlO%2BI4ekHLanPf%2BasxtXLuMMZJaTzcaTzZEFNzQcpRlrtzvnGjWbdKccy4zLlcYjL0LbA2XG2DlCsC9zXqA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
cf-ray: 8406615ec846194b-FRA

GET
H2 200 pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 83ms
15ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://terranovasecurity.com/
Origin: https://terranovasecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 00:43:34 GMT
x-content-type-options: nosniff
age: 245490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:07:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 00:43:34 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 87ms
19ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://terranovasecurity.com/
Origin: https://terranovasecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 06:51:33 GMT
x-content-type-options: nosniff
age: 223411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:10:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 06:51:33 GMT

GET
H3 200 fa-solid-900.ce4938a3.woff2
terranovasecurity.com/_next/static/media/ 153 KB
155 KB 1598ms
1597ms Font
font/woff2 2606:4700:20::681a:e15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://terranovasecurity.com/_next/static/media/fa-solid-900.ce4938a3.woff2

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/_next/static/css/f85e205b9211a305.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://terranovasecurity.com/_next/static/css/f85e205b9211a305.css
Origin: https://terranovasecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:06 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
age: 2575026
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified: Tue, 05 Dec 2023 22:26:50 GMT
server: cloudflare
etag: W/"26350-18c3c175351"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cVdVVapP5RwyjUt131Gw4hBFjrR9kYlYTqxvhKIvTfFcc5iFmv%2BnTn5a%2BWcg6dJoaPArCfM74zW9l5yA93vlo%2FN%2FyqnUVd2tkTZ0GY3vXwtqCx4A5a0JhlvULNShpAolq6OI8448JxdEY0vX5SRL6ZQp9A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
cf-ray: 8406615ec848194b-FRA

GET
H3 200 themify.woff
cdn.jsdelivr.net/themify-icons/0.1.2/fonts/ 55 KB
55 KB 72ms
29ms Font
font/woff 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/themify-icons/0.1.2/fonts/themify.woff

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/themify-icons/0.1.2/css/themify-icons.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/themify-icons/0.1.2/css/themify-icons.css
Origin: https://terranovasecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4984817
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 56108
x-served-by: cache-fra-eddf8230053-FRA
server: cloudflare
etag: W/"db2c-k5TzW9Kt3SRma3m/w21PnSR8sB0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zhM5NYeIlk3WN8aEfiTttNG7Onsoajcx%2B0nOAwbVB3Sw3drW2%2BwP%2F%2BlAsPIt3NTZ5xzhS6%2F6mzVnK5kCP3T%2BaL4YZ5k%2FzZL181J8GoXfjDs9FfvirC0u0%2BXKo%2B5mSPYnO4wSoUS%2FS77FtjfKjHA%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8406615f09d85d8b-FRA

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 85ms
17ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://terranovasecurity.com/
Origin: https://terranovasecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 17:11:59 GMT
x-content-type-options: nosniff
age: 13385
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:10:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 17:11:59 GMT

GET
H2 200 v1.7-4543 Show response
consent.trustarc.com/asset/notice.js/v/ 89 KB
26 KB 111ms
29ms Script
text/javascript 65.9.95.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/asset/notice.js/v/v1.7-4543

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=helpsystems.com&c=teconsent&gtm=1&text=true&pn=1-0&cookieLink=https://www.fortra.com/cookie-policy&privacypolicylink=https://www.fortra.com/privacy-policy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-23.prg50.r.cloudfront.net

Software

Resource Hash

8f4a6fb3381557f58b402871de7c549a784aaffc6b4306825570c4013c406c01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://terranovasecurity.com/
Origin: https://terranovasecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:34:10 GMT
content-encoding: gzip
via: 1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: PRG50-C1
age: 1280
x-cache: Hit from cloudfront
pragma: public
last-modified: Tue, 12 Dec 2023 03:59:38 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: KcaC3aB1a4dHhhP7VVg26QpmpCZOKnMRPaPmUdDysZo7ntVYghp4WQ==
expires: Sat, 03 Feb 2024 20:33:44 GMT

GET
H2 200 get Show response
consent.trustarc.com/ Frame 5ECF 2 KB
1 KB 28ms
27ms Document
text/html 65.9.95.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/get?name=crossdomain.html&domain=helpsystems.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-23.prg50.r.cloudfront.net

Software

Resource Hash

093d12d8b3568fe7d205eab6a5ceb766772d6018aebe44d3e16f9e85fb7ab68e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://terranovasecurity.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2014
cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Thu, 04 Jan 2024 20:21:30 GMT
expires: Sat, 03 Feb 2024 20:21:30 GMT
pragma: public
strict-transport-security: max-age=31536000; includeSubDomains
timing-allow-origin: *
vary: Origin
via: 1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront)
x-amz-cf-id: 7agBLcgaie93-kMmm8R_XrLOlaDJRtXccCk6FhRSu7TQslvoBdaHQw==
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront

GET
H2 200 log
consent.trustarc.com/ 43 B
428 B 58ms
57ms Image
image/gif 65.9.95.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/log?domain=helpsystems.com&country=de&state=&behavior=expressed&session=f4f8d2ef-547e-4eb3-a8f1-4207c68c2629&userType=NEW&c=d552&referer=https://terranovasecurity.com

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-23.prg50.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 20:55:04 GMT
via: 1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: PRG50-C1
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: lPbLAeY6Fch-JvSM6FODhUzlmY6IvoU5ennE_5iHOnsuPH6de47M1w==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK json Show response
forms.hsforms.com/embed/v3/form/3478499/7b5974d2-fb15-4e38-b0b0-bb16dc862337/ 64 KB
9 KB 261ms
190ms XHR
application/json 2606:4700::6811:cff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/3478499/7b5974d2-fb15-4e38-b0b0-bb16dc862337/json?hs_static_app=forms-embed&hs_static_app_version=1.4371&X-HubSpot-Static-App-Info=forms-embed-1.4371

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cff9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24466a5d595002efcf7e286d6c4b58b51307c5d8497ef4bafc5d5a32c4e372a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://terranovasecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

X-Origin-Hublet: na1
Date: Thu, 04 Jan 2024 20:55:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
Content-Encoding: br
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 092a3b47-94fc-4fed-96e2-bb8b10ddb29e
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 42
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 092a3b47-94fc-4fed-96e2-bb8b10ddb29e
Server: cloudflare
X-Trace: 2B944CBFE78961066F4D2D044A8A9E7C9D4C14CD39000000000000000000
Vary: origin
Access-Control-Allow-Methods: OPTIONS, GET
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://terranovasecurity.com
x-evy-trace-virtual-host: all
Access-Control-Expose-Headers: X-Origin-Hublet
Access-Control-Max-Age: 180
Access-Control-Allow-Credentials: false
Cache-Control: max-age=0, no-cache, no-store
X-Robots-Tag: none
Access-Control-Allow-Headers: *
CF-RAY: 8406615fcc726901-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-795b47fdff-md75r

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/3478499/ 63 KB
20 KB 390ms
325ms Script
text/javascript 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/3478499/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3478499.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 236da1e279970d72ab0f28a2d9c9fde03100674452adabd32466c72f0890bfbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:05 GMT
x-amz-version-id: 32ou38jiXgLjiCrKouOYRnivOmB9b6AU
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: A1YB9EVZ96GG9P33
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 1f971883-4fd2-43a9-8fa7-c390eabb8f46
x-envoy-upstream-service-time: 47
x-amz-id-2: pbgYDl1iYofRjKwssnJPfDB9uQGkL4Bj2FG9JObDJ2Lwwt1iN/raJ3tIIhEML73RTYGL36WPUro=
x-evy-trace-listener: listener_https
x-request-id: 1f971883-4fd2-43a9-8fa7-c390eabb8f46
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 20 Dec 2023 15:38:06 GMT
server: cloudflare
etag: W/"052bb7a0a6fd58fd59703af8221f85e1"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.goanywhere.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-55f4f74954-5k9n2
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 840661601c313a94-FRA
expires: Thu, 04 Jan 2024 21:00:05 GMT

GET
H2 200 3478499.js Show response
js.hs-analytics.net/analytics/1704401700000/ 81 KB
23 KB 238ms
171ms Script
text/javascript 2606:4700::6810:4fba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1704401700000/3478499.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3478499.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4fba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a9f6a58f9aaba20d1750334fea4fd50593ed00d75e2a1aa3e99b3c5195e52cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:05 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: K4M0XPMGW05AQ9ZP
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 926d4d1e-1a42-444e-ba21-4117fda6e1f1
x-envoy-upstream-service-time: 23
x-amz-id-2: l3Sw8mABLyLa2s21hp40LrY9EbmtOOAHK6giJ4ZlPl4QLfS3/9LTIfRTIKEW24Y6FlVED0a9kryRh8HDEFYCXw==
x-evy-trace-listener: listener_https
x-request-id: 926d4d1e-1a42-444e-ba21-4117fda6e1f1
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 03 Jan 2024 22:31:54 GMT
server: cloudflare
etag: W/"3c8cfea34fb3d34cb1d86595aacda202"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-55f4f74954-8z6xl
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 840661601b7c2c2e-FRA
expires: Thu, 04 Jan 2024 21:00:05 GMT

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 79 KB
24 KB 222ms
138ms Script
application/javascript 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3478499.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0a2315923c48fc1d0652efb581b8db4bae0432b2823ce24ca77a211299cde10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://terranovasecurity.com/
Origin: https://terranovasecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.779/bundles/project.js&cfRay=840661603c4e1a7d-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"74a7784032d384ab8b680a383dfe7228"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.779/bundles/project.js
date: Thu, 04 Jan 2024 20:55:05 GMT
x-amz-version-id: utFFKfbcz6OI7awXJbpvILQMSF0IJITb
via: 1.1 68a3b1d5c75429221abc685a453afb60.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 465b460a-bc64-417d-a139-f1e167be9087
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
x-evy-trace-route-configuration: listener_https/all
x-request-id: 465b460a-bc64-417d-a139-f1e167be9087
last-modified: Wed, 03 Jan 2024 14:19:41 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2BBNFx51HpsfTXxyo%2Bq7z7Xz5Zwz5MUAYCaXrdSyOk%2BCpd0pnigvZX3eHiScPFWVCMuNbzDMas2Ztg%2B083eR4DO12WkShaiBgaRepsPAyZzsPADGVd6NLhHzEr3kr4iRdg%2BHIuwANqyaBBRv"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-798df77cc5-qcs85
cf-ray: 840661603c4e1a7d-FRA
x-amz-cf-id: GnhecRbHM0knQ8c-WPtGQyxIkR01wHfQoUKEsQJS2OBpS1v-idzgdA==

