urlscan.io logo urlscan.io
SecurityTrails logo

www.avanan.com Open in urlscan Pro
2606:2c40::c73c:67fe  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.avanan.com/e3t/Ctc/2H+113/ccGyW04/VWP20H1FLyZdVKxs13399NGzW89-nNw4-m1slN97h0Hy3q3phV1-WJV7CgJLtVS8wRw4kgLcf...
Effective URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%20...
Submission: On May 15 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 69 IPs in 5 countries across 51 domains to perform 215 HTTP transactions. The main IP is 2606:2c40::c73c:67fe, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.avanan.com.
TLS certificate: Issued by GTS CA 1P5 on March 27th 2023. Valid for: 3 months.
This is the only time www.avanan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 57 2606:2c40::c7... 209242 (CLOUDFLAR...)
1 52.222.236.25 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700:e2:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2620:1ec:4e:1... 8075 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
10 2a04:4e42:400... 54113 (FASTLY)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 13.32.27.112 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 142.250.185.226 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 3.33.220.150 16509 (AMAZON-02)
1 18.66.122.59 16509 (AMAZON-02)
9 2.16.187.88 20940 (AKAMAI-ASN1)
1 13.225.78.75 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.112.89 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 146.75.116.157 54113 (FASTLY)
1 2a02:26f0:780... 20940 (AKAMAI-ASN1)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.66.97.49 16509 (AMAZON-02)
4 2a03:2880:f08... 32934 (FACEBOOK)
6 143.204.214.217 16509 (AMAZON-02)
2 45.60.13.212 19551 (INCAPSULA)
1 34.107.254.219 396982 (GOOGLE-CL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2606:2800:234... 15133 (EDGECAST)
1 2600:9000:20e... 16509 (AMAZON-02)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 13.224.194.132 16509 (AMAZON-02)
1 104.244.42.197 13414 (TWITTER)
1 104.244.42.67 13414 (TWITTER)
1 104.26.10.16 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 34.111.208.231 396982 (GOOGLE-CL...)
1 52.222.236.122 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 104.244.42.8 13414 (TWITTER)
4 2a03:2880:f17... 32934 (FACEBOOK)
1 2 54.170.99.83 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:214... 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 52.207.149.245 14618 (AMAZON-AES)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
9 2600:9000:225... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:223... 16509 (AMAZON-02)
2 3.226.139.167 14618 (AMAZON-AES)
1 143.204.210.101 16509 (AMAZON-02)
1 2a04:4e42:600... 54113 (FASTLY)
1 52.2.105.253 14618 (AMAZON-AES)
2 34.202.77.53 14618 (AMAZON-AES)
3 2600:9000:223... 16509 (AMAZON-02)
215 69
57    2606:2c40::c73c:67fe (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
www.avanan.com
1    52.222.236.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-25.fra56.r.cloudfront.net
vidassets.terminus.services
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
3    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2620:1ec:4e:1::69 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
platform.linkedin.com
1    2606:4700::6812:cec9 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn2.hubspot.net
10    2a04:4e42:400::622 (United States)

ASN54113 (FASTLY, US)
fast.wistia.net
6    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
no-cache.hubspot.com
app.hubspot.com
cta-service-cms2.hubspot.com
track.hubspot.com
1    2606:4700::6812:a7c0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscta.net
6    13.32.27.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-112.fra56.r.cloudfront.net
www.gartner.com
1    2606:4700::6812:8e65 (United States)

ASN13335 (CLOUDFLARENET, US)
static.hsappstatic.net
1    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
www.googleadservices.com
2    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    18.66.122.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-59.fra60.r.cloudfront.net
wec-assets.terminus.services
9    2.16.187.88 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-187-88.deploy.static.akamaitechnologies.com
j.6sc.co
c.6sc.co
b.6sc.co
1    13.225.78.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-75.fra2.r.cloudfront.net
lftracker.leadfeeder.com
8    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh6.googleusercontent.com
1    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh5.googleusercontent.com
1    18.66.112.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-89.fra56.r.cloudfront.net
tr.lfeeder.com
3    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    2a02:26f0:780::210:ca7a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net
static.hotjar.com
4    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
6    143.204.214.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-217.fra53.r.cloudfront.net
d10lpsik1i8c69.cloudfront.net
2    45.60.13.212 (United States)

ASN19551 (INCAPSULA, US)
px.spiceworks.com
1    34.107.254.219 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 219.254.107.34.bc.googleusercontent.com
www.influ2.com
1    2606:4700::6812:d9f (United States)

ASN13335 (CLOUDFLARENET, US)
trk.techtarget.com
1    2606:4700::6812:1e49 (United States)

ASN13335 (CLOUDFLARENET, US)
tracking.g2crowd.com
5    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    2600:9000:20eb:3a00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.linkedin.oribi.io
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
3    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    13.224.194.132 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-132.fra2.r.cloudfront.net
d26x5ounzdjojj.cloudfront.net
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.26.10.16 (None, )

ASN13335 (CLOUDFLARENET, US)
settings.luckyorange.net
1    2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    34.111.208.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.208.111.34.bc.googleusercontent.com
ibc-flow.techtarget.com
1    52.222.236.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net
script.hotjar.com
1    2606:4700::6812:18c4 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:7f6e (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsleadflows.net
1    2606:4700::6810:89ce (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6810:78be (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
3    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
4    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    54.170.99.83 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-99-83.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    2a00:1450:4001:830::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
t.influ2.com
3    2600:9000:214f:2800:14:c034:4840:93a1 (United States)

ASN16509 (AMAZON-02, US)
reviews.static.gartner.com
3    2606:4700::6811:d3f3 (United States)

ASN13335 (CLOUDFLARENET, US)
perf.hsforms.com
1    2606:4700::6811:c9cc (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubapi.com
4    52.207.149.245 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-149-245.compute-1.amazonaws.com
com-thebigwillow-prod1.collector.snplow.net
1    2a02:26f0:480:23::1726:629c (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ipv6.6sc.co
9    2600:9000:225e:8e00:f:7ae2:7780:93a1 (United States)

ASN16509 (AMAZON-02, US)
checkpointsoftwaretechnologiesincavanan.widget.insent.ai
2    2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hubspot.com
track.hubspot.com
1    2600:9000:223e:aa00:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)
embed-ssl.wistia.com
2    3.226.139.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-139-167.compute-1.amazonaws.com
bf28149orj.bf.dynatrace.com
1    143.204.210.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-210-101.fra53.r.cloudfront.net
js.pusher.com
1    2a04:4e42:600::622 (United States)

