urlscan.io logo urlscan.io
SecurityTrails logo

forwardbuildinfo.com Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://forwardbuildinfo.com/campaigns/sx419n87vv7e5/track-url/yw8908td7ye4e/1c2fe51f5ea0ce1860c3ca3f2c8d5c54eb48ec4d__
Effective URL: https://forwardbuildinfo.com/campaigns/sx419n87vv7e5/web-version/yw8908td7ye4e
Submission: On October 20 via api from GB — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 16 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is forwardbuildinfo.com.
TLS certificate: Issued by GTS CA 1P5 on September 4th 2023. Valid for: 3 months.
This is the only time forwardbuildinfo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
7 104.17.70.206 13335 (CLOUDFLAR...)
1 2 104.17.71.206 13335 (CLOUDFLAR...)
1 2a02:26f0:780... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
16 7
4    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
forwardbuildinfo.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a02:26f0:480:f::213:7ee1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
7    104.17.70.206 (None, )

ASN13335 (CLOUDFLARENET, US)
pages.messagesystems.com
2    104.17.71.206 (None, )

ASN13335 (CLOUDFLARENET, US)
page.messagesystems.com
1    2a02:26f0:780::210:a419 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
9 messagesystems.com
pages.messagesystems.com
page.messagesystems.com
111 KB
4 forwardbuildinfo.com
forwardbuildinfo.com
9 KB
2 gstatic.com
fonts.gstatic.com
31 KB
2 typekit.net
use.typekit.net — Cisco Umbrella Rank: 560
p.typekit.net — Cisco Umbrella Rank: 722
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
1 KB
16 5
Domain Requested by
7 pages.messagesystems.com forwardbuildinfo.com
4 forwardbuildinfo.com 1 redirects forwardbuildinfo.com
2 fonts.gstatic.com fonts.googleapis.com
2 page.messagesystems.com 1 redirects forwardbuildinfo.com
1 p.typekit.net use.typekit.net
1 use.typekit.net forwardbuildinfo.com
1 fonts.googleapis.com forwardbuildinfo.com
16 7

This site contains no links.

Subject Issuer Validity Valid
forwardbuildinfo.com
GTS CA 1P5		 2023-09-04 -
2023-12-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-21 -
2024-10-21		 a year crt.sh
pages.messagesystems.com
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://forwardbuildinfo.com/campaigns/sx419n87vv7e5/web-version/yw8908td7ye4e
Frame ID: 221D6D2D6EBE71C967B99EC861919CA9
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://forwardbuildinfo.com/campaigns/sx419n87vv7e5/track-url/yw8908td7ye4e/1c2fe51f5ea0ce1860c3ca3f2c8d... HTTP 301
    https://forwardbuildinfo.com/campaigns/sx419n87vv7e5/web-version/yw8908td7ye4e Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

16
Requests

94 %
HTTPS

71 %
IPv6

5
Domains

7
Subdomains

7
IPs

3
Countries

153 kB
Transfer

192 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://forwardbuildinfo.com/campaigns/sx419n87vv7e5/track-url/yw8908td7ye4e/1c2fe51f5ea0ce1860c3ca3f2c8d5c54eb48ec4d__ HTTP 301
    https://forwardbuildinfo.com/campaigns/sx419n87vv7e5/web-version/yw8908td7ye4e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://page.messagesystems.com/trk?t=1&mid=MzU2LVNMRC0wMTk6MDoxODI4Njo2NTg0NzoyMjM5NjA6MTk0NjY6OToxMDE4ODA6NzExMDY5NDpkZWVwYWtAc3Bva2VzbHkuY29t HTTP 302
  • https://page.messagesystems.com/images/downloadPicture.gif