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 551 KB
88 KB 101ms
36ms Script
application/javascript 2606:4700::6812:7c0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3478499.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7c0c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b49a5d05ca41478b31f51cc2539a75937c3f921540aa90116a8f609e094d1811

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://terranovasecurity.com/
Origin: https://terranovasecurity.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-encoding: br
age: 22949
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1301/bundle/main/lead-flows-release.js&cfRay=840431165ba530cc-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"8a35e91df79ea2127dd121bdbbef865e"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1301/bundle/main/lead-flows-release.js
date: Thu, 04 Jan 2024 20:55:04 GMT
x-amz-version-id: z6CxNR7tOyvY9WtgJDh3TL771JIvwERG
via: 1.1 53b70ac9dc46d1c13992b291cf22a9aa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 5925af2f-fa5c-4d65-affd-0ee6ff9c0a1a
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 12
x-evy-trace-route-configuration: listener_https/all
x-request-id: 5925af2f-fa5c-4d65-affd-0ee6ff9c0a1a
last-modified: Wed, 03 Jan 2024 10:02:41 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-798df77cc5-hzdvl
cf-ray: 84066160182730ed-FRA
x-amz-cf-id: qp7JuMnKxmpYp-IJHFNVU5s0XSIEfp_bAiwgMOQCt3ttlXNimpIxnQ==

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 84 KB
24 KB 104ms
40ms Script
application/javascript 2606:4700::6811:fba8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3478499.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:fba8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08f09e95e50ae9c0181382558ff935903a7b273b4a8e5006788e85ae1c72c7c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:04 GMT
x-amz-version-id: KYDl9V0le_8eNyhqu8y2yzPaUoKjKmsM
via: 1.1 caafbc8a9aa04b09dd564a3ddef60622.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 339
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.15030/bundles/project.js&cfRay=840659134d6491e1-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 67a6f30b-ece7-4832-974c-50fad81aefdf
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 67a6f30b-ece7-4832-974c-50fad81aefdf
last-modified: Wed, 20 Dec 2023 17:16:05 UTC
server: cloudflare
etag: W/"64e2daa01b1349fee44794df69e776a8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-798df77cc5-9gm2w
cf-ray: 84066160192630d2-FRA
x-amz-cf-id: nG3l1ZfBZY64I7PGlgq3wNn66iRJb5pZH6V6K0BDsbt6Cc7VR66QIQ==
x-hs-target-asset: conversations-embed/static-1.15030/bundles/project.js

GET
H2 200 YZJZ3MVNCZDDFHWIXHLWUO Show response
d.adroll.com/consent/check/ 491 B
975 B 224ms
58ms Script
application/javascript 2a05:d018:cc3:fe04:8e67:cce2:569e:ad7f
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/YZJZ3MVNCZDDFHWIXHLWUO?pv=68339983887.278114&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&_s=9651677ccab1731df51f1fd324977acc&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/YZJZ3MVNCZDDFHWIXHLWUO/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:8e67:cce2:569e:ad7f Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: b7fb003560fcdd5d3d095f2333d23f5850e298b6c8031352ec8262a7444a05bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type: application/javascript
pragma: no-cache
date: Thu, 04 Jan 2024 20:55:05 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.22.1
content-length: 491
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2 200 / Show response
consent-pref.trustarc.com/ Frame CFF3 5 KB
3 KB 234ms
83ms Document
text/html 65.9.95.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=notice&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.fortra.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.fortra.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=f4f8d2ef-547e-4eb3-a8f1-4207c68c2629&userType=NEW

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-4543

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-46.prg50.r.cloudfront.net

Software

nginx /

Resource Hash

9f565b4cdf200b503b4c09d2e4644a1fbec24230e60b873ab7e09ae969a6fc1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://terranovasecurity.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 04 Jan 2024 20:55:05 GMT
etag: W/"5111-1701856286000"
expect-ct: max-age=86400; enforce;
last-modified: Wed, 06 Dec 2023 09:51:26 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
x-amz-cf-id: JiZVZseQkbVRIy68uKE4bjOzbUzusAr3rXWtWlNJy0QuUp0W75T67Q==
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

GET
H2 200 noticemsg
consent.trustarc.com/ 43 B
428 B 70ms
69ms Image
image/gif 65.9.95.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/noticemsg?action=consent&domain=helpsystems.com&behavior=expressed&country=de&language=de&rand=0.7159502699886733&session=f4f8d2ef-547e-4eb3-a8f1-4207c68c2629&userType=NEW&referer=https://terranovasecurity.com

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-23.prg50.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 20:55:04 GMT
via: 1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: PRG50-C1
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: 46ugkZbGFsh_G1BAj3y1t3NdSQPn9coaW3rTn8ioSkaAgaZGnZXPBA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 388 B
1 KB 147ms
146ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=3478499&conversations-embed=static-1.15030&mobile=false&messagesUtk=6c240e4bc05a4f74b461e2c9be5368b9&traceId=6c240e4bc05a4f74b461e2c9be5368b9

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e77f52c3131e3936d83ccf8fb84ce87650d8f064d48cfcada725096a5b2286b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://terranovasecurity.com/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: fea3cb89-4c10-49ec-9e02-4dd7cd3e3c6f
x-envoy-upstream-service-time: 10
content-length: 290
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: fea3cb89-4c10-49ec-9e02-4dd7cd3e3c6f
server: cloudflare
x-trace: 2BFD0384CEEB8E4993325F8E24665EA0A7787927DD000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://terranovasecurity.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-57d4fb94bb-8l2q9
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=31XtApZ%2BAVdYXgsNbK4O%2BDAak10JjUY7iZnkxrzeaPYTr63mKEkVeC%2BcuwKn3fsn6dRxISlO4f%2B47a3miU9Z%2FN662WUj6Tl7Bhq%2FxEDXvXl2GicXGb5V8RaMZtXdXAaXndMaIsCmPdgBX%2F2LxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 84066161aede1a7d-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 190ms
189ms Preflight
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://terranovasecurity.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://terranovasecurity.com
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 840661606cc81a7d-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Thu, 04 Jan 2024 20:55:05 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJ5WNvengY44ZzJo5tFte01mDLlkhnUR3cuswSOLgtTJGVc2ZwD7J%2BVcek2rc0r2NoiWer26SYb3hbQLFT%2FuCVJGQj3RnnkLI3m4duP7LwrPzLgPeGA4EQfLyRdYfIWOlcg%2BvT%2BVcocH2KIMlA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 8
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-57d4fb94bb-trpbd
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 00de4d4d-05d7-4a18-bcca-5917d974ce7f
x-request-id: 00de4d4d-05d7-4a18-bcca-5917d974ce7f
x-trace: 2B7C7DD18650128CD191FDE167FE6756F692BB39B8000000000000000000

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
625 B 162ms
123ms Image
image/gif 2606:4700::6811:cff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:cff9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 2b4bd6a5-55da-40ad-ae7b-4c18cc314ece
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2b4bd6a5-55da-40ad-ae7b-4c18cc314ece
server: cloudflare
x-trace: 2B94C0691C38E3C75C59FD220A75D7A802A7437808000000000000000000
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-795b47fdff-f2dhq
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 84066161591c92a1-FRA

GET
H/1.1 200
OK counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
1016 B 254ms
183ms Image
image/gif 2606:4700::6812:b07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 20:55:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 438a47dc-23a2-4e9c-bc7e-7bf58ee74730
x-envoy-upstream-service-time: 6
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 438a47dc-23a2-4e9c-bc7e-7bf58ee74730
Server: cloudflare
X-Trace: 2B46739D32264740936609E7030804A8AC49AC4D7B000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-795b47fdff-sbwb7
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 84066161cc475d8b-FRA

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 369 B
1 KB 139ms
130ms Fetch
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=3478499&currentUrl=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14103b64df9857f9f7ad1f02efaafba97ce4772e8d8b448857de69c3537c338d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: da5d1fc4-f796-4df0-bcaf-89d7a244d607
content-encoding: br
x-envoy-upstream-service-time: 11
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: da5d1fc4-f796-4df0-bcaf-89d7a244d607
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://terranovasecurity.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lbHJgzTKmOuTuR%2FLoQidj1Yg0pcy6ee6yISjpGAWGXUm%2FIdt5IURVvP7FzOgUbTlehcFKkcVyniXg%2FjMO0IzGdjJqDtRBBJYTCJ1MBQ0XtMOClnwdL9DSCaq3YwFR8cceRqS8Yx9MTiyiDeC%2BlqSjvRCgWHD2ytLYQI%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 840661618eaa1a7d-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-795b47fdff-bhrjw

GET
H2 200 RNNFO6UBZND2PCEUN2KUDQ Show response
d.adroll.com/segment/YZJZ3MVNCZDDFHWIXHLWUO/ 42 B
983 B 54ms
54ms XHR
image/gif 2a05:d018:cc3:fe04:8e67:cce2:569e:ad7f
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/segment/YZJZ3MVNCZDDFHWIXHLWUO/RNNFO6UBZND2PCEUN2KUDQ?adroll_fpc=7a55cc0a4876de97d24c23cda8d40e45-1704401705191&pv=68339983887.278114&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&cookie=&adroll_s_ref=&keyw=&p0=178&adroll_external_data=&adroll_version=2.0
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/YZJZ3MVNCZDDFHWIXHLWUO/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:8e67:cce2:569e:ad7f Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:05 GMT
x-segment-display-name: Visitors to Unsegmented Pages
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
x-rule-type: p
content-length: 42
pragma: no-cache
x-conversion-value: 0.0
server: nginx/1.22.1
x-rule: *
x-segment-eid: 3HL3E4EA7BGJXPJVPURXBG
content-type: image/gif
access-control-allow-origin: https://terranovasecurity.com
access-control-expose-headers: X-Conversion-Value, X-Conversion-Currency, X-Advertisable-Eid, X-Segment-Eid, X-Rule-Type, X-Pixel-Eid
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-request-methods: GET
x-pixel-eid: RNNFO6UBZND2PCEUN2KUDQ
x-organization-eid: 7VRYU4GW6NFWPPGLK4GOQJ
access-control-allow-headers: *
x-advertisable-eid: YZJZ3MVNCZDDFHWIXHLWUO
x-conversion-currency
x-segment-name: *