ASN54113 (FASTLY, US)
fast.wistia.com
1    52.2.105.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-105-253.compute-1.amazonaws.com
distillery.wistia.com
2    34.202.77.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-77-53.compute-1.amazonaws.com
pipedream.wistia.com
3    2600:9000:223e:3800:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)
embed-cloudfront.wistia.com
Apex Domain
Subdomains		 Transfer
57 avanan.com
www.avanan.com
2 MB
10 6sc.co
j.6sc.co — Cisco Umbrella Rank: 6710
c.6sc.co — Cisco Umbrella Rank: 9995
ipv6.6sc.co — Cisco Umbrella Rank: 7086
b.6sc.co — Cisco Umbrella Rank: 4613
14 KB
10 wistia.net
fast.wistia.net — Cisco Umbrella Rank: 8134
413 KB
9 insent.ai
checkpointsoftwaretechnologiesincavanan.widget.insent.ai
491 KB
9 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 916
analytics.twitter.com — Cisco Umbrella Rank: 690
syndication.twitter.com — Cisco Umbrella Rank: 1167
163 KB
9 gartner.com
www.gartner.com — Cisco Umbrella Rank: 52909
reviews.static.gartner.com — Cisco Umbrella Rank: 204898
205 KB
8 wistia.com
embed-ssl.wistia.com — Cisco Umbrella Rank: 8080
fast.wistia.com — Cisco Umbrella Rank: 4294
distillery.wistia.com — Cisco Umbrella Rank: 6738
pipedream.wistia.com — Cisco Umbrella Rank: 6703
embed-cloudfront.wistia.com
88 KB
8 cloudfront.net
d10lpsik1i8c69.cloudfront.net
d26x5ounzdjojj.cloudfront.net
210 KB
8 gstatic.com
fonts.gstatic.com
86 KB
8 hubspot.com
no-cache.hubspot.com — Cisco Umbrella Rank: 12633
app.hubspot.com — Cisco Umbrella Rank: 5822
cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 10981
track.hubspot.com — Cisco Umbrella Rank: 2519
forms.hubspot.com — Cisco Umbrella Rank: 4765
10 KB
5 linkedin.com
platform.linkedin.com — Cisco Umbrella Rank: 3866
px.ads.linkedin.com — Cisco Umbrella Rank: 414
www.linkedin.com — Cisco Umbrella Rank: 645
px4.ads.linkedin.com — Cisco Umbrella Rank: 6490
164 KB
4 snplow.net
com-thebigwillow-prod1.collector.snplow.net — Cisco Umbrella Rank: 69295
643 B
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
284 B
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 161
201 KB
3 hsforms.com
perf.hsforms.com — Cisco Umbrella Rank: 13115
1 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 5171
673 B
3 google.com
www.google.com — Cisco Umbrella Rank: 2
673 B
3 techtarget.com
trk.techtarget.com — Cisco Umbrella Rank: 17184
ibc-flow.techtarget.com — Cisco Umbrella Rank: 23993
2 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
stats.g.doubleclick.net — Cisco Umbrella Rank: 91
4 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 390
13 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
66 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 50
3 KB
3 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1039
136 KB
2 dynatrace.com
bf28149orj.bf.dynatrace.com — Cisco Umbrella Rank: 100021
940 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 559
1 KB
2 influ2.com
www.influ2.com — Cisco Umbrella Rank: 57853
t.influ2.com — Cisco Umbrella Rank: 58853
3 KB
2 spiceworks.com
px.spiceworks.com — Cisco Umbrella Rank: 40949
7 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 695
script.hotjar.com — Cisco Umbrella Rank: 957
72 KB
2 googleusercontent.com
lh6.googleusercontent.com — Cisco Umbrella Rank: 487
lh5.googleusercontent.com — Cisco Umbrella Rank: 171
176 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
196 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
9 KB
2 terminus.services
vidassets.terminus.services — Cisco Umbrella Rank: 24964
wec-assets.terminus.services — Cisco Umbrella Rank: 17895
12 KB
1 pusher.com
js.pusher.com — Cisco Umbrella Rank: 18188
18 KB
1 hubapi.com
api.hubapi.com — Cisco Umbrella Rank: 3804
1 KB
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 3457
3 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2372
21 KB
1 hsleadflows.net
js.hsleadflows.net — Cisco Umbrella Rank: 4617
88 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2380
16 KB
1 luckyorange.net
settings.luckyorange.net — Cisco Umbrella Rank: 8978
1 KB
1 t.co
t.co — Cisco Umbrella Rank: 510
379 B
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1034
373 B
1 g2crowd.com
tracking.g2crowd.com — Cisco Umbrella Rank: 9911
1 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 885
5 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 718
15 KB
1 lfeeder.com
tr.lfeeder.com — Cisco Umbrella Rank: 26975
295 B
1 leadfeeder.com
lftracker.leadfeeder.com — Cisco Umbrella Rank: 99787
11 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
266 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 179
18 KB
1 hsappstatic.net
static.hsappstatic.net — Cisco Umbrella Rank: 6135
5 KB
1 hscta.net
js.hscta.net — Cisco Umbrella Rank: 23484
7 KB
1 hubspot.net
cdn2.hubspot.net — Cisco Umbrella Rank: 8945
2 KB
215 51
Domain Requested by
57 www.avanan.com 1 redirects www.avanan.com
10 fast.wistia.net www.avanan.com
fast.wistia.net
9 checkpointsoftwaretechnologiesincavanan.widget.insent.ai www.avanan.com
checkpointsoftwaretechnologiesincavanan.widget.insent.ai
8 fonts.gstatic.com fonts.googleapis.com
7 b.6sc.co www.avanan.com
6 d10lpsik1i8c69.cloudfront.net www.avanan.com
d10lpsik1i8c69.cloudfront.net
6 www.gartner.com www.avanan.com
www.gartner.com