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request yw8908td7ye4e
forwardbuildinfo.com/campaigns/sx419n87vv7e5/web-version/
Redirect Chain
  • https://forwardbuildinfo.com/campaigns/sx419n87vv7e5/track-url/yw8908td7ye4e/1c2fe51f5ea0ce1860c3ca3f2c8d5c54eb48ec4d__
  • https://forwardbuildinfo.com/campaigns/sx419n87vv7e5/web-version/yw8908td7ye4e
40 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://forwardbuildinfo.com/campaigns/sx419n87vv7e5/web-version/yw8908td7ye4e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8093f7c49609965efb7a272e8f9c7f06cb075a5f3aa59c1c693e4cc05e4fc25
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
818f80b5ec86b72a-AMS
content-encoding
br
content-security-policy
frame-ancestors 'self';
content-type
text/html; charset=UTF-8
date
Fri, 20 Oct 2023 07:21:14 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wz3WPptE2UyGB7gm0R0z0rNl9UZ2xze6cFuT50doI7twgNR%2FRaKbpkZws87Y4v%2BAun%2FnPFGM518PSH3lXDm%2FxopDVZ0BT71av2MF1g%2FFnz7gg36ujUbxZehXYisocJQ%2Fon%2FwQ3c7veQvF%2Fmir02BdsM8zA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
818f80b22ac3b72a-AMS
content-security-policy
frame-ancestors 'self';
content-type
text/html; charset=UTF-8
date
Fri, 20 Oct 2023 07:21:13 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Fri, 20 Oct 2023 07:21:13 GMT
location
https://forwardbuildinfo.com/campaigns/sx419n87vv7e5/web-version/yw8908td7ye4e
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cxdJc0%2FkRlav9%2FOy9bHvL4eLsPqLCaC6N3lSi8w4f7Fu1DLb8RvGvd9uMu4f%2FPTeeRTZiQF6w5Ku%2BQjkf8UKwDQjP5vy3zpDyj%2Fk1hE9mC7DIFwpVpcXKVeXnVUoAcRUMwe6JSX%2FnDhX6oROOX1b1nqjbw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
css2
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
Requested by
Host: forwardbuildinfo.com
URL: https://forwardbuildinfo.com/campaigns/sx419n87vv7e5/web-version/yw8908td7ye4e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forwardbuildinfo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 20 Oct 2023 07:21:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 20 Oct 2023 07:14:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 20 Oct 2023 07:21:14 GMT
hcl8qhy.css
use.typekit.net/ 		3 KB
946 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/hcl8qhy.css
Requested by
Host: forwardbuildinfo.com
URL: https://forwardbuildinfo.com/campaigns/sx419n87vv7e5/web-version/yw8908td7ye4e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a984d7ef4317cb2f714685b0f513e46fc101609d5eb3fb3c10cf683b9cfbe6f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forwardbuildinfo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Fri, 20 Oct 2023 07:21:14 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
723
OptIn%20Logo_2Color%20RGB_main_cropped.png
pages.messagesystems.com/rs/356-SLD-019/images/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pages.messagesystems.com/rs/356-SLD-019/images/OptIn%20Logo_2Color%20RGB_main_cropped.png
Requested by
Host: forwardbuildinfo.com
URL: https://forwardbuildinfo.com/campaigns/sx419n87vv7e5/web-version/yw8908td7ye4e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6aa5eb37816b5764af68c24f234b382667ca5d245e7497e99ed59535e6760de5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forwardbuildinfo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 07:21:15 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Thu, 19 Oct 2023 06:05:49 GMT
server
cloudflare
etag
"5609f4-45c9-6080b8c22b3eb"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=60
accept-ranges
bytes
cf-ray
818f80c1586db7f8-AMS
content-length
17865
expires
Fri, 20 Oct 2023 07:22:15 GMT
logo-sparkpost-footer.png
pages.messagesystems.com/rs/356-SLD-019/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pages.messagesystems.com/rs/356-SLD-019/images/logo-sparkpost-footer.png
Requested by
Host: forwardbuildinfo.com
URL: https://forwardbuildinfo.com/campaigns/sx419n87vv7e5/web-version/yw8908td7ye4e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a30b3fccd80860e343c6d0276c3465bbcbe59f86edfbaea684e24be97f71838e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forwardbuildinfo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 07:21:15 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Sat, 07 Oct 2023 04:48:38 GMT
server
cloudflare
etag
"4a2d11-18e7-6071912057fbb"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=60
accept-ranges
bytes
cf-ray