GET

sync
x.bidswitch.net/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=7a55cc0a4876de97d24c23cda8d40e45-1704401705191&pv=68339983887.278114&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0...
https://x.bidswitch.net/sync?dsp_id=44&user_id=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY

0
0

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=7a55cc0a4876de97d24c23cda8d40e45-1704401705191&pv=68339983887.278114&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0...
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=oZKZ7arv_ECsYJTLTAjaLw
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=oZKZ7arv_ECsYJTLTAjaLw&google_tc=
https://d.adroll.com/cm/g/in

42 B
550 B

67ms
67ms

Image
image/gif

2a05:d018:cc3:fe04:8e67:cce2:569e:ad7f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Requested by: Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol: H2
Server: 2a05:d018:cc3:fe04:8e67:cce2:569e:ad7f Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Jan 2024 20:55:05 GMT
server: nginx/1.22.1
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Thu, 04 Jan 2024 20:55:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://d.adroll.com/cm/g/in
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?adroll_fpc=7a55cc0a4876de97d24c23cda8d40e45-1704401705191&pv=68339983887.278114&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dc...
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY&expiration=1735937705

0
0

GET
H2 200 out
d.adroll.com/cm/l/ 42 B
180 B 56ms
51ms Image
image/gif 2a05:d018:cc3:fe04:8e67:cce2:569e:ad7f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/l/out?adroll_fpc=7a55cc0a4876de97d24c23cda8d40e45-1704401705191&pv=68339983887.278114&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&advertisable=YZJZ3MVNCZDDFHWIXHLWUO
Requested by: Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:8e67:cce2:569e:ad7f Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:05 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.22.1
content-length: 42
vary: Cookie
content-type: image/gif

GET

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?adroll_fpc=7a55cc0a4876de97d24c23cda8d40e45-1704401705191&pv=68339983887.278114&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0...
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY&expires=365

0
0

GET

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=7a55cc0a4876de97d24c23cda8d40e45-1704401705191&pv=68339983887.278114&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0...
https://us-u.openx.net/w/1.0/sd?id=537103138&val=a19299edaaeffc40ac6094cb4c08da2f&gdpr=1&gdpr_consent=

0
0

GET

cookie-sync
sync.outbrain.com/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?adroll_fpc=7a55cc0a4876de97d24c23cda8d40e45-1704401705191&pv=68339983887.278114&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%...
https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY&gdpr=1&gdpr_consent=&us_privacy=1---

0
0

GET

Pug
image2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?adroll_fpc=7a55cc0a4876de97d24c23cda8d40e45-1704401705191&pv=68339983887.278114&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXy...

0
0

GET

sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=7a55cc0a4876de97d24c23cda8d40e45-1704401705191&pv=68339983887.278114&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0...
https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
0

GET

rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain

https://d.adroll.com/cm/taboola/out?adroll_fpc=7a55cc0a4876de97d24c23cda8d40e45-1704401705191&pv=68339983887.278114&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3...
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY

0
0

GET

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?adroll_fpc=7a55cc0a4876de97d24c23cda8d40e45-1704401705191&pv=68339983887.278114&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcod...
https://eb2.3lift.com/xuid?mid=4714&xuid=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY&dongle=c85e

0
0

GET

setuid
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=7a55cc0a4876de97d24c23cda8d40e45-1704401705191&pv=68339983887.278114&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0...
https://ib.adnxs.com/setuid?entity=172&code=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY

0
0

GET RNNFO6UBZND2PCEUN2KUDQ
ipv4.d.adroll.com/seg4/YZJZ3MVNCZDDFHWIXHLWUO/ 0
0

GET
H2 200 defaultpreferencemanager.nocache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame CFF3 5 KB
3 KB 71ms
68ms Script
application/javascript 65.9.95.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=notice&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.fortra.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.fortra.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=f4f8d2ef-547e-4eb3-a8f1-4207c68c2629&userType=NEW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-46.prg50.r.cloudfront.net

Software

nginx /

Resource Hash

7c2fce837c4e93ce939702c1b7cef4e62449752fb52e68ee18ac98a1b7d6a65b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=notice&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.fortra.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.fortra.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=f4f8d2ef-547e-4eb3-a8f1-4207c68c2629&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:05 GMT
content-encoding: gzip
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 06 Dec 2023 09:51:44 GMT
server: nginx
etag: W/"4867-1701856304000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: 5zysusRSlMLHDHUfb0vCeNee4z8LEaLwoWCGuR0ZDXFo0ytEBcq7Uw==
expires: Thu, 04 Jan 2024 20:55:04 GMT

GET
H2 200 get Show response
consent-st.trustarc.com/ Frame CFF3 20 KB
5 KB 69ms
16ms Script
text/javascript 65.9.95.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-st.trustarc.com/get?name=combined_static_cm_minified.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-79.prg50.r.cloudfront.net

Software

Resource Hash

f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: public
date: Wed, 03 Jan 2024 19:45:14 GMT
content-encoding: gzip
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: PRG50-C1
age: 90591
vary: Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: 3V4ONSjr_mP0W50ePI-oLX_PSrVJBuPQEsvKvqPobB6yDF9R7gobIg==
expires: Fri, 02 Feb 2024 19:45:14 GMT

GET
H2 200 loading.gif
consent-pref.trustarc.com/images/ Frame CFF3 3 KB
3 KB 29ms
29ms Image
image/gif 65.9.95.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loading.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-46.prg50.r.cloudfront.net

Software

nginx /

Resource Hash

eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=notice&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.fortra.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.fortra.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=f4f8d2ef-547e-4eb3-a8f1-4207c68c2629&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:21:37 GMT
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: PRG50-C1
age: 2114
x-cache: Hit from cloudfront
content-length: 2608
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 06 Dec 2023 09:51:26 GMT
server: nginx
etag: W/"2608-1701856286000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/gif
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: c7SQI22-aIlGHK1AlfMz711YqecLZSq7arh9DHvY4TLlO23fbBykvQ==

GET
H2 200 53754F6B83F1077EA08A2F9035B0EEBF.cache.html Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 5149 142 KB
47 KB 19ms
19ms Document
text/html 65.9.95.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/53754F6B83F1077EA08A2F9035B0EEBF.cache.html

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-46.prg50.r.cloudfront.net

Software

nginx /

Resource Hash

38ecab22c16bef44fbe268de3e168ead209d46f9e281316ba81774aab345b283

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=notice&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.fortra.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.fortra.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=f4f8d2ef-547e-4eb3-a8f1-4207c68c2629&userType=NEW
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2045765
cache-control: max-age=315360000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 12 Dec 2023 04:39:00 GMT
etag: W/"144915-1701856304000"
expect-ct: max-age=86400; enforce;
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 06 Dec 2023 09:51:44 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
x-amz-cf-id: e-J7pAIx8p8Qi1KqkzaG-aNpabr0wTa18IlUfW-Bo-cpImFroFtM1A==
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame CFF3 1 KB
1 KB 77ms
75ms XHR
application/json 65.9.95.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/53754F6B83F1077EA08A2F9035B0EEBF.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-46.prg50.r.cloudfront.net

Software

nginx /

Resource Hash

365c4e4e15bb05abb8135ba921b7ff58c93459e1b8eda9e1835c13ba7ecec1b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 53754F6B83F1077EA08A2F9035B0EEBF
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=notice&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.fortra.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.fortra.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=f4f8d2ef-547e-4eb3-a8f1-4207c68c2629&userType=NEW
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Thu, 04 Jan 2024 20:55:05 GMT
content-encoding: gzip
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 481
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: 0oyUG5oATJJRWUFggcTyelQ-lGF5i7qLzsD-2Loe0LvADA-Zb148kw==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame CFF3 48 B
623 B 82ms
80ms XHR
application/json 65.9.95.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/53754F6B83F1077EA08A2F9035B0EEBF.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-46.prg50.r.cloudfront.net

Software

nginx /

Resource Hash

2d049822d55a81553f2ca0e808471070b2db92cbda16626efc5778e553272b7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 53754F6B83F1077EA08A2F9035B0EEBF
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=notice&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.fortra.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.fortra.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=f4f8d2ef-547e-4eb3-a8f1-4207c68c2629&userType=NEW
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Thu, 04 Jan 2024 20:55:05 GMT
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 48
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: bDBSXyYyZwyK3K0YCGYzWanbt6BK_v_itX1EaPOIPj_Ky62S9sHu3g==

GET
H/1.1 200
OK counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
1 KB 165ms
147ms Image
image/gif 2606:4700::6812:a07d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a07d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Thu, 04 Jan 2024 20:55:05 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 3409c2b5-891c-4fab-b78a-2842bef6a7b9
x-envoy-upstream-service-time: 13
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 3409c2b5-891c-4fab-b78a-2842bef6a7b9
Last-Modified: Thu, 04 Jan 2024 20:55:05 GMT
Server: cloudflare
X-Trace: 2BD879C829B2825212D7DEE43ECB90791EC72EF7AB000000000000000000
Vary: origin, Accept-Encoding
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-795b47fdff-6whd7
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
X-Robots-Tag: none
CF-RAY: 84066162682c1c40-FRA

GET
H2 200 insideIframe.js Show response
fast.wistia.net/assets/external/ Frame 32B9 45 KB
12 KB 59ms
30ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/insideIframe.js