5 platform.twitter.com www.avanan.com
platform.twitter.com
4 com-thebigwillow-prod1.collector.snplow.net d26x5ounzdjojj.cloudfront.net
4 www.facebook.com www.avanan.com
connect.facebook.net
4 connect.facebook.net www.avanan.com
connect.facebook.net
3 embed-cloudfront.wistia.com fast.wistia.net
3 track.hubspot.com
3 perf.hsforms.com www.avanan.com
3 reviews.static.gartner.com www.gartner.com
3 syndication.twitter.com platform.twitter.com
www.avanan.com
3 www.google.de www.avanan.com
3 www.google.com www.avanan.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
www.avanan.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 fonts.googleapis.com www.avanan.com
3 use.fontawesome.com www.avanan.com
use.fontawesome.com
2 pipedream.wistia.com fast.wistia.net
2 bf28149orj.bf.dynatrace.com www.gartner.com
2 match.prod.bidr.io 1 redirects www.avanan.com
2 ibc-flow.techtarget.com trk.techtarget.com
2 cta-service-cms2.hubspot.com js.hscta.net
2 d26x5ounzdjojj.cloudfront.net www.avanan.com
d26x5ounzdjojj.cloudfront.net
2 px.ads.linkedin.com 2 redirects
2 px.spiceworks.com www.googletagmanager.com
www.avanan.com
2 googleads.g.doubleclick.net www.googletagmanager.com
www.googleadservices.com
2 www.googletagmanager.com www.avanan.com
2 cdnjs.cloudflare.com www.avanan.com
www.gartner.com
1 distillery.wistia.com fast.wistia.net
1 fast.wistia.com fast.wistia.net
1 js.pusher.com checkpointsoftwaretechnologiesincavanan.widget.insent.ai
1 embed-ssl.wistia.com
1 forms.hubspot.com js.hsleadflows.net
1 ipv6.6sc.co j.6sc.co
1 c.6sc.co j.6sc.co
1 api.hubapi.com js.hsadspixel.net
1 t.influ2.com www.influ2.com
1 js.hsadspixel.net www.avanan.com
1 js.hs-analytics.net www.avanan.com
1 js.hsleadflows.net www.avanan.com
1 js.hs-banner.com www.avanan.com
1 script.hotjar.com static.hotjar.com
1 stats.g.doubleclick.net www.google-analytics.com
1 settings.luckyorange.net d10lpsik1i8c69.cloudfront.net
1 analytics.twitter.com www.avanan.com
1 t.co www.avanan.com
1 px4.ads.linkedin.com www.avanan.com
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io snap.licdn.com
1 app.hubspot.com www.avanan.com
1 tracking.g2crowd.com www.avanan.com
1 trk.techtarget.com www.avanan.com
1 www.influ2.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 tr.lfeeder.com www.avanan.com
1 lh5.googleusercontent.com www.avanan.com
1 lh6.googleusercontent.com www.avanan.com
1 lftracker.leadfeeder.com www.avanan.com
1 j.6sc.co www.avanan.com
1 wec-assets.terminus.services www.avanan.com
1 match.adsrvr.org www.avanan.com
1 www.googleadservices.com www.avanan.com
1 static.hsappstatic.net www.avanan.com
1 js.hscta.net www.avanan.com
1 no-cache.hubspot.com www.avanan.com
1 cdn2.hubspot.net www.avanan.com
1 platform.linkedin.com www.avanan.com
1 vidassets.terminus.services www.avanan.com
215 75
Subject Issuer Validity Valid
www.avanan.com
GTS CA 1P5		 2023-03-27 -
2023-06-25		 3 months crt.sh
*.terminus.services
Amazon RSA 2048 M01		 2023-02-22 -
2023-11-14		 9 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
use.fontawesome.com
GTS CA 1P5		 2023-05-06 -
2023-08-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
platform.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-05-10 -
2023-11-10		 6 months crt.sh
hubspot.net
Cloudflare Inc ECC CA-3		 2023-04-06 -
2024-04-05		 a year crt.sh
fast.wistia.net
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-28 -
2023-10-30		 a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2023-02-05 -
2024-02-05		 a year crt.sh
www.gartner.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-02-05		 a year crt.sh
hsappstatic.net
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
6sc.co
R3		 2023-03-11 -
2023-06-09		 3 months crt.sh
*.leadfeeder.com
Amazon RSA 2048 M02		 2023-02-28 -
2024-02-01		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.lfeeder.com
Amazon RSA 2048 M01		 2023-03-22 -
2024-04-19		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-21 -
2023-05-22		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
imperva.com
GlobalSign Atlas R3 DV TLS CA 2023 Q1		 2023-01-25 -
2023-07-24		 6 months crt.sh
influ2.com
GTS CA 1D4		 2023-04-09 -
2023-07-08		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-06 -
2023-11-06		 a year crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01		 2023-02-24 -
2023-08-06		 5 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
ibc-flow.techtarget.com
GTS CA 1D4		 2023-04-03 -
2023-07-03		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
t.influ2.com
GTS CA 1D4		 2023-05-06 -
2023-08-04		 3 months crt.sh
reviews.static.gartner.com
Amazon RSA 2048 M02		 2023-03-16 -
2024-04-13		 a year crt.sh
hubapi.com
Cloudflare Inc ECC CA-3		 2023-04-07 -
2024-04-06		 a year crt.sh
com-thebigwillow-prod1.collector.snplow.net
Amazon RSA 2048 M01		 2023-02-21 -
2023-12-10		 10 months crt.sh
*.widget.insent.ai
Amazon RSA 2048 M01		 2023-03-01 -
2024-03-29		 a year crt.sh
*.wistia.com
Amazon RSA 2048 M01		 2023-01-31 -
2024-02-29		 a year crt.sh
*.bf.dynatrace.com
Amazon RSA 2048 M02		 2023-03-01 -
2024-01-07		 10 months crt.sh
js.pusher.com
Amazon RSA 2048 M01		 2023-04-13 -
2024-05-11		 a year crt.sh
fast.wistia.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-28 -
2023-10-30		 a year crt.sh