818f80c1586fb7f8-AMS
content-length
6375
expires
Fri, 20 Oct 2023 07:22:15 GMT
icon-facebook.png
pages.messagesystems.com/rs/356-SLD-019/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pages.messagesystems.com/rs/356-SLD-019/images/icon-facebook.png
Requested by
Host: forwardbuildinfo.com
URL: https://forwardbuildinfo.com/campaigns/sx419n87vv7e5/web-version/yw8908td7ye4e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99d0388709934bcd6d5b15593ff6ae1cd861227ae91eb7bf1c877ad755ea9606
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forwardbuildinfo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 07:21:15 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Sat, 07 Oct 2023 03:53:06 GMT
server
cloudflare
etag
"4a2d02-76e-607184b6d3307"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=60
accept-ranges
bytes
cf-ray
818f80c15871b7f8-AMS
content-length
1902
expires
Fri, 20 Oct 2023 07:22:15 GMT
icon-twitter.png
pages.messagesystems.com/rs/356-SLD-019/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pages.messagesystems.com/rs/356-SLD-019/images/icon-twitter.png
Requested by
Host: forwardbuildinfo.com
URL: https://forwardbuildinfo.com/campaigns/sx419n87vv7e5/web-version/yw8908td7ye4e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf606dde83953200f7a283f5b383deceed5d9eb4abd066d1134c9885342bd997
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forwardbuildinfo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 07:21:15 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Sat, 07 Oct 2023 02:33:07 GMT
server
cloudflare
etag
"560932-902-607172d628cdc"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=60
accept-ranges
bytes
cf-ray
818f80c15870b7f8-AMS
content-length
2306
expires
Fri, 20 Oct 2023 07:22:15 GMT
icon-linkedin.png
pages.messagesystems.com/rs/356-SLD-019/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pages.messagesystems.com/rs/356-SLD-019/images/icon-linkedin.png
Requested by
Host: forwardbuildinfo.com
URL: https://forwardbuildinfo.com/campaigns/sx419n87vv7e5/web-version/yw8908td7ye4e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f6bfe520e27576453be349c7b02c5d96dec349072af33f354091a245ea993f1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forwardbuildinfo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 07:21:15 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Sat, 07 Oct 2023 03:16:08 GMT
server
cloudflare
etag
"4a2cf5-7f8-60717c7352a24"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=60
accept-ranges
bytes
cf-ray
818f80c15872b7f8-AMS
content-length
2040
expires
Fri, 20 Oct 2023 07:22:15 GMT
icon-instagram.png
pages.messagesystems.com/rs/356-SLD-019/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pages.messagesystems.com/rs/356-SLD-019/images/icon-instagram.png
Requested by
Host: forwardbuildinfo.com
URL: https://forwardbuildinfo.com/campaigns/sx419n87vv7e5/web-version/yw8908td7ye4e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db64e77d65ed5ee91b9ebb97547c41e5241ffb3a5459358b7325c8afd0752e40
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forwardbuildinfo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 07:21:15 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Sat, 07 Oct 2023 03:16:08 GMT
server
cloudflare
etag
"560a10-a0d-60717c734f5e4"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=60
accept-ranges
bytes
cf-ray
818f80c15873b7f8-AMS
content-length
2573
expires
Fri, 20 Oct 2023 07:22:15 GMT
downloadPicture.gif
page.messagesystems.com/images/
Redirect Chain
  • https://page.messagesystems.com/trk?t=1&mid=MzU2LVNMRC0wMTk6MDoxODI4Njo2NTg0NzoyMjM5NjA6MTk0NjY6OToxMDE4ODA6NzExMDY5NDpkZWVwYWtAc3Bva2VzbHkuY29t
  • https://page.messagesystems.com/images/downloadPicture.gif
43 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://page.messagesystems.com/images/downloadPicture.gif
Requested by
Host: forwardbuildinfo.com
URL: https://forwardbuildinfo.com/campaigns/sx419n87vv7e5/web-version/yw8908td7ye4e
Protocol
H2
Server
104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forwardbuildinfo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 07:21:14 GMT
cf-cache-status
MISS
last-modified
Fri, 20 Oct 2023 07:21:14 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/gif;charset=UTF-8
cache-control
public, max-age=60
cf-ray
818f80ba0a70b98f-AMS
x-request-id
8ad41026b7207e81
expires
Fri, 20 Oct 2023 07:22:14 GMT