Requested by

Host: linoma.wistia.com
URL: https://linoma.wistia.com/embed/iframe/i12p9inb16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fd63ae3c4d40439c3256053ca79e4c5e2ff7cc82c2a0e268e2907af6948fed38

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://linoma.wistia.com/
Origin: https://linoma.wistia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:05 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3081
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 12079
x-served-by: cache-iad-kjyo7100022-IAD, cache-fra-etou8220104-FRA
x-browser-version: 120
last-modified: Wed, 03 Jan 2024 19:03:06 GMT
server: AmazonS3
x-timer: S1704401705.368910,VS0,VE0
etag: "375725d1e46234712497ec563ccd470b"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 5adb6ecf07af472f8a0076e794f84a54331d78cc
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 35, 54

GET
H2 200 E-v1.js Show response
fast.wistia.net/assets/external/ Frame 32B9 741 KB
126 KB 65ms
32ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/E-v1.js

Requested by

Host: linoma.wistia.com
URL: https://linoma.wistia.com/embed/iframe/i12p9inb16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1cfea9c2560f92f921901138514a6bef5370b77a265a62151e446d3f50140a9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linoma.wistia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:05 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3070
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 128558
x-served-by: cache-iad-kiad7000102-IAD, cache-fra-etou8220036-FRA
x-browser-version: 120
last-modified: Wed, 03 Jan 2024 19:03:06 GMT
server: AmazonS3
x-timer: S1704401705.373839,VS0,VE0
etag: "dd11a26444e150465636690e12beb0fd"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 5adb6ecf07af472f8a0076e794f84a54331d78cc
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 49, 4

GET
H2 200 swatch
fast.wistia.net/embed/medias/i12p9inb16/ Frame 32B9 3 KB
4 KB 140ms
110ms Image
image/jpeg 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.net/embed/medias/i12p9inb16/swatch

Requested by

Host: linoma.wistia.com
URL: https://linoma.wistia.com/embed/iframe/i12p9inb16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

25c864ad288d5841dd1aad9d4c2dd46d1e220690f11addf034e937fa59717a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linoma.wistia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:05 GMT
access-control-request-method: *
via: 1.1 e880df37740c4e68e519f8478d14cb88.cloudfront.net (CloudFront), 1.1 6c06d3b8fdddf587c323accc30a7e51c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
x-cdn: cloudfront
x-amz-cf-pop: IAD89-P2, MIA3-C4
age: 61550
edge-cache-tag: 1b95fe468b198aec76bca63b76313a5c
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 28
content-disposition: inline
content-length: 3154
x-served-by: cache-iad-kjyo7100027-IAD, cache-fra-etou8220036-FRA
x-browser-version: 120
last-modified: Thu, 29 Jun 2023 07:29:26 UTC
server: envoy
x-timer: S1704401705.374539,VS0,VE1
etag: MXbwsUtwkwOKIGDLOdEYRUNJfKE=
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, no-cache,max-age=31536000
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: rk3ypUx9CL2JSix-dN4cWvS7Nn3vixV0hAUji2sn3jsjZ_iT5mONBw==
x-cache-hits: 51, 1

GET
H2 200 EuPreferenceManager.css
consent-pref.trustarc.com/ Frame CFF3 30 KB
7 KB 49ms
48ms Stylesheet
text/css 65.9.95.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/EuPreferenceManager.css

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/53754F6B83F1077EA08A2F9035B0EEBF.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-46.prg50.r.cloudfront.net

Software

nginx /

Resource Hash

176f46d1332bd15e158ba501961d4614a40522c0b622bc981036251478694812

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=notice&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.fortra.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.fortra.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=f4f8d2ef-547e-4eb3-a8f1-4207c68c2629&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:21:37 GMT
content-encoding: gzip
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: PRG50-C1
age: 2179
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 06 Dec 2023 09:51:26 GMT
server: nginx
etag: W/"30603-1701856286000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: no-cache
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: mAN-k9XyiDlqxPc8sioqSZeCIYmp4XUtbSCwcOprPgu7IlQ4P5x94g==
expires: Thu, 04 Jan 2024 20:18:45 GMT

GET
H2 200 11.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/53754F6B83F1077EA08A2F9035B0EEBF/ Frame CFF3 267 KB
91 KB 58ms
57ms XHR
application/javascript 65.9.95.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/53754F6B83F1077EA08A2F9035B0EEBF/11.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/53754F6B83F1077EA08A2F9035B0EEBF.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-46.prg50.r.cloudfront.net

Software

nginx /

Resource Hash

4fca34a1d103c87bde6d04f07d32de7782349258552ddef90c50f1bb2991386b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=notice&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.fortra.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.fortra.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=f4f8d2ef-547e-4eb3-a8f1-4207c68c2629&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 04:39:01 GMT
content-encoding: gzip
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: PRG50-C1
age: 2045764
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 06 Dec 2023 09:51:44 GMT
server: nginx
etag: W/"273127-1701856304000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: R9arzJTp8YCAsCaDLSVEdZYIxz5DGmISjSQ9VTlHY29VOTnKA4nnPw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/53754F6B83F1077EA08A2F9035B0EEBF/ Frame CFF3 21 KB
9 KB 19ms
19ms XHR
application/javascript 65.9.95.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/53754F6B83F1077EA08A2F9035B0EEBF/1.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/53754F6B83F1077EA08A2F9035B0EEBF.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-46.prg50.r.cloudfront.net

Software

nginx /

Resource Hash

82ca468f0d48287ddaa8795313ba57708377842b6e077d12884b9c2bcc51a8f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=notice&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.fortra.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.fortra.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=f4f8d2ef-547e-4eb3-a8f1-4207c68c2629&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 04:39:22 GMT
content-encoding: gzip
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: PRG50-C1
age: 2045743
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 06 Dec 2023 09:51:44 GMT
server: nginx
etag: W/"21349-1701856304000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: OOYHJbAAlw-8hwnaestYu4sGgvkMWspQiF46NysgAjXRarWTbP2xqw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 captions.js Show response
fast.wistia.net/assets/external/ Frame 32B9 162 KB
34 KB 19ms
18ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/captions.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

89fe9807b5b69624828758b65407a46f6c42d6b79abfcca367bf4272ad2cacf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linoma.wistia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:05 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3268
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 33906
x-served-by: cache-iad-kiad7000136-IAD, cache-fra-etou8220036-FRA
x-browser-version: 120
last-modified: Wed, 03 Jan 2024 19:03:06 GMT
server: AmazonS3
x-timer: S1704401706.566639,VS0,VE0
etag: "0a2dd78c662aa5b594954b32dbe9fae7"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 5adb6ecf07af472f8a0076e794f84a54331d78cc
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 39, 28

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame CFF3 856 B
944 B 80ms
80ms XHR
application/json 65.9.95.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/53754F6B83F1077EA08A2F9035B0EEBF.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-46.prg50.r.cloudfront.net

Software

nginx /

Resource Hash

714033706d3272019efabd4624a61b9f925a1daf38615770b734564600ca637d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 53754F6B83F1077EA08A2F9035B0EEBF
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=notice&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.fortra.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.fortra.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=f4f8d2ef-547e-4eb3-a8f1-4207c68c2629&userType=NEW
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Thu, 04 Jan 2024 20:55:05 GMT
content-encoding: gzip
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 353
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: xt6EtctDVwuL5Veb7Jv8Gy_msdMsRfMlWVo9sY8vp3LrzinjJsAoWg==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame CFF3 24 KB
7 KB 81ms
79ms XHR
application/json 65.9.95.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/53754F6B83F1077EA08A2F9035B0EEBF.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-46.prg50.r.cloudfront.net

Software

nginx /

Resource Hash

554008a2a8ed087640afa2529308c94093037068345160b2e5cf5fede0ef2cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 53754F6B83F1077EA08A2F9035B0EEBF
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=notice&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.fortra.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.fortra.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=f4f8d2ef-547e-4eb3-a8f1-4207c68c2629&userType=NEW
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Thu, 04 Jan 2024 20:55:05 GMT
content-encoding: gzip
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 6347
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: ZK65sgiq_vhAqBY1qM80_u8JhHbNWKDlPMUxWOs8ZrwdyXyMU79jPA==

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.net/assets/external/ Frame 32B9 79 KB
21 KB 31ms
30ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0e59f8184388cbf7873147d14016ebf88a7f73feb7802e9fe764aa6dedc2809c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Origin: https://linoma.wistia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:05 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3068
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 21103
x-served-by: cache-iad-kiad7000148-IAD, cache-fra-etou8220104-FRA
x-browser-version: 120
last-modified: Wed, 03 Jan 2024 19:03:06 GMT
server: AmazonS3
x-timer: S1704401706.610388,VS0,VE0
etag: "7061aad4670a61dbecdcde446142fc17"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 5adb6ecf07af472f8a0076e794f84a54331d78cc
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 21, 54

GET
H2 200 i12p9inb16.json Show response
fast.wistia.net/embed/captions/ Frame 32B9 2 KB
1 KB 42ms
41ms Fetch
application/json 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/embed/captions/i12p9inb16.json

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/captions.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

7f182f8fbdc4cd17081daa0a46247e301f597cf0612741b51d5d1649552c918d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linoma.wistia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:05 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=0
via: 1.1 ffa4b37ccdc94a8c62bf6b6414725210.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD89-C3
age: 3505
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 72
content-length: 896
x-request-id: 86de1e13-81ad-4d94-b31f-4eec3b48b9c1
x-served-by: cache-iad-kcgs7200150-IAD, cache-fra-etou8220104-FRA
x-runtime: 0.070025
x-browser-version: 120
server: envoy
x-timer: S1704401706.612979,VS0,VE4
etag: W/"7f182f8fbdc4cd17081daa0a46247e30"
vary: Accept-Encoding,X-Forwarded-Proto
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: iJ5U6HarjO4ea-CNp-XJm9hp-O5S5c-YLjZsBTziq5sJuD96gXUK4g==
x-cache-hits: 31, 1