This page contains 10 frames:

Primary Page: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Frame ID: F9D917EE12AE00F21C154A463665DFCD
Requests: 173 HTTP requests in this frame

Frame: https://fast.wistia.net/embed/iframe/qu48rtya1h
Frame ID: 3F972DC7299759BC33905F593321E606
Requests: 17 HTTP requests in this frame

Frame: https://www.gartner.com/reviews/public/Widget/data?widget_id=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy&size=large
Frame ID: 9F31FFF09955F9FD5DF8E65D440D0F0D
Requests: 6 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.avanan.com
Frame ID: 6B28F7C4DEA5486A9F4CB9793345A5A9
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Frame ID: 78E6E92AB4CA2560A7CCD79C6F9033D1
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Frame ID: A4E6051175D5074960A003C0269F18A6
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1d91136d3caac8%26domain%3Dwww.avanan.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.avanan.com%252Ff1b07b0835f2f84%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&width=120
Frame ID: C24F435A9E717D14857608C27C384E4C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc3a3abe80282c%26domain%3Dwww.avanan.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.avanan.com%252Ff1b07b0835f2f84%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&width=120
Frame ID: 5FEBAC5E741FB26C09524F86B0634CD7
Requests: 1 HTTP requests in this frame

Frame: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/?project_key=p2xERwhuLXXni4npvQaI&blog_url=www.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&event_listener=rDBPuwRBrgR8nX3&hubspot_cookies=[%22cd36c575b67e59e38da6947e65770bad%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
Frame ID: 1C73F98B03660A63930EFC982681012A
Requests: 9 HTTP requests in this frame

Frame: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=e708588
Frame ID: 7DF4DCD9C90CB9B39C63D01BF3D4E05C
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Gmail SMTP Relay Service Exploit

Page URL History Show full URLs

  1. https://www.avanan.com/e3t/Ctc/2H+113/ccGyW04/VWP20H1FLyZdVKxs13399NGzW89-nNw4-m1slN97h0Hy3q3phV1-W... Page URL
  2. https://www.avanan.com/events/public/v1/encoded/track/tc/2H+113/ccGyW04/VWP20H1FLyZdVKxs13399NGzW89... HTTP 307
    https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 75%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • //platform\.linkedin\.com/in\.js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

215
Requests

98 %
HTTPS

61 %
IPv6

51
Domains

75
Subdomains

69
IPs

5
Countries

5483 kB
Transfer

13147 kB
Size

54
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.avanan.com/e3t/Ctc/2H+113/ccGyW04/VWP20H1FLyZdVKxs13399NGzW89-nNw4-m1slN97h0Hy3q3phV1-WJV7CgJLtVS8wRw4kgLcfW1TVMFh48D3SKW4p6snp7_sJrVW3hhKLR7_NnzbW2KGvwb7G_439W2j4rQK6884kbVr562n4j_-J4W3gfVqm1PZ3xmW2qyn625zkQkMW1zMSMM94CmNYW2JszMn7zw5SbV8xR5K7lC6h1W2rbZd13zxJgQW33f-Ty4G6vwtW3bYsJX6V6_GBW3HxFhl5WqmpjW8QlG5M7hFyFJVPVT4G8_TDVLW77wpTJ5wSt-HW3wWFKk1T45vFW4dJxJp2KK5dzW8fCpnc3WRwklV65Mpz6_hM0WW8gbb3-7_9VCwW4nKhDT5sdpM5W98K7Wc1rwy2qW3MXpKY8xrnWFW9hzSww6RPzRq3by31 Page URL
  2. https://www.avanan.com/events/public/v1/encoded/track/tc/2H+113/ccGyW04/VWP20H1FLyZdVKxs13399NGzW89-nNw4-m1slN97h0Hy3q3phV1-WJV7CgJLtVS8wRw4kgLcfW1TVMFh48D3SKW4p6snp7_sJrVW3hhKLR7_NnzbW2KGvwb7G_439W2j4rQK6884kbVr562n4j_-J4W3gfVqm1PZ3xmW2qyn625zkQkMW1zMSMM94CmNYW2JszMn7zw5SbV8xR5K7lC6h1W2rbZd13zxJgQW33f-Ty4G6vwtW3bYsJX6V6_GBW3HxFhl5WqmpjW8QlG5M7hFyFJVPVT4G8_TDVLW77wpTJ5wSt-HW3wWFKk1T45vFW4dJxJp2KK5dzW8fCpnc3WRwklV65Mpz6_hM0WW8gbb3-7_9VCwW4nKhDT5sdpM5W98K7Wc1rwy2qW3MXpKY8xrnWFW9hzSww6RPzRq3by31?_ud=95a8c8c5-e832-4df8-a561-249e8802da0b&_ch=p&_pr2=p&_pl=3&_lg=en-US,en&_dr=p&_ts=p HTTP 307
    https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 106
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=110528&time=1684136975445&url=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D110528%26time%3D1684136975445%26url%3Dhttps%253A%252F%252Fwww.avanan.com%252Fblog%252Fthe-gmail-smtp-relay-service-exploit%253Futm_campaign%253DCampaign%252520-%252520Gmail%252520Enterprise%252520US%2525205%25252F9%252520-%252520FY23%2526utm_medium%253Demail%2526_hsmi%253D256999519%2526_hsenc%253Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%2526utm_content%253D256999519%2526utm_source%253Dhs_automation%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=110528&time=1684136975445&url=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=110528&time=1684136975445&url=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&liSync=true&e_ipv6=AQLF362UaKO4IQAAAYgeYt2TDBHdEieg_CovIFsg2VPuOJrT27ldwlE7aKESwzed
Request Chain 132
  • https://match.prod.bidr.io/cookie-sync/tbw HTTP 303
  • https://match.prod.bidr.io/cookie-sync/tbw?_bee_ppp=1

