Email Campaign Cloaking
Multi-layer scanner detection with SafeLinks bypass, pre-click analysis, and JS challenge protection. Track real opens, not scanner noise.
IP-Range Detection
Blocks Microsoft, Proofpoint, Mimecast, Barracuda scanner IPs
SafeLinks Bypass
Detects server-side SafeLinks fetches & unwraps encoded URLs
JS Challenge
Catches ~90% of email scanners that don't execute JavaScript
Protection Layers
1
IP Range Check
Microsoft Defender ATP, Azure SafeLinks, Proofpoint, Mimecast, Barracuda CIDR blocks
2
Referer & User-Agent Analysis
Detects SafeLinks server-side fetches, BingPreview, AsyncOS, and 15+ scanner UAs
3
Pre-Click Detection
Identifies scanner-then-user dual-fetch patterns within 5-second windows
4
JS Challenge
Non-JS-capable scanners see a clean safe page; real browsers pass through
5
Outlook-Safe Referers
Whitelists outlook.live.com, outlook.office.com referers for legitimate web users
Quick Start
Campaign Link Format
/c/{campaignId}/{recipientHash}?d={domain}
Hash Recipient
GET /api/hash?email=user@example.com