GET
H2 200 interFontFace.js Show response
fast.wistia.net/assets/external/ Frame 32B9 45 KB
18 KB 37ms
36ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/interFontFace.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/captions.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a774b19d5173d81cf31cc63eff99b6ee8d9dd29651acfb93efa45f88459421dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Origin: https://linoma.wistia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:05 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3181
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 18255
x-served-by: cache-iad-kcgs7200089-IAD, cache-fra-etou8220104-FRA
x-browser-version: 120
last-modified: Wed, 03 Jan 2024 19:03:06 GMT
server: AmazonS3
x-timer: S1704401706.619160,VS0,VE0
etag: "e6186b0372b100dc5cc6243bf65e2c68"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 5adb6ecf07af472f8a0076e794f84a54331d78cc
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 38, 28

GET
DATA 200
OK truncated
/ Frame 32B9 2 KB
2 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf

Request headers

Referer
Origin: https://linoma.wistia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 swatch
fast.wistia.net/embed/medias/i12p9inb16/ Frame 32B9 3 KB
4 KB 46ms
46ms Image
image/jpeg 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.net/embed/medias/i12p9inb16/swatch

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

25c864ad288d5841dd1aad9d4c2dd46d1e220690f11addf034e937fa59717a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linoma.wistia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:05 GMT
access-control-request-method: *
via: 1.1 e880df37740c4e68e519f8478d14cb88.cloudfront.net (CloudFront), 1.1 6c06d3b8fdddf587c323accc30a7e51c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
x-cdn: cloudfront
x-amz-cf-pop: IAD89-P2, MIA3-C4
age: 61550
edge-cache-tag: 1b95fe468b198aec76bca63b76313a5c
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 28
content-disposition: inline
content-length: 3154
x-served-by: cache-iad-kjyo7100027-IAD, cache-fra-etou8220036-FRA
x-browser-version: 120
last-modified: Thu, 29 Jun 2023 07:29:26 UTC
server: envoy
x-timer: S1704401706.666585,VS0,VE0
etag: MXbwsUtwkwOKIGDLOdEYRUNJfKE=
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, no-cache,max-age=31536000
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: rk3ypUx9CL2JSix-dN4cWvS7Nn3vixV0hAUji2sn3jsjZ_iT5mONBw==
x-cache-hits: 51, 2

GET
H2 200 1b95fe468b198aec76bca63b76313a5c.webp
embed-ssl.wistia.com/deliveries/ Frame 32B9 20 KB
20 KB 88ms
33ms Image
image/webp 2600:9000:2127:d000:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed-ssl.wistia.com/deliveries/1b95fe468b198aec76bca63b76313a5c.webp?image_crop_resized=960x540
Requested by: Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:d000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 9656ad402c10804897cfd58fee892be22aa9c10ac8769138a98ee27540854d8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linoma.wistia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 17:10:22 GMT
access-control-request-method: *
via: 1.1 91afcef6d5c7e90d0a4bb2c3a456c690.cloudfront.net (CloudFront)
x-cdn: cloudfront
x-amz-cf-pop: PRG50-C1
age: 2000683
edge-cache-tag: 1b95fe468b198aec76bca63b76313a5c
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 237
content-disposition: inline
surrogate-key: 1b95fe468b198aec76bca63b76313a5c thumbnail-delivery
last-modified: Thu, 29 Jun 2023 07:29:26 UTC
server: envoy
etag: nJ-5uGrBJahXOYdDjp0Hff8USLA=
vary: Origin
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: none
x-amz-cf-id: 0O6CfOvIInVCmpeGOENcfcLYzA1NBAu5D1zN2RcxwjC8pi3jTi3MIg==

GET
H2 200 trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame CFF3 4 KB
5 KB 10ms
10ms Image
image/png 65.9.95.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/trustarc-logo-small.png

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-46.prg50.r.cloudfront.net

Software

nginx /

Resource Hash

91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=notice&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.fortra.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.fortra.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=f4f8d2ef-547e-4eb3-a8f1-4207c68c2629&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:12:24 GMT
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: PRG50-C1
age: 2574
x-cache: Hit from cloudfront
content-length: 4197
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 06 Dec 2023 09:51:26 GMT
server: nginx
etag: W/"4197-1701856286000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/png
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: aOZQz1Ieg_a6zK6D119BzXhNkmehTJntm1jgjUuT5eSTWRkV8hJ25w==

GET
H2 200 hls_video.js Show response
fast.wistia.net/assets/external/engines/ Frame 32B9 474 KB
115 KB 20ms
20ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c0a1a7a0d6b82f94681ec87a0051ca2bd3648cb19ba253212c657c054db101d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Origin: https://linoma.wistia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:05 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 2353
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 117982
x-served-by: cache-iad-kiad7000172-IAD, cache-fra-etou8220104-FRA
x-browser-version: 120
last-modified: Wed, 03 Jan 2024 19:03:06 GMT
server: AmazonS3
x-timer: S1704401706.756320,VS0,VE0
etag: "6ee8aec94d37e76019eb205e69e9e69c"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 5adb6ecf07af472f8a0076e794f84a54331d78cc
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 426, 26

GET
H2 200 i12p9inb16.m3u8 Show response
fast.wistia.com/embed/medias/ Frame 32B9 1 KB
2 KB 26ms
11ms XHR
application/x-mpegurl 2a04:4e42:600::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/i12p9inb16.m3u8

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

fec53f3fd3b50e7f54ccacbf78dfa1f396c232763889637eac1e43301c238601

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://linoma.wistia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:05 GMT
via: 1.1 51391527dd8c879c45b44b119905c872.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=0
x-permitted-cross-domain-policies: none
x-amz-cf-pop: IAD89-C3
age: 51516
x-cache: Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time: 33
content-length: 1353
x-request-id: 7efd51c2-2093-4423-bc26-4adb5b1d9628
x-served-by: cache-iad-kiad7000117-IAD, cache-fra-eddf8230041-FRA
x-runtime: 0.031370
x-browser-version: 120
server: envoy
x-timer: S1704401706.838931,VS0,VE4
etag: W/"fec53f3fd3b50e7f54ccacbf78dfa1f3"
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/x-mpegURL
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 79Fpd_z_7yabFrJ-XnGUEXdQanNJ6cmTlaDYNbFdZEZDZYVrqicWTA==
x-cache-hits: 501, 1

GET
H2 200 blank.gif
fast.wistia.net/assets/images/ Frame 32B9 1 KB
1 KB 8ms
7ms Image
image/gif 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.net/assets/images/blank.gif

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://linoma.wistia.com/
Origin: https://linoma.wistia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:05 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 356
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 1214
x-served-by: cache-iad-kjyo7100102-IAD, cache-fra-etou8220104-FRA
x-browser-version: 120
last-modified: Wed, 10 May 2023 19:48:54 GMT
server: AmazonS3
x-timer: S1704401706.828421,VS0,VE0
etag: "fbdc4ed9a1e2ee4917a265306927bcf1"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5217436, 7

POST
H2 200 mput Show response
pipedream.wistia.com/ Frame 32B9 2 B
331 B 196ms
165ms Fetch
text/plain 2600:9000:2127:1400:3:471f:5240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:1400:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://linoma.wistia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 04 Jan 2024 20:55:06 GMT
via: 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-type: text/plain; charset=utf-8
x-envoy-upstream-service-time: 1
content-length: 2
x-amz-cf-id: mNLLZdsMCE19AnTXbFB-HEx-Z3LbOrorFFAxYrO8jVp9qg8TKdc2dg==

GET
H2 200 v2.js Show response
js.hsforms.net/forms/embed/ 485 KB
153 KB 24ms
24ms Script
application/javascript 2606:4700::6810:88ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/embed/v2.js

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/_next/static/chunks/pages/%5B%5B...page%5D%5D-d72f473945786026.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:88ce , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc2e1c7db0ffa63e5333bc3771c96bf5c5d704332d79dfcfbff8bc16187b1abf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-encoding: br
age: 428
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.4371/bundles/project-v2.js&cfRay=840656f3b97d3600-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"982d8d22d576c26eb044b0e746926bef"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.4371/bundles/project-v2.js
date: Thu, 04 Jan 2024 20:55:06 GMT
x-amz-version-id: wkCPEW5SoVMi9CoHH5BglhAxVEpTVVPC
via: 1.1 66b6cd04ec22251498906e833eb08668.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: cdc97541-28fb-41ef-abca-d6e3c620fa9d
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: cdc97541-28fb-41ef-abca-d6e3c620fa9d
last-modified: Wed, 20 Dec 2023 09:57:15 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PdqPksUGKlFgZxHWCrFjnPLgbH3sqiXulu0IUnfyZA6YwrjlHf9yn7YqGglbRPKz%2BCN1euoWyImORwdna4sw2mtUZ1NsXWdjEobQeC7v7Grony2ivGZ%2FTlS2aa0srkaKfsGPmLYb1osuIerp"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-798df77cc5-rdh4x
cf-ray: 840661672b013657-FRA
x-amz-cf-id: 0bXvwSkIM_fNVHYvyUbBtMAZkQWbaEBs5H1QswGWsSEt0y88JGddew==

GET
H3 200 json Show response
forms.hsforms.com/embed/v3/form/3478499/7b5974d2-fb15-4e38-b0b0-bb16dc862337/ 64 KB
8 KB 278ms
264ms XHR
application/json 2606:4700::6811:cff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/3478499/7b5974d2-fb15-4e38-b0b0-bb16dc862337/json?hs_static_app=forms-embed&hs_static_app_version=1.4371&X-HubSpot-Static-App-Info=forms-embed-1.4371

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/embed/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:cff9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05417a335c254f645e2fba2e3fae74b99d8a5f2a5b9bec22b66f426d24ae3a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://terranovasecurity.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-origin-hublet: na1
date: Thu, 04 Jan 2024 20:55:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 059be726-5239-470c-80b9-a1fe57ecc323
x-envoy-upstream-service-time: 28
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 059be726-5239-470c-80b9-a1fe57ecc323
server: cloudflare
x-trace: 2BAD6E85CCD00AF82F42DF4E543BE330DC0A7BD863000000000000000000
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://terranovasecurity.com
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 840661673a5c30f9-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-795b47fdff-tnqw9