215 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VWP20H1FLyZdVKxs13399NGzW89-nNw4-m1slN97h0Hy3q3phV1-WJV7CgJLtVS8wRw4kgLcfW1TVMFh48D3SKW4p6snp7_sJrVW3hhKLR7_NnzbW2KGvwb7G_439W2j4rQK6884kbVr562n4j_-J4W3gfVqm1PZ3xmW2qyn625zkQkMW1zMSMM94CmNYW2JszMn7...
www.avanan.com/e3t/Ctc/2H+113/ccGyW04/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/e3t/Ctc/2H+113/ccGyW04/VWP20H1FLyZdVKxs13399NGzW89-nNw4-m1slN97h0Hy3q3phV1-WJV7CgJLtVS8wRw4kgLcfW1TVMFh48D3SKW4p6snp7_sJrVW3hhKLR7_NnzbW2KGvwb7G_439W2j4rQK6884kbVr562n4j_-J4W3gfVqm1PZ3xmW2qyn625zkQkMW1zMSMM94CmNYW2JszMn7zw5SbV8xR5K7lC6h1W2rbZd13zxJgQW33f-Ty4G6vwtW3bYsJX6V6_GBW3HxFhl5WqmpjW8QlG5M7hFyFJVPVT4G8_TDVLW77wpTJ5wSt-HW3wWFKk1T45vFW4dJxJp2KK5dzW8fCpnc3WRwklV65Mpz6_hM0WW8gbb3-7_9VCwW4nKhDT5sdpM5W98K7Wc1rwy2qW3MXpKY8xrnWFW9hzSww6RPzRq3by31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
false
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
MISS
cf-ray
7c79c8f8bd9f9219-FRA
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html;charset=utf-8
date
Mon, 15 May 2023 07:49:34 GMT
last-modified
Mon, 15 May 2023 07:49:34 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BhrOw%2B%2FVOvYrqH5Fm0pqinpa3eDD7Xp7kELN9QCW7FkfRu5XQkzQ%2FIWQV1hzPERaag19INnCXBqcWy6QnFvkWJxlc1Y3xscrdJZ%2Fjtq3jOsNsjIDJeq1UVjAN5kQmcF%2FtnQ9CZGtMmto49XC"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
origin, Accept-Encoding
x-envoy-upstream-service-time
4
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/event-tracking-td/envoy-proxy-bfbdbbbf5-ppgvn
x-evy-trace-virtual-host
all
x-hs-https-only
worker
x-hubspot-correlation-id
2ee45251-15be-4718-8ad7-5f485dd35b25
x-request-id
e9971616-aa03-4dfc-8fb6-225b0f2d14cf
x-robots-tag
none
Primary Request the-gmail-smtp-relay-service-exploit
www.avanan.com/blog/
Redirect Chain
  • https://www.avanan.com/events/public/v1/encoded/track/tc/2H+113/ccGyW04/VWP20H1FLyZdVKxs13399NGzW89-nNw4-m1slN97h0Hy3q3phV1-WJV7CgJLtVS8wRw4kgLcfW1TVMFh48D3SKW4p6snp7_sJrVW3hhKLR7_NnzbW2KGvwb7G_439...
  • https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVu...
95 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/e3t/Ctc/2H+113/ccGyW04/VWP20H1FLyZdVKxs13399NGzW89-nNw4-m1slN97h0Hy3q3phV1-WJV7CgJLtVS8wRw4kgLcfW1TVMFh48D3SKW4p6snp7_sJrVW3hhKLR7_NnzbW2KGvwb7G_439W2j4rQK6884kbVr562n4j_-J4W3gfVqm1PZ3xmW2qyn625zkQkMW1zMSMM94CmNYW2JszMn7zw5SbV8xR5K7lC6h1W2rbZd13zxJgQW33f-Ty4G6vwtW3bYsJX6V6_GBW3HxFhl5WqmpjW8QlG5M7hFyFJVPVT4G8_TDVLW77wpTJ5wSt-HW3wWFKk1T45vFW4dJxJp2KK5dzW8fCpnc3WRwklV65Mpz6_hM0WW8gbb3-7_9VCwW4nKhDT5sdpM5W98K7Wc1rwy2qW3MXpKY8xrnWFW9hzSww6RPzRq3by31
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f695cba501e8b8c76c6138dc39ea38470108b7974852832dcdae4fed1c80752
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.avanan.com/e3t/Ctc/2H+113/ccGyW04/VWP20H1FLyZdVKxs13399NGzW89-nNw4-m1slN97h0Hy3q3phV1-WJV7CgJLtVS8wRw4kgLcfW1TVMFh48D3SKW4p6snp7_sJrVW3hhKLR7_NnzbW2KGvwb7G_439W2j4rQK6884kbVr562n4j_-J4W3gfVqm1PZ3xmW2qyn625zkQkMW1zMSMM94CmNYW2JszMn7zw5SbV8xR5K7lC6h1W2rbZd13zxJgQW33f-Ty4G6vwtW3bYsJX6V6_GBW3HxFhl5WqmpjW8QlG5M7hFyFJVPVT4G8_TDVLW77wpTJ5wSt-HW3wWFKk1T45vFW4dJxJp2KK5dzW8fCpnc3WRwklV65Mpz6_hM0WW8gbb3-7_9VCwW4nKhDT5sdpM5W98K7Wc1rwy2qW3MXpKY8xrnWFW9hzSww6RPzRq3by31
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
s-maxage=10800, max-age=0
cf-ray
7c79c8fada309b63-FRA
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Mon, 15 May 2023 07:49:34 GMT
edge-cache-tag
CT-71610396684,CG-4153530738,P-1835778,L-6416153737,CW-10828273430,CW-10828758285,CW-11124227288,CW-38920737000,E-5097885803,E-6067151804,E-6073351973,E-6073918834,E-6084513730,E-6476923280,PGS-ALL,SW-2,B-4153530738
etag
W/"ed7ae411da098acff68ae39b624373a5"
last-modified
Sat, 13 May 2023 18:32:50 GMT
link
</hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js>; rel=preload; as=script,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script,</hs/hsstatic/AsyncSupport/static-1.122/js/post_listing_asset.js>; rel=preload; as=script
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mTSqYydXM%2BScxga1yV%2FKiesxdx8CVqyGYHVaK1F8oK3TluxB%2B08WSzMeiTM3EsP2ajlP8efNoiARIAIWy%2FL%2FPqmgBtYDtZt%2FNJ2bIC9BhnaxbffwNNtpJENKTFgCRuZlWkdiwK9F7bVZoGk3"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-hs-cache-config
BrowserCache-5s-EdgeCache-180s
x-hs-cache-control
s-maxage=10800, max-age=0
x-hs-cf-cache-status
REVALIDATED
x-hs-content-id
71610396684
x-hs-https-only
worker
x-hs-hub-id
1835778
x-hs-prerendered
Sat, 13 May 2023 18:32:50 GMT