Redirect headers

date
Fri, 20 Oct 2023 07:21:14 GMT
content-security-policy
default-src 'self'; img-src 'self';script-src 'self';object-src 'none';form-action 'none';frame-src 'none';style-src 'self'
referrer-policy
strict-origin
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
SAMEORIGIN
location
/images/downloadPicture.gif
cache-control
private, no-cache, no-store, max-age=0
cf-ray
818f80b8c931b98f-AMS
x-request-id
cfc493e1d7aac13a
yw8908td7ye4e
forwardbuildinfo.com/campaigns/sx419n87vv7e5/track-opening/ 		0
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forwardbuildinfo.com/campaigns/sx419n87vv7e5/track-opening/yw8908td7ye4e
Requested by
Host: forwardbuildinfo.com
URL: https://forwardbuildinfo.com/campaigns/sx419n87vv7e5/web-version/yw8908td7ye4e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forwardbuildinfo.com/campaigns/sx419n87vv7e5/web-version/yw8908td7ye4e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Oct 2023 07:21:14 GMT
content-security-policy
frame-ancestors 'self';
cf-cache-status
DYNAMIC
last-modified
Fri, 20 Oct 2023 07:21:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3x0OnvBvkHkzbbKsvGMb4kuHbUhg9VfU%2B2BjSTV%2FE0kteYulwIx%2BBSHf%2Bi%2FqgdEqiFPuIb2GZj03fw6%2FSv7NWCKG9IYVj6Gdq%2Baof7HHJtSY8mLrbXBtZeBBTvv2EClKT6kWoUv7ConSxDlM%2BaIs3HJBag%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
content-type
application/json
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
818f80b7ca2fb98c-AMS
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
email-decode.min.js
forwardbuildinfo.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forwardbuildinfo.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: forwardbuildinfo.com
URL: https://forwardbuildinfo.com/campaigns/sx419n87vv7e5/web-version/yw8908td7ye4e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forwardbuildinfo.com/campaigns/sx419n87vv7e5/web-version/yw8908td7ye4e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 07:21:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2023 11:32:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"652d1f47-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RwOTHFgQYxUUB44HDiklI7fcvARfwWeGDmTz5Fnk0GpJxly7kPYPkD9%2BgIt7qBXz3NW4OULUCahJIfL3H%2Btn4vYPQcUR%2BGPSEGOgDw%2BTuPS86nUWD8gj8KK6zh5nhnsjSN%2FdYJQTXX9p7a1uUbgVQ%2BDccg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
818f80b7ca2db98c-AMS
expires
Sun, 22 Oct 2023 07:21:14 GMT
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=hcl8qhy&ht=tk&f=39182.39183.39184.39187&a=11658096&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/hcl8qhy.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::210:a419 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 07:21:14 GMT
last-modified
Fri, 23 Jun 2023 17:09:47 GMT
server
nginx
etag
"6495d1db-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
OptIn-Live-email-hero.png
pages.messagesystems.com/rs/356-SLD-019/images/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pages.messagesystems.com/rs/356-SLD-019/images/OptIn-Live-email-hero.png
Requested by
Host: forwardbuildinfo.com
URL: https://forwardbuildinfo.com/campaigns/sx419n87vv7e5/web-version/yw8908td7ye4e
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9668b0c3c85860a5076c86e27f0c909818a3a9f4e36d571f8dbeb806e6e8fbd6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://forwardbuildinfo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 07:21:15 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Sat, 07 Oct 2023 03:25:40 GMT
server
cloudflare
etag
"4a2cfa-1305d-60717e94cd005"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=60
accept-ranges
bytes
cf-ray
818f80c1586eb7f8-AMS
content-length
77917
expires
Fri, 20 Oct 2023 07:22:15 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://forwardbuildinfo.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 16:12:51 GMT
x-content-type-options
nosniff
age
54503
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Oct 2024 16:12:51 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://forwardbuildinfo.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 03:37:30 GMT
x-content-type-options
nosniff
age
99824
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Oct 2024 03:37:30 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
forwardbuildinfo.com/ Name: mwsid
Value: 7abc5e5bd5e29998d0305b95d78a5d2c
.page.messagesystems.com/ Name: __cf_bm
Value: 5oLi.PkSz_lR23p61aZgkUWtFHjSYHe.4VRPVTUAz4Q-1697786474-0-AflFBqQnPPI+CIscJayNqGfiodUmgOhwyFstM7yeVYwLytKiyuOs9PtCL0bpA/KsKnB0lKZiM6qC7GFFKatAbwI=
.pages.messagesystems.com/ Name: __cf_bm
Value: 885WKrru57_vNXFB0Scz5b1Xp8qosUhWATqcY3I5HmI-1697786475-0-ATgPlup33c/7iEo1OJN5xfWv11D3kMujttm52sf9aBEmdJ8osGpbKgXV3lBWzOhlMnffWoR5M0XeF5ZBw9j0j5w=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self';

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
forwardbuildinfo.com
p.typekit.net
page.messagesystems.com
pages.messagesystems.com
use.typekit.net
104.17.70.206
104.17.71.206
2a00:1450:4001:813::200a
2a00:1450:4001:831::2003
2a02:26f0:480:f::213:7ee1
2a02:26f0:780::210:a419
2a06:98c1:3121::3
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
5f6bfe520e27576453be349c7b02c5d96dec349072af33f354091a245ea993f1
6aa5eb37816b5764af68c24f234b382667ca5d245e7497e99ed59535e6760de5
886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd
9668b0c3c85860a5076c86e27f0c909818a3a9f4e36d571f8dbeb806e6e8fbd6
99d0388709934bcd6d5b15593ff6ae1cd861227ae91eb7bf1c877ad755ea9606
a30b3fccd80860e343c6d0276c3465bbcbe59f86edfbaea684e24be97f71838e
a984d7ef4317cb2f714685b0f513e46fc101609d5eb3fb3c10cf683b9cfbe6f0
b8093f7c49609965efb7a272e8f9c7f06cb075a5f3aa59c1c693e4cc05e4fc25
bf606dde83953200f7a283f5b383deceed5d9eb4abd066d1134c9885342bd997
db5d64a9ea32ed3abb874f295003ef2465cecc2f669efe951930e182c34a5013
db64e77d65ed5ee91b9ebb97547c41e5241ffb3a5459358b7325c8afd0752e40
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615