GET
H3 200 Microsoft-smaller-300x134.png
terranovasecurity.com/wp-content/uploads/2020/04/ 2 KB
5 KB 90ms
90ms Image
image/webp 2606:4700:20::681a:e15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://terranovasecurity.com/wp-content/uploads/2020/04/Microsoft-smaller-300x134.png

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:e15 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5ba900cd5cf929170a2faa841b526060c9004467d21a16a8ae044bd340b60b9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:06 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-security-policy: default-src 'self' data: blob: terranovasecurity.com *.terranovasecurity.com terranovacorporation.com *.terranovacorporation.com *.youtube.com platform-cdn.sharethis.com *.sharethis.com *.twitter.com *.doubleclick.net *.google-analytics.com *.ads-twitter.com *.linkedin.com *.salesforceliveagent.com *.gstatic.com cdn.jsdelivr.net *.googleapis.com terranova.my.salesforce.com *.salesforce.com bat.bing.com *.hotjar.com *.pardot.com snap.licdn.com *.googletagmanager.com *.googleoptimize.com t.co *.google.com *.google.ca *.adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net *.terranovasite.com *.oribi.io *.omappapi.com *.hotjar.com *.hsforms.net *.6sc.co *.hsforms.com *.hs-scripts.com js.hs-scripts.com *.hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com *.wistia.com *.visualwebsiteoptimizer.com *.vwo.com 'unsafe-eval' 'unsafe-inline'; object-src 'none';connect-src 'self' ws: https:
age: 1
cf-polished: origFmt=png, origSize=2841
content-disposition: inline; filename="Microsoft-smaller-300x134.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2414
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
last-modified: Thu, 16 Sep 2021 12:31:41 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "6143392d-b19"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYptEaXPkWZvttX%2BaPZArAAWCgb6Uxd0wyTFSqeTZdcoVQePB6IxVlDi2WWizs8Njk33GSGUSrcDKuCrWFG1%2FJueTSNhNRp6s1N01i1u1xiC0yV3pLomwU9NPr1qC4jwUZHwYYlqy1SkL81XU7gkMja%2Bnw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=16070400
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=(), accelerometer=(), ambient-light-sensor=(), autoplay=(self), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(self), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges: bytes
cf-ray: 840661672a48194b-FRA

POST
H2 204 x
distillery.wistia.com/ Frame 32B9 0
0 293ms
160ms Fetch 65.9.95.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-116.prg50.r.cloudfront.net
Software: envoy /
Resource Hash

Request headers

Referer: https://linoma.wistia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 04 Jan 2024 20:55:06 GMT
via: 1.1 9b9ab8e6e595847652a9158c684a8926.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2
x-amz-cf-id: zNR1LdFqPCLLjGuEUHPRmOx3ShxvQHo965SDJ9tUNfWc8m3iWgNrsA==

GET
H2 200 6.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/53754F6B83F1077EA08A2F9035B0EEBF/ Frame CFF3 8 KB
4 KB 60ms
60ms XHR
application/javascript 65.9.95.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/53754F6B83F1077EA08A2F9035B0EEBF/6.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/53754F6B83F1077EA08A2F9035B0EEBF.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-46.prg50.r.cloudfront.net

Software

nginx /

Resource Hash

6e0d470104f610a02906d357b9af5a66c05c3801685bd5d4a9952bc98b53c73d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=notice&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.fortra.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.fortra.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=f4f8d2ef-547e-4eb3-a8f1-4207c68c2629&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 04:39:55 GMT
content-encoding: gzip
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: PRG50-C1
age: 2045711
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 06 Dec 2023 09:51:44 GMT
server: nginx
etag: W/"7819-1701856304000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: I-TUt-DkQo7hFnKpur-Nlmi_uftWR76WQ9x9y6FfCIUxeJxFcUzRwA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 get
consent.trustarc.com/ Frame CFF3 3 KB
1 KB 105ms
105ms Image
image/svg+xml 65.9.95.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/get?name=%20fortra_Logo.svg

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-23.prg50.r.cloudfront.net

Software

Resource Hash

e396c79b7c0d5a855f996af8807bdf7318a87f7d4a198fa08a2c65e5cfa34330

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: public
date: Thu, 04 Jan 2024 20:10:15 GMT
content-encoding: gzip
via: 1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: PRG50-C1
age: 2691
vary: Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: iE2ZFewMbNixMRacvpdvRnbFkSidZZnfjG6twt4ZAoodJ1NY2ynBxw==
expires: Sat, 03 Feb 2024 20:10:15 GMT

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
591 B 176ms
176ms Image
image/gif 2606:4700::6811:cff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:cff9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 9145bd3d-1ec6-4639-87b5-933977d3e67d
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9145bd3d-1ec6-4639-87b5-933977d3e67d
server: cloudflare
x-trace: 2B1B3636997EC213D093DDA397317C4E21FAAA1E69000000000000000000
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-795b47fdff-gwtjq
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 84066168ef3092a1-FRA

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
589 B 148ms
148ms Image
image/gif 2606:4700::6811:cff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:cff9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: ad25d9a2-c679-4066-81c7-552cc2304b14
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ad25d9a2-c679-4066-81c7-552cc2304b14
server: cloudflare
x-trace: 2B85AF49C1D44E3B855C62241132039D5E04026DB7000000000000000000
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-795b47fdff-vgtws
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 84066168ff3792a1-FRA

POST
H2 200 mput Show response
pipedream.wistia.com/ Frame 32B9 2 B
329 B 361ms
360ms Fetch
text/plain 2600:9000:2127:1400:3:471f:5240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:1400:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://linoma.wistia.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 04 Jan 2024 20:55:06 GMT
via: 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: PRG50-C1
x-cache: Miss from cloudfront
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-type: text/plain; charset=utf-8
x-envoy-upstream-service-time: 3
content-length: 2
x-amz-cf-id: yCTIgHJAGU9OxhBG-FDavgxit0dWdJgdbPIE66o1kVOuu4Zz_G5_xA==

GET
H2 200 allIntegrations.js Show response
fast.wistia.net/assets/external/ Frame 32B9 23 KB
6 KB 45ms
45ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/allIntegrations.js

Requested by

Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2e84ecd347be77f89dc47b2723f3afc033454ee36376d36c6661285044184da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Origin: https://linoma.wistia.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:06 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 3404
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 5772
x-served-by: cache-iad-kcgs7200044-IAD, cache-fra-etou8220104-FRA
x-browser-version: 120
last-modified: Wed, 03 Jan 2024 19:03:06 GMT
server: AmazonS3
x-timer: S1704401707.647333,VS0,VE0
etag: "2942ab96d3d0bd16f436ec14f1ff614a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 5adb6ecf07af472f8a0076e794f84a54331d78cc
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 32, 23

GET
H2 200 trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame CFF3 4 KB
5 KB 49ms
49ms Image
image/png 65.9.95.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/trustarc-logo-small.png

Requested by

Host: terranovasecurity.com
URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-46.prg50.r.cloudfront.net

Software

nginx /

Resource Hash

91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=helpsystems_110322&site=helpsystems.com&country=de&action=notice&locale=de&behavior=expressed&gtm=1&layout=default_eu&privacypolicylink=https%3A%2F%2Fwww.fortra.com%2Fprivacy-policy&cookieLink=https%3A%2F%2Fwww.fortra.com%2Fcookie-policy&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=f4f8d2ef-547e-4eb3-a8f1-4207c68c2629&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:12:24 GMT
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: PRG50-C1
age: 2575
x-cache: Hit from cloudfront
content-length: 4197
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 06 Dec 2023 09:51:26 GMT
server: nginx
etag: W/"4197-1701856286000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/png
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: 37YOGtiu2pA-Ap-3FpcWkGcETq7h2pBEIymr9zzUUhMWM62j65Ex3A==

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
746 B 179ms
147ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1132539230&v=1.1&a=3478499&rcu=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F&pu=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&t=Gone+Phishing+Tournament+%7C+Terranova+Security&cts=1704401707079&vi=4026018d53025298a1370001d0184f9e&nc=true&u=76129290.4026018d53025298a1370001d0184f9e.1704401707076.1704401707076.1704401707076.1&b=76129290.1.1704401707077&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 0c225d93-6fc8-4bec-ae04-3f4071e255d5
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 12
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 0c225d93-6fc8-4bec-ae04-3f4071e255d5
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1S3zT%2BCYH2Z7JG657tOSqGc2I%2FX0B0IH58scFgaxBVQXxUuaOf7w4aeu4i8r33Nw8TDEDRxA%2F2u%2FDCkdnF3TUn%2FnN1Fthw2Vdsw3%2B557cP84zb00WgXMtwiIyaxYIDBjWU6e3SxP55hPVuoRdYv7"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7484b4bf59-n6tvw
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8406616d8f264dc3-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
741 B 180ms
149ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=7b5974d2-fb15-4e38-b0b0-bb16dc862337&fci=b964d4dc-68a6-4f33-b354-2e8aed093f00&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1132539230&v=1.1&a=3478499&rcu=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F&pu=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&t=Gone+Phishing+Tournament+%7C+Terranova+Security&cts=1704401707081&vi=4026018d53025298a1370001d0184f9e&nc=true&u=76129290.4026018d53025298a1370001d0184f9e.1704401707076.1704401707076.1704401707076.1&b=76129290.1.1704401707077&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 64b0c1d6-9661-4137-afe1-138b5501ede3
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 13
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 64b0c1d6-9661-4137-afe1-138b5501ede3
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k5Pa4iq4Q7SbSa01HCb8xAeJfEr7W5Hh85ccfvRL4DWFCt81LzKHnbOYZP7jK%2BCvjDPrfJIGERJ2gxc9%2Bd%2Bi%2FLeCToA%2B5yUc6SNogJZcDnuiPGTt36LtAullag5iXRor2KWS8eAzTiLZprwkRLSO"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7484b4bf59-7cpf7
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8406616d8f214dc3-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 169ms
143ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=7b5974d2-fb15-4e38-b0b0-bb16dc862337&fci=b7be17ff-c448-49af-a488-2e65a689af8d&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1132539230&v=1.1&a=3478499&rcu=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F&pu=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&t=Gone+Phishing+Tournament+%7C+Terranova+Security&cts=1704401707087&vi=4026018d53025298a1370001d0184f9e&nc=true&u=76129290.4026018d53025298a1370001d0184f9e.1704401707076.1704401707076.1704401707076.1&b=76129290.1.1704401707077&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 9c5a7f52-7fbe-4766-b263-fc7460027242
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 11
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9c5a7f52-7fbe-4766-b263-fc7460027242
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6WCuwY8Db%2BGWB9bo0%2B%2Bkf6n99NZRbKgnxuVR6MpXCNT3dR90lXnmDxwexbC32iqMMDuDMqj%2FjtX7oQgTl7Wo2313ro6aVQ94NsMK%2BE46dKwwkh7s4F40wf9NJ9d1hrXu0bFiGjQoiTj896M%2BcGSt"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7484b4bf59-sxbr4
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8406616d8f274dc3-FRA
x-robots-tag: none