Redirect headers

access-control-allow-credentials
false
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
MISS
cf-ray
7c79c8f9bebe9219-FRA
content-security-policy
upgrade-insecure-requests
date
Mon, 15 May 2023 07:49:34 GMT
link
<https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation>; rel="canonical"
location
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mR5ZewxdmISFUOYG20c%2F5NOUfbcRrT5eX8QDmmCrt1iHLMngzgPp8ChJWNqWsO6Ag7gUfTKWnCvF7ayMI0K39BGGGH%2Fxl6eSOC8MAxesdbSjc2iLIpZcEyVYC19iIBBxpR4%2FEdJLNhY5RthA"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
origin, Accept-Encoding
x-envoy-upstream-service-time
29
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/event-tracking-td/envoy-proxy-bfbdbbbf5-slx9b
x-evy-trace-virtual-host
all
x-hs-https-only
worker
x-hubspot-correlation-id
342fad39-42c6-4020-bf67-bf5640d2324e
x-request-id
1e05a9e5-080b-4d53-bf0a-cc355eefae01
x-robots-tag
none
index.js
www.avanan.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd5e0c3a0682f03217f201588e51e77bf778d5506224074918f505423f0e25a2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:34 GMT
strict-transport-security
max-age=31536000
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
age
2046263
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
inhS2tX2f2C4tITR3p2haS.uhsvA9eGz
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 21 Apr 2023 15:17:56 GMT
server
cloudflare
etag
W/"0bbd63c0750f141fd5cec04a9393647e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mhLpje8QZQzSl9aL6%2BksUevbplQO1953iFkfBOAPDYeqeci%2Bcy4Nd5yw%2BA6du9qkfbXaqfT82vn42LEQ9HkGnzKXlSmQvIkf0h6c63yfhYjFKn3hDKoCup7MWzr1kCg0evu45acSoGTJ%2FgE6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7c79c8fb8b4c9b63-FRA
x-amz-cf-id
kYirOZfoHQXeyAOg4VhVOBcOLxa_7X0NxADbW-vas0QAqsDyQkWkww==
expires
Tue, 14 May 2024 07:49:34 GMT
project.js
www.avanan.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:34 GMT
strict-transport-security
max-age=31536000
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
age
5462459
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 09 Nov 2021 16:12:42 GMT
server
cloudflare
etag
W/"61ca66de658cab9587e4636894680d5d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2FIAiK28DHzWistd3EgjP4STG%2BMac7I2qWTUJJWq2Mu00P%2FAexFUu56iJNuwVAvqWud%2FDlmcEixYlKF2o3bbNPMAOtuhIyk%2FhBKELZhpSQxmFmg98b3Z2DXHGylLXq3MH4sorsSzIUluFnh5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7c79c8fb8b4d9b63-FRA
x-amz-cf-id
n-wCgFq_tXu75HdwN5yHV7QlFUeiN9b92x8cHfArPXJP-lfFO3xe7Q==
expires
Tue, 14 May 2024 07:49:34 GMT
post_listing_asset.js
www.avanan.com/hs/hsstatic/AsyncSupport/static-1.122/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs/hsstatic/AsyncSupport/static-1.122/js/post_listing_asset.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e7902d12bed414b23fd30c7019fc0fe08d03b14984beb21e486aaa59135f803
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:34 GMT
strict-transport-security
max-age=31536000
via
1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
age
18628420
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
nC1hzr07YsutChb9rCwKsMoiyxip8lR7
content-encoding
br
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 17 Dec 2021 15:26:10 GMT
server
cloudflare
etag
W/"d95d7dafd49a1edc76a47120c287b579"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tnN0K17KRiZTziiEdAjXR62m03Ee7%2F03sae20Sb6kfhvhdmcqmZ5iGUZtSwTCCHM13KeU%2BHvtBmAH3xcUHer%2FGjICoqXSQaXSG%2FJrfFcVGOjU98hHU1ATCMY3IJWTzDI%2BL2gBE36SyyscMcx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7c79c8fb8b4e9b63-FRA
x-amz-cf-id
H2FzaIgT4Ve-S5ukd264Mymd3qgGrzWYdvg8sTRyYoAf2G0SpnDGEQ==
expires
Tue, 14 May 2024 07:49:34 GMT
jquery-1.11.2.js
www.avanan.com/hs/hsstatic/jquery-libs/static-1.4/jquery/ 		94 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:34 GMT
strict-transport-security
max-age=31536000
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
age
19208407
x-amz-cf-pop
FRA6-C1
x-amz-version-id
null
content-encoding
br
x-cache
Hit from cloudfront
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 08 Jan 2015 18:08:00 GMT
server
cloudflare
etag
W/"5790ead7ad3ba27397aedfa3d263b867"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3wYs2dxtyukwf0gwppVWwerZCs%2FUaS%2B8dTBgwvcATjr5%2Bf69QDu4E1VBO3LH5l2bo1hyTde%2FvjVZHigIwPhaauxIoQTCODYbAOyHoUmumjjcXdHSKa2wM1IUd3bBYxozPEpf9AiBHoMmpb5%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7c79c8fb8b509b63-FRA
x-amz-cf-id
pVS8A_Fv2xLODDpokn5uxFcZdqZ3OD5Rtp9Oo6jqTZwygHnSe3riJw==
expires
Tue, 14 May 2024 07:49:34 GMT
module_38920737000_header-NEW.min.css
www.avanan.com/hs-fs/hub/1835778/hub_generated/module_assets/38920737000/1681309170918/ 		350 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs-fs/hub/1835778/hub_generated/module_assets/38920737000/1681309170918/module_38920737000_header-NEW.min.css
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a28a88a058bb32f3fff988c31380f2392939d9c4d1bf38b32f531969a02a33de
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
age
994
x-amz-request-id
NKGHZFB8V39YC4PV
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
etag
W/"d03acb35e50d52eba2de45e92772724e"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1681309170918
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Mon, 15 May 2023 07:49:34 GMT
strict-transport-security
max-age=31536000
via
1.1 b4f7307b0bd82e33fcc14ab1b84bcd7c.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
hT0f6.QOyMD0hG5YoANQz24oY47hRaaz
x-amz-cf-pop
IAD12-P2
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
nHsr09uNn/lND2VWGtjL2St1Vm3dul1aDgDGieoQNrkmmNYB5riDJSdKym5Qyu80I7Fp7E23Tz8=
last-modified
Wed, 12 Apr 2023 14:19:31 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z0IzyIGi8bSIxa0%2BuaPiWT49AQ9jfNe7w9EHZcP6mdaXu1lQM5sZi6v2dIPB5W7qMfgeFY%2BsNAcMycCFU0TIMev3Bom3ZnETagDhHoIssvNIe1NuvN3nQkLpvVVLDZsF0YXdtY%2F7UmUvwByp"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
false
cf-ray
7c79c8fb9b5d9b63-FRA
x-amz-cf-id
sWX4pyRfYSBsoczKlaHe6h8vn_-l3DpKnZDwvK1P5f_tfdF2_jk_ww==
reset.min.css
www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/6067151804/1577975558437/Custom/jacob_redesign/css/ 		760 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/6067151804/1577975558437/Custom/jacob_redesign/css/reset.min.css
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
97152508df33871d78e6d8595480ac6c5cf8f2feb1fc1ef7fd2ef7a0517810c7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-request-id
0Z59M5NSMTT8QXJ1
x-evy-trace-route-service-name
envoyset-translator
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener
listener_https
etag
W/"dd216fc74c067413933b3c64bb975273"
vary
origin, Accept-Encoding
content-type
text/css
x-evy-trace-virtual-host
all
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Mon, 15 May 2023 07:49:34 GMT
strict-transport-security
max-age=31536000
via
1.1 2959f5d118b77b5c8e1e086d4a1147c6.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
adg6Tcxw8bHaHALCZHMiZcGnIuL6f9nZ
x-amz-cf-pop
IAD12-P2
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
105
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
OwFFVSnA/gL76Y1cteJAeBdF9C/K/G4i+3LoOrGEa5VOrxri7KrVw4uIL1FHusvkke9pR7XNc2Q=
x-request-id
f71a1dbe-2830-400f-99f2-7508290616b4
x-evy-trace-route-configuration
listener_https/all
last-modified
Thu, 02 Jan 2020 14:32:39 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2sb18A7nprrV8feg1RTchaYpFjM%2FZwmMMna0arIYP62GEMZuFWn%2FW8NEaS58AzjYgeC3vXLeQOPoM51Vb7vr0Ty8DoOLM1Z4uoUKjoLICfrmLBCbJmm6cAq%2B%2BcsO%2FpH6P7WIAxLx6XWdIjx6"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-55b7d448b-fwhk5
access-control-allow-credentials
false
cf-ray
7c79c8fb9b5f9b63-FRA
x-amz-cf-id
UlGuuspLdhNVciKEi694tRfQzELgn1d5BKQWRWflD0mER9KW0Q2Xmg==
module_11124227288_updated_blog_body.min.css
www.avanan.com/hs-fs/hub/1835778/hub_generated/module_assets/11124227288/1683298028261/ 		5 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs-fs/hub/1835778/hub_generated/module_assets/11124227288/1683298028261/module_11124227288_updated_blog_body.min.css
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb73cc89830d3824b5c588849b29a5d4bad5b71108ba60e17bad3e6276dd5f7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-request-id
5KXGZXQ954S6DQ28
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener
listener_https
etag
W/"34740dad57e89fd2749c7cdb3497cb09"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1683298028261
content-type
text/css
x-evy-trace-virtual-host
all