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 178 B
1 KB 181ms
180ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=3478499&utk=4026018d53025298a1370001d0184f9e&__hstc=76129290.4026018d53025298a1370001d0184f9e.1704401707076.1704401707076.1704401707076.1&__hssc=76129290.1.1704401707077&currentUrl=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33908430c53b3f7053442db432641d9f118f4f2c978baea1d3db1d6c60af9e3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://terranovasecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 20:55:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 4177d430-3a38-4d74-9679-69c577a5b404
content-encoding: br
x-envoy-upstream-service-time: 19
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 4177d430-3a38-4d74-9679-69c577a5b404
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://terranovasecurity.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7MPquItAe8k1Y9kHOZMfSrUCtfz68kkQt%2Bee9Te1X%2Fzfs3c7kLTH0%2Bx4QKPISE%2B%2BCGcpLl%2FHRp%2F%2BTqEqqocpw43Oh8uGq%2Bi2vqp3FUG%2B5BS%2B%2FWSuURiwpU1ZlBaoCX%2FszRHx8UQF8tBKc%2FWnViV"}],"group":"cf-nel","max_age":604800}
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 8406616dbe631a7d-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-795b47fdff-4w87j

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?dsp_id=44&user_id=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY

Domain: dsum-sec.casalemedia.com
URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY&expiration=1735937705

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY&expires=365

Domain: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/sd?id=537103138&val=a19299edaaeffc40ac6094cb4c08da2f&gdpr=1&gdpr_consent=

Domain: sync.outbrain.com
URL: https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY&gdpr=1&gdpr_consent=&us_privacy=1---

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Domain: sync.taboola.com
URL: https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY

Domain: eb2.3lift.com
URL: https://eb2.3lift.com/xuid?mid=4714&xuid=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY&dongle=c85e

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/setuid?entity=172&code=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY

Domain: ipv4.d.adroll.com
URL: https://ipv4.d.adroll.com/seg4/YZJZ3MVNCZDDFHWIXHLWUO/RNNFO6UBZND2PCEUN2KUDQ?adroll_fpc=7a55cc0a4876de97d24c23cda8d40e45-1704401705191&pv=68339983887.278114&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&cookie=&adroll_s_ref=&keyw=&p0=178&adroll_external_data=&adroll_version=2.0

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.terranovasecurity.com/	1970-01-20 17:26:43	Name: TAsessionID Value: f4f8d2ef-547e-4eb3-a8f1-4207c68c2629\|NEW
.terranovasecurity.com/	1969-12-31 23:59:59	Name: notice_behavior Value: expressed,eu
.terranovasecurity.com/	1970-01-20 18:09:53	Name: cmp Value: cmp-0000013358
.terranovasecurity.com/	1970-01-20 18:09:53	Name: ls Value: 717710006
.terranovasecurity.com/	1970-01-21 02:12:39	Name: __adroll_fpc Value: 7a55cc0a4876de97d24c23cda8d40e45-1704401705191
.terranovasecurity.com/	1970-01-21 02:12:17	Name: __ar_v4 Value: %7CYZJZ3MVNCZDDFHWIXHLWUO%3A20240103%3A1%7CRNNFO6UBZND2PCEUN2KUDQ%3A20240103%3A1
.wistia.com/	1970-01-20 17:46:51	Name: _w_session Value: YFdn496HmFGLm5TZObDNZmO1%2FH03iMsEpnfk%2FSHR3paV4I07BixMw3gODVZg7iKq%2BB05oTVmkubT4pMH%2FsJ0qhJjnfrUYduedhCLqHwrbspAdfh7hBuPnFFeMU8L3h7xXvBfB0gUopURZ4aPlc%2FZkPnafQXVi%2BrL1tu%2BRyHl%2BG74L4X9rIEbBPDR8b%2Bm0c3hXNpkWqJ4awP8p2dNNGkVJyVkODjF7%2FbXT3LN5iKSb5f%2BvFmOScjh3C3p30xpp%2BVEQDPKu%2BVwY9xTgZcpwGizc10TLaCHPkuciFNTY1mxGqQwYh1iteiu5w%3D%3D--%2Bw9OUP6IKN0nlenA--CUJOCRfoEfH9ZX4NKsfdOA%3D%3D
.doubleclick.net/	1970-01-21 02:48:17	Name: IDE Value: AHWqTUn65jsCqyEHJ4pMw7qOsKnASxGFtf4pezVebpSWuf2muFsla_pL3VRt-aTtnkc
.d.adroll.com/	1970-01-21 02:55:29	Name: __adroll Value: a19299edaaeffc40ac6094cb4c08da2f-g_1704401705-a_1704401705
.adroll.com/	1970-01-21 02:55:29	Name: __adroll_shared Value: a19299edaaeffc40ac6094cb4c08da2f-g_1704401705-a_1704401705
terranovasecurity.com/	1970-01-20 21:45:53	Name: __hstc Value: 76129290.4026018d53025298a1370001d0184f9e.1704401707076.1704401707076.1704401707076.1
terranovasecurity.com/	1970-01-20 21:45:53	Name: hubspotutk Value: 4026018d53025298a1370001d0184f9e
terranovasecurity.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
terranovasecurity.com/	1970-01-20 17:26:43	Name: __hssc Value: 76129290.1.1704401707077
.hubspot.com/	1970-01-20 17:26:43	Name: __cf_bm Value: kGM9ciAIbYcrohp.e4qVk2CSsTqeXcLZz0aqnrbVXgU-1704401707-1-AYNOFxmNqjPB/tAgsGJ4aoGd/m8I39jNQuZa3xafxsEGpcYdxev9Xytae8stpdY+n6Nzfk6D6OQ30EKpsPDcdDw=
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: pLsR.eSh2_p8bz0fQqG3APZgjZE12wizvySE13.CYbA-1704401707253-0-604800000