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Mon, 15 May 2023 07:49:34 GMT
strict-transport-security
max-age=31536000
via
1.1 e880df37740c4e68e519f8478d14cb88.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
HyZl6ue_xg82nZe3wq8kD7rN5WNVoPQi
x-amz-cf-pop
IAD89-P2
x-hs-alternate-content-type
text/plain
x-cache
Miss from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
283
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
QUdKaifwgALJwcbBazm5pJx4O3NB71W5gPm2uydyxcoxJ92y21GMNk7bd8LO4ZczIh/mOHpXUII=
x-evy-trace-route-configuration
listener_https/all
x-request-id
22a796fa-bd48-48a6-b057-5ded8eba0994
last-modified
Fri, 05 May 2023 14:47:09 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=97o8rHy6G8IKq%2F06vVTnRu40P2gyKpoThhHh%2Fb09d6qcUWj53LHWV0XDDoUqcvUaRJZu011v%2Fz2kZAwGo8BPr1%2FbFnzVYRuQFimQFm80uKrN4VmUTiY2NaKmL3pTIj16tglrWgX2Kt1Nhzyd"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-55b7d448b-fwhk5
access-control-allow-credentials
false
cf-ray
7c79c8fb9b609b63-FRA
x-amz-cf-id
rSfEIDDPqTFcxLmxoDZA6UZnet_1Zpw6Q8k6lw6CFoJtb3GGHSn5Uw==
project.css
www.avanan.com/hs/hsstatic/BlogSocialSharingSupport/static-1.16/bundles/ 		720 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs/hsstatic/BlogSocialSharingSupport/static-1.16/bundles/project.css
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf3e0ecae28a70c5e010c24c160321243efe54f497d49a6a8f31ca12ee7eb972
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:34 GMT
strict-transport-security
max-age=31536000
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
age
4825819
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
7bzlyDLBPgFUhJmnx6rYCRN4B2XAfbkA
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 19 Aug 2020 22:47:10 GMT
server
cloudflare
etag
W/"a81c70764750950eb72d4537c41e781f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZn35Esh3HzdPdBs2A%2BEhI5ZWX9W2Ryfji%2FZ4Czn5xdHnvf1rNGmwr1nBfv8f0gXSBDGhIHCXSBtxsCYAqx1Xv5%2BM8HqKNBCkY0SRR4DAT7cu3qVyZMo7havL9%2FWpraBGa8XSOKDtvGsKQTW"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
7c79c8fb9b619b63-FRA
x-amz-cf-id
E6YACCAf6XfMyqS4rcY7Mdl4lMYrTylswQRhRujSOqY_Coj1GU2oLg==
expires
Tue, 14 May 2024 07:49:34 GMT
rss_post_listing.css
www.avanan.com/hs/hsstatic/AsyncSupport/static-1.122/sass/ 		910 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs/hsstatic/AsyncSupport/static-1.122/sass/rss_post_listing.css
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
723fbf8d73cd4e75f64f7d21558585aa1658b11332e87bd288f6987e398ecfb4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:34 GMT
strict-transport-security
max-age=31536000
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
age
9506462
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
YluxiXaQWSQWC28IUPv3NXYXDi68ylxl
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 17 Dec 2021 15:26:10 GMT
server
cloudflare
etag
W/"e1b521ec14a912d6d385c21388ec7d79"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y58TZBhLsjskNwjnqaY4xr%2FjWDsKeBeqt2MguM0ZsdHCwCcUhYiVxaSvQlEH646HBwErIXUrHEDBPziRm2aEgX%2FAdT6MjUbm4J1Mbw%2BD1ZAr8qJh%2FXEygHSBemtc%2FP5Yw4KdYWI4AojhQYgD"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
7c79c8fb9b659b63-FRA
x-amz-cf-id
7niHb3hMyBb4ZghZhzD3WYj7qf8oArAWjTAM0lDWqHozjYfMf6Mfig==
expires
Tue, 14 May 2024 07:49:34 GMT
module_10828758285_updated-blog-cta-banner.min.css
www.avanan.com/hs-fs/hub/1835778/hub_generated/module_assets/10828758285/1681233594853/ 		43 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs-fs/hub/1835778/hub_generated/module_assets/10828758285/1681233594853/module_10828758285_updated-blog-cta-banner.min.css
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c5109ab0fecc5ef21cc3eddf9e5e66741feb3c03a08c0c5d12a153bffe56a4d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-amz-request-id
YGK6XKRV5SEWXVXC
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener
listener_https
etag
"5c9c72ede880a71bcb77cbc90d5183e2"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1681233594853
content-type
text/css
x-evy-trace-virtual-host
all
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Mon, 15 May 2023 07:49:34 GMT
strict-transport-security
max-age=31536000
via
1.1 b63906e2da6fa6b0ef48be29690d7a98.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
ltjXTsnFD2W5CxxF4UctYebNy2UB5hTD
x-amz-cf-pop
IAD12-P2
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
111
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
x-amz-id-2
kB0iyL+NKGyLQRGS4gRaACthz0jvVQ01thA9D9pMP+upRFczcC3RoGrSru8sIHqqju7N3/UD9yw=
x-evy-trace-route-configuration
listener_https/all
x-request-id
6bf716e0-d61c-408a-8d43-6bab5b8dd4b7
last-modified
Tue, 11 Apr 2023 17:19:55 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rd8SGvAF2iUgmzWTcVyewZMBPZosHdr3JW%2FX8BomqZom5YPn2NL54wNgwYjslybRdYQymh8DjgBeXpwFfsSrd3Hvphcpc5k13BcA%2FeNjiBX1IDhwhd%2BQCcQPYfSNYISghJI1KCZy3ehuIQkI"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-55b7d448b-rwfnd
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
7c79c8fb9b679b63-FRA
x-amz-cf-id
RCYCFN-zg-LvjoJKD_YWZ9pg5GU3iDT-W-dc_s6y6XSIX8ZRJVAEwA==
module_10828273430_updated-blog-footer.min.css
www.avanan.com/hs-fs/hub/1835778/hub_generated/module_assets/10828273430/1681233744378/ 		1022 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs-fs/hub/1835778/hub_generated/module_assets/10828273430/1681233744378/module_10828273430_updated-blog-footer.min.css
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a6284f5e68fe70bb17c9aecb532fdb513b37ec0096d21e9a7231fbcfeda6794
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:34 GMT
strict-transport-security
max-age=31536000
via
1.1 0501dadffc52b06a0cf6aadc57586acc.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD89-P1
x-amz-request-id
4KYS5ATJHTRT72SX
x-amz-server-side-encryption
AES256
x-amz-version-id
t.xmjVBLpB.BylnQD5kN_qjPsk0xLKEI
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
content-encoding
br
x-amz-replication-status
PENDING
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
WEfCjp3VFvfpkrMfw2WhCluFDGGSKc4NjblA5yF6M77wS7yBN7bNcSUVUmjU0HFCqB2MWdQ8oFo=
last-modified
Tue, 11 Apr 2023 17:22:25 GMT
server
cloudflare
etag
W/"0db2aa71f1f3b6937b6f53dfa6ff0be5"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1681233744378
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DCVGnPU8ZMh%2Fith6yhNrGHKito1BCKXvkmMZZHqPYetvIkyeaq48RHerJbA4RlfFoh6wKoLYmloYlznw%2FpCTFkiY5KBVBKx%2FK7i60M6M3%2FUT5FZxcGd%2F2HkToOKD%2BpxDKJ5eqd8aKvZaYcz4"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
cf-ray
7c79c8fb9b699b63-FRA
x-amz-cf-id
mF-VtMa_NcB5ljTzOTviU4zGvLN6ZfPpG-25rnFW0Xu2UQ9rnSgBiQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
t.js
vidassets.terminus.services/f3f76756-1d1f-4392-b34d-e3ac799fbf5d/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidassets.terminus.services/f3f76756-1d1f-4392-b34d-e3ac799fbf5d/t.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-25.fra56.r.cloudfront.net
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9178d19c46b5a36fc8d4de24aa7fef3b62e7f69c259f4e81ee3f2d5aba263216
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 15 May 2023 07:41:06 GMT
via
1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
745
x-cache
Hit from cloudfront
last-modified
Tue, 25 Apr 2023 14:50:08 GMT
server
nginx/1.10.3 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
cache-control
public, s-maxage=2700
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization
x-amz-cf-id
r79SlB-CQzlVTjktxerjBSxYzWZl_gfpCGANefmSQoDco40hbIKKnA==
js.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.1.4/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.1.4/js.cookie.min.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3636e8810aa8b16828af450174251147977372f0201e77d464c719f110b0924f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1513615
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
767
last-modified
Mon, 04 May 2020 16:11:49 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec5-6c8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bg3QzQ4iVueo8Mveb9py6MXQPftht0dQD6CvQ%2BCdKawuv0%2FZDQeej%2FBiZR1IaGLcRmWGZ%2FnDlwZrLuKOXytHT98Nm8YWts%2BrRwvrhpgjdtzA2I%2BQGmKtkxdqdkWlJaQvQW939MYZdbJgm%2B%2BDqqEX5081"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c79c8fbbde6bbd3-FRA
expires
Sat, 04 May 2024 07:49:34 GMT
all.css
use.fontawesome.com/releases/v5.2.0/css/ 		46 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.2.0/css/all.css
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984

Request headers

Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Origin
https://www.avanan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
TCWYSJXTXK9NNSVS
age
2487688
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
chZIvGi8ZruEIycp6+3ObywrJ86uFzxC8e4bpX9QVh+AN9wUkofAC86QGHl1au6eyx1vR3PmHHY=
last-modified
Wed, 30 Jun 2021 15:41:36 GMT
server
cloudflare
etag
W/"20a9ce516eaea76da29a23adc43e8998"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2BDkYCw3rBFubxSGvrWeDQGHWsBoj1%2FGFItpMPMt0e7M4wLXPMBClEu%2B%2F6WXsWZRipAd7yq5iPrKZp1uKc8a0u%2BmsjkegpODNuP5k8OD54Vmm8Lpsy1vYPvFbR5CaIzmL0UfsEy1T5Jj4Z6nGUOQCyAS"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
7c79c8fbbeb590e6-FRA
css
fonts.googleapis.com/ 		19 KB
942 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900idisplay=swap
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3726f6f71175b54abf48e8863b8634461bcbf34831f7c1b0a1d11e2604782b3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 May 2023 07:49:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 May 2023 07:49:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 May 2023 07:49:34 GMT
in.js
platform.linkedin.com/ 		510 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.linkedin.com/in.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cd565a2cdc1f2f2f6c7b5f409fc5c6a6375cbab92a09a6c4a98868f68d6b62e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-azure-ref-originshield
0Y+JhZAAAAAAZ9LEEhv+oQ6KMkaqccRVWRlJBMjMxMDUwNDE4MDE3ADIyMjZhM2ViLTAxZTAtNDdiZi1hY2EyLTJiMDU4ZGZlYWQ3NQ==
x-cdn
AZUR
x-cdn-client-ip-version
IPV6
x-cache
TCP_HIT
x-cdn-proto
HTTP2
content-length
163642
x-li-uuid
AAX7tie0CFDFPwFU+F6YwA==
x-li-pop
prod-ltx1-x
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
x-li-proto
http/1.1
x-azure-ref
0DuRhZAAAAAA8WtkZLtRkSZwqh7J/EIIKRlJBMzFFREdFMDMyMgAyMjI2YTNlYi0wMWUwLTQ3YmYtYWNhMi0yYjA1OGRmZWFkNzU=
expires
Mon, 15 May 2023 08:10:52 GMT
layout.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1683918710348/hubspot/hubspot_default/shared/responsive/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1683918710348/hubspot/hubspot_default/shared/responsive/layout.min.css
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:cec9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
257855f4e23a1e3d382077b15bfc30971c9c261fc23512c88abfdcda05f28bc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
218202
x-amz-cf-pop
IAD89-C1
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
x-hs-alternate-content-type
text/plain
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
145
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
36cefa2f-33be-488a-9b16-92759b0ee6ba
last-modified
Fri, 12 May 2023 19:11:52 GMT
server
cloudflare
etag
W/"94daf62e7e6df83595c6251fb0c7c055"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1683918711196
x-evy-trace-virtual-host
all
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2y4iM9MwsnikldYRSkbqUV7TUAp6UTnoPsZBgjbTcO%2Be19a%2FYPd6PWO6whRWH37Jt6iHPvyEH0OncHuWt4%2F5hcsG%2B%2FRsGgd0pnOsaH8wHSuvOZ6DfctXIup7eZ6SioGN1jEKxuc2vMQ9dhu8Qps%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-cdn2-td/envoy-proxy-6db9d854cb-qmj5d
cf-ray
7c79c8fbb9b43669-FRA
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
gradient.min.css
www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/5097885803/1577975559034/Custom/system/default/ 		120 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/5097885803/1577975559034/Custom/system/default/gradient.min.css
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
08deb5fb8e8a49d3e598cab0f6c178154648cd6234894569a0987812b19475f3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:34 GMT
strict-transport-security
max-age=31536000
via
1.1 5148e372b4ab17878741ea92be548472.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
x-amz-cf-pop
IAD89-P1
x-amz-request-id
F1H8BDGMC8Q89T06
x-amz-version-id
Np0IHzSsaoWIRo2pA7QSOE6GTgUdVUIS
content-encoding
br
x-cache
Miss from cloudfront
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
l4RV8qoAG24yYuU8INnIhDFaHYWJ2gmOM+A1UsOSzKBUXSxM49SNbIsp32nN6V4StDZ7PPeiQbM=
last-modified
Thu, 02 Jan 2020 14:32:40 GMT
server
cloudflare
etag
W/"336dca61498fc7140b09ba03ed7bf73f"
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zA2xP5RyBIBkLZDF0Yo%2BM8GsQ%2F3kO9rxbKMzYpQI%2FLiLfXN7ufPJHV7CMUNzK15IsdYlBiK%2BNkCm3T%2FSK9zm4Wu69g2hZKBtq%2FRr%2B6x4%2FptNy7eNTl5Rl%2FdWZ8EAVLQeR15LxT08qrWauuCi"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
cf-ray
7c79c8fb9b6b9b63-FRA
x-amz-cf-id
WyoP1YouARx9i13O7fLglVcaa-T81U8nyfzZJZme3FZzpdgUamjT1w==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
template.min.css
www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/6073351973/1577975559219/Custom/jacob_redesign/css/ 		196 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/6073351973/1577975559219/Custom/jacob_redesign/css/template.min.css
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2f55236378ce58c9007518bc29c7b6d7aaef7164131709f04779e5b8886f351
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:34 GMT
strict-transport-security
max-age=31536000
via
1.1 3500e6db5ae43764ed5ca43fc6d56058.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
age
994
x-amz-cf-pop
IAD89-P1
x-amz-request-id
QRX66AD7HN8SFE4K
content-encoding
br
x-cache
Miss from cloudfront
x-amz-version-id
ABHUBETdMVozkIl_oKs14TggQyUad1zX
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
+ePOhpmLrrFBk1V/gZCPTBeyBDUA+OMVC9feXBVkvo9KezCsSeBNYFtGIoHeksfuc4LAcOsH7dw=
last-modified
Thu, 02 Jan 2020 14:32:40 GMT
server
cloudflare
etag
W/"4e54aa341829babde93262e9324b1a61"
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tK9jJwj0uJJKASMEsDjlhpDjC6Bq2IO%2FqB8Pe4t17%2BqBWLvm30ye%2BmmN0xEM7HGf%2BUDChXQHzPRnrUBhh%2BSL%2FvQk0fH%2BT5rg0KGZ8lSTYeTJfVKFW0Z4M1Im51R83L10nR7gKAPRdD8QwMWe"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
cf-ray
7c79c8fb9b6c9b63-FRA
x-amz-cf-id
jtcV0XZyQDwY72o78bgUBzOrKbgqiDP5qCp9p0DnIjcPNJRsiY1Ajg==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
animate.css
www.avanan.com/hubfs/website/code/css/vendor/ 		76 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hubfs/website/code/css/vendor/animate.css
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8150a6e66442996f64560b128d0effe532ed5eabdf0a8c6176c8c4e8ed502e6f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:34 GMT
strict-transport-security
max-age=31536000
via
1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-10555715886,FD-10555825155,P-1835778,FLS-ALL
content-security-policy
upgrade-insecure-requests
age
483503
x-amz-cf-pop
FRA56-P7
x-amz-request-id
7A84T2MAYXTM34E1
content-encoding
br
edge-cache-tag
F-10555715886,FD-10555825155,P-1835778,FLS-ALL
cache-tag
F-10555715886,FD-10555825155,P-1835778,FLS-ALL
x-amz-version-id
DNimaXPyQx0q8PYRQbkCSZdSE0X.bmnJ
x-cache
RefreshHit from cloudfront
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
wMgL+Ji/RMKcAH9gUa7S4IlJcrQXNf22kT1+QPg/rVmbjYV6DIoWvEqjV/ib+kkIFM4usZXcSpI=
last-modified
Tue, 18 Jun 2019 07:24:00 GMT
server
cloudflare
etag
W/"d96b2083b0acbb11911bb4f068158299"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eTB0L42%2BLpSrIv50h%2FsClocSgEeAzxj088l1jIcggG7lxumboKJ8m%2BMDSSlPH3hQUSfSvvAMNzWoSP7d9BejHv5LXBWklBuOJjKS2UEvasg7rL1KVvWspzP%2BsleC4GFz3KL1bd66E56qrk3K"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
cf-ray
7c79c8fb9b6d9b63-FRA
x-amz-cf-id
BPG6G2f-xyMfq2ASU0zBhceHxoGEAxOhnGyseCN6XNcQfEu0i8Pabw==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
hs.megamenu.css
www.avanan.com/hubfs/website/code/css/vendor/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hubfs/website/code/css/vendor/hs.megamenu.css
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4eed62e19ef261a18dade30aac09258399bbead589a04d061bce834f0d5a2bcd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:34 GMT
strict-transport-security
max-age=31536000
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-10555715922,FD-10555825155,P-1835778,FLS-ALL
content-security-policy
upgrade-insecure-requests
age
483502
x-amz-cf-pop
FRA56-P7
x-amz-request-id
VYRK1CDFCFQYHEE7
content-encoding
br
edge-cache-tag
F-10555715922,FD-10555825155,P-1835778,FLS-ALL
cache-tag
F-10555715922,FD-10555825155,P-1835778,FLS-ALL
x-amz-version-id
xY1xlt9wqfq8h7_kClSamJ0VluM_5ZF9
x-cache
RefreshHit from cloudfront
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
vEXF+lobUQvuNx4GBLctGArF31RvcQ8CDqm7+Va9sPQjGLpajY0QsrWGXgLcTrFzZRgxjHC0kPY=
last-modified
Tue, 18 Jun 2019 07:24:00 GMT
server
cloudflare
etag
W/"c46d4ef35d114216ae8c0fe4137c84d5"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XkVATCtVWtGGc%2BwRqZVcyXPrGJnwlVGVyAoHF32xW6ktRrTq4bSyUKnu%2B6JsIKb0KN%2FE2rDlxBXanIaYV8ZNLAOs54%2F9BYsXLYMPfVrc7QBJdtmZmUDOom0F6Bup2On3y8HR%2BKljfC%2FzGhBP"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
cf-ray
7c79c8fb9b6e9b63-FRA
x-amz-cf-id
-HJb1UhzJZHUTYNn8ljG3Fo2iSsCMl8TILf8Oc8X32K3vkImddX61w==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
dzsparallaxer.css
www.avanan.com/hubfs/website/code/css/vendor/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hubfs/website/code/css/vendor/dzsparallaxer.css
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a62430c1506f9d9ecc0bca9ffa39a073d5148f07be4aa54ed4532f9650caf56a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:34 GMT
strict-transport-security
max-age=31536000
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-10555715948,FD-10555825155,P-1835778,FLS-ALL
content-security-policy
upgrade-insecure-requests
age
483503
x-amz-cf-pop
FRA56-P7
x-amz-request-id
PR2D573GT6JZ03CX
content-encoding
br
edge-cache-tag
F-10555715948,FD-10555825155,P-1835778,FLS-ALL
cache-tag
F-10555715948,FD-10555825155,P-1835778,FLS-ALL
x-amz-version-id
OQfzSS0e1XiUHyu7fgd1SQC64WCGDBlx
x-cache
RefreshHit from cloudfront
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
VP7aXXWh7ASNIeEJZyOfv0D8elHeMYXHWYwLUrpvVmnRyIit/8z4hMnlwEBBuOhK5qShN4LI644=
last-modified
Tue, 18 Jun 2019 07:24:00 GMT
server
cloudflare
etag
W/"319d193fcbeb97bbd3c83a72ee3dac65"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2Buk1RvrByxcw90wdWgMB80U