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'navigation-override'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	error	URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot Message: Refused to load the image 'https://ipv4.d.adroll.com/seg4/YZJZ3MVNCZDDFHWIXHLWUO/RNNFO6UBZND2PCEUN2KUDQ?adroll_fpc=7a55cc0a4876de97d24c23cda8d40e45-1704401705191&pv=68339983887.278114&arrfrr=https%3A%2F%2Fterranovasecurity.com%2Fgone-phishing-tournament%2F%3Fcode%3Dcmp-0000013358%26ls%3D717710006%26utm_campaign%3Dtn-gone-phishing%26utm_medium%3Demail%26utm_source%3Dhubspot&cookie=&adroll_s_ref=&keyw=&p0=178&adroll_external_data=&adroll_version=2.0' because it violates the following Content Security Policy directive: "default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot Message: Refused to load the image 'https://x.bidswitch.net/sync?dsp_id=44&user_id=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY' because it violates the following Content Security Policy directive: "default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot Message: Refused to load the image 'https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY&expires=365' because it violates the following Content Security Policy directive: "default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot Message: Refused to load the image 'https://sync.outbrain.com/cookie-sync?p=adroll&uid=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY&gdpr=1&gdpr_consent=&us_privacy=1---' because it violates the following Content Security Policy directive: "default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot Message: Refused to load the image 'https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDYmdGw9MTI5NjAw&piggybackCookie=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA' because it violates the following Content Security Policy directive: "default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot Message: Refused to load the image 'https://us-u.openx.net/w/1.0/sd?id=537103138&val=a19299edaaeffc40ac6094cb4c08da2f&gdpr=1&gdpr_consent=' because it violates the following Content Security Policy directive: "default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot Message: Refused to load the image 'https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY&expiration=1735937705' because it violates the following Content Security Policy directive: "default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot Message: Refused to load the image 'https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA' because it violates the following Content Security Policy directive: "default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot Message: Refused to load the image 'https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY' because it violates the following Content Security Policy directive: "default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot Message: Refused to load the image 'https://ib.adnxs.com/setuid?entity=172&code=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY' because it violates the following Content Security Policy directive: "default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://terranovasecurity.com/gone-phishing-tournament/?code=cmp-0000013358&ls=717710006&utm_campaign=tn-gone-phishing&utm_medium=email&utm_source=hubspot Message: Refused to load the image 'https://eb2.3lift.com/xuid?mid=4714&xuid=YTE5Mjk5ZWRhYWVmZmM0MGFjNjA5NGNiNGMwOGRhMmY&dongle=c85e' because it violates the following Content Security Policy directive: "default-src 'self' data: blob: terranovasecurity.com .terranovasecurity.com terranovacorporation.com .terranovacorporation.com .youtube.com platform-cdn.sharethis.com .sharethis.com .twitter.com .doubleclick.net .google-analytics.com .ads-twitter.com .linkedin.com .salesforceliveagent.com .gstatic.com cdn.jsdelivr.net .googleapis.com terranova.my.salesforce.com .salesforce.com bat.bing.com .hotjar.com .pardot.com snap.licdn.com .googletagmanager.com .googleoptimize.com t.co .google.com .google.ca .adsymptotic.com platform-api.sharethis.com embedwistia-a.akamaihd.net .terranovasite.com .oribi.io .omappapi.com .hotjar.com .hsforms.net .6sc.co .hsforms.com .hs-scripts.com js.hs-scripts.com .hs-analytics.net js.usemessages.com js.hsleadflows.net js.hs-banner.com track.hubspot.com js.hubspot.com connect.facebook.net consent.trustarc.com consent-pref.trustarc.com js.driftt.com s.adroll.com d.adroll.com .wistia.com .visualwebsiteoptimizer.com .vwo.com 'unsafe-eval' 'unsafe-inline'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubspot.com
cdn.jsdelivr.net
cm.g.doubleclick.net
consent-pref.trustarc.com
consent-st.trustarc.com
consent.trustarc.com
cq4wg04.na1.hs-sales-engage.com
cta-service-cms2.hubspot.com
d.adroll.com
distillery.wistia.com
dsum-sec.casalemedia.com
eb2.3lift.com
embed-ssl.wistia.com
fast.wistia.com
fast.wistia.net
fonts.gstatic.com
forms-na1.hsforms.com
forms.hsforms.com
forms.hubspot.com
ib.adnxs.com
image2.pubmatic.com
ipv4.d.adroll.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsforms.net
js.hsleadflows.net
js.hubspot.com
js.usemessages.com
linoma.wistia.com
perf-na1.hsforms.com
pipedream.wistia.com
pixel.rubiconproject.com
s.adroll.com
sync.outbrain.com
sync.taboola.com
terranovasecurity.com
track.hubspot.com
ups.analytics.yahoo.com
us-u.openx.net
www.googletagmanager.com
x.bidswitch.net
dsum-sec.casalemedia.com
eb2.3lift.com
ib.adnxs.com
image2.pubmatic.com
ipv4.d.adroll.com
pixel.rubiconproject.com
sync.outbrain.com
sync.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
x.bidswitch.net
172.217.18.2
2600:9000:2127:1400:3:471f:5240:93a1
2600:9000:2127:b200:6:9280:1080:93a1
2600:9000:2127:d000:1e:c86:4140:93a1
2606:4700:20::681a:e15
2606:4700:4400::6812:22e5
2606:4700:4400::6812:265b
2606:4700::6810:4fba
2606:4700::6810:5514
2606:4700::6810:88ce
2606:4700::6810:bb59
2606:4700::6811:cff9
2606:4700::6811:fba8
2606:4700::6812:7c0c
2606:4700::6812:a07d
2606:4700::6812:b07d
2606:4700::6813:9b53
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2008
2a04:4e42:600::644
2a04:4e42::644
2a05:d018:cc3:fe04:8e67:cce2:569e:ad7f
65.9.95.116
65.9.95.128
65.9.95.23
65.9.95.46
65.9.95.79
03e94e0bf26854c84af27e8d35f0802ed296a20e53930a321fb5eed3ad296bac
05417a335c254f645e2fba2e3fae74b99d8a5f2a5b9bec22b66f426d24ae3a2b
08f09e95e50ae9c0181382558ff935903a7b273b4a8e5006788e85ae1c72c7c6
093d12d8b3568fe7d205eab6a5ceb766772d6018aebe44d3e16f9e85fb7ab68e
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7
0e59f8184388cbf7873147d14016ebf88a7f73feb7802e9fe764aa6dedc2809c
110d161aa5999066042d12f7cd25b37043af32363e703125ccb5d03f0f27fa60
14103b64df9857f9f7ad1f02efaafba97ce4772e8d8b448857de69c3537c338d
176f46d1332bd15e158ba501961d4614a40522c0b622bc981036251478694812
1cfea9c2560f92f921901138514a6bef5370b77a265a62151e446d3f50140a9b
236da1e279970d72ab0f28a2d9c9fde03100674452adabd32466c72f0890bfbc
24466a5d595002efcf7e286d6c4b58b51307c5d8497ef4bafc5d5a32c4e372a5
25c864ad288d5841dd1aad9d4c2dd46d1e220690f11addf034e937fa59717a09
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d049822d55a81553f2ca0e808471070b2db92cbda16626efc5778e553272b7d
2e84ecd347be77f89dc47b2723f3afc033454ee36376d36c6661285044184da8
2eb50fa38c6cfe2818c76af62da81e46a7f43c5b16dc23e901cd836d6fe0cc7b
33908430c53b3f7053442db432641d9f118f4f2c978baea1d3db1d6c60af9e3e
365c4e4e15bb05abb8135ba921b7ff58c93459e1b8eda9e1835c13ba7ecec1b4
38bd79fe14f72f6c06682105fd7e2a5af3bb634f5d1e310e8d44d1a09e011019
38ecab22c16bef44fbe268de3e168ead209d46f9e281316ba81774aab345b283
39a1a1948bd1639798e87cd62a7375f5c0393ea7f2b76f3137db58b8817cd873
41fb8d5a1d31b2c1414f677d1e6e5b6dc0163818018b5a0c1a094ca8ac3064c8
4fca34a1d103c87bde6d04f07d32de7782349258552ddef90c50f1bb2991386b
554008a2a8ed087640afa2529308c94093037068345160b2e5cf5fede0ef2cf0
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5ce2638addfb0f00f88b2a05d5d420c535045d0d52d30ec9d278242858142e30
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cce1bef48b3bf7fd4bfdd0cad214e7aff14758b79cbef56537fbc9bbf7dddc7
6e0d470104f610a02906d357b9af5a66c05c3801685bd5d4a9952bc98b53c73d
714033706d3272019efabd4624a61b9f925a1daf38615770b734564600ca637d
7a9f6a58f9aaba20d1750334fea4fd50593ed00d75e2a1aa3e99b3c5195e52cf
7c2fce837c4e93ce939702c1b7cef4e62449752fb52e68ee18ac98a1b7d6a65b
7d397a1a82954b84171f704b990718fba52e6589cf13bad607194efd62241a7c
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f182f8fbdc4cd17081daa0a46247e301f597cf0612741b51d5d1649552c918d
8007583d9447b0cdcc4f56931c615aace3a71b19702231bcfb16e4ecab02b265
82ca468f0d48287ddaa8795313ba57708377842b6e077d12884b9c2bcc51a8f5
8556d15886b7985ee590f68c35e27086f9a06a6e42d526465a236207137e403f
89fe9807b5b69624828758b65407a46f6c42d6b79abfcca367bf4272ad2cacf3
8d8d5dc8bc1a7fd19740f0b72b44c0054d53a693d9887f01b2b50924dc74ef7f
8f4a6fb3381557f58b402871de7c549a784aaffc6b4306825570c4013c406c01
91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004
91d9683d310155987ed8031c5312272f6f611815a80b8e4b33f81f9beee01638
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9656ad402c10804897cfd58fee892be22aa9c10ac8769138a98ee27540854d8b
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9f565b4cdf200b503b4c09d2e4644a1fbec24230e60b873ab7e09ae969a6fc1b
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
a56da184efd39a5e42bba0bbbd3ceb1700e02237041825fef1eee34d57555226
a774b19d5173d81cf31cc63eff99b6ee8d9dd29651acfb93efa45f88459421dc
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
a8057f810ccac33762c8504aae8b1bdeb148be632d16e57ea4bd8f8426e0ca58
b0a2315923c48fc1d0652efb581b8db4bae0432b2823ce24ca77a211299cde10
b49a5d05ca41478b31f51cc2539a75937c3f921540aa90116a8f609e094d1811
b5ba900cd5cf929170a2faa841b526060c9004467d21a16a8ae044bd340b60b9
b7fb003560fcdd5d3d095f2333d23f5850e298b6c8031352ec8262a7444a05bb
bc2e1c7db0ffa63e5333bc3771c96bf5c5d704332d79dfcfbff8bc16187b1abf
bf8b177dd324a72d23a77126badfdc81f18b7a59c7f7c4ba1e9f3c96a71fd531
c0a1a7a0d6b82f94681ec87a0051ca2bd3648cb19ba253212c657c054db101d1
c1e92a1c5827b02b976fdd931b13ee9f09d45d31db0edbaadf03ca82b96e9a5a
c339c3965ea8715fb47e9087f632ceff2769a8c41ea49098ae02a02394aa46ea
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d1feb1702e51b432160dcfb04b2c55eb6822cc0d77f13a0273f41d60d96d6853
d3707b6549f3877b7397dd6b4b168742deaccaf321dc930704c1843228fba2a4
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
ddb3630a75fbd3d11638406782bc5794dc9b688e6d507687ac32ec0d1dcf98b8
dee0df4033fccdefe604c08abcabfcb051cd399297a062bf06bd7e31f81ffb16
e396c79b7c0d5a855f996af8807bdf7318a87f7d4a198fa08a2c65e5cfa34330
e77f52c3131e3936d83ccf8fb84ce87650d8f064d48cfcada725096a5b2286b3
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1846f7f9ed8915e7c3c7741661a7e58fbfa5faf95070c18fcc70333542bce6e
f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880
f20e3068b2556a765a281d38b6fca12aed826607acea90394947a5640bb1ff55
f60fef6529a81a918a89aeb56613e47bf51742e811700402c178f354ddd73368
fd63ae3c4d40439c3256053ca79e4c5e2ff7cc82c2a0e268e2907af6948fed38
fd8d679af5e4c8f823875322af9d8d87a40d313409dd5aeb1ca86c57fbefa1c0
fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf
fe6b0268fa234e4e2daef6e97043f6e1bd5715563c15b168f8cd2b1275b0044e
fec53f3fd3b50e7f54ccacbf78dfa1f396c232763889637eac1e43301c238601

terranovasecurity.com Open in urlscan Pro 2606:4700:20::681a:e15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

108 Requests

89 %HTTPS

78 %IPv6

28 Domains

42 Subdomains

27 IPs

3 Countries

2616 kBTransfer

8018 kBSize

16 Cookies

2 Outgoing links

Page URL History

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

terranovasecurity.com Open in urlscan Pro
2606:4700:20::681a:e15 Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

89 %
HTTPS

78 %
IPv6

28
Domains

42
Subdomains

27
IPs

3
Countries

2616 kB
Transfer

8018 kB
Size

16
Cookies

108 HTTP transactions
1 data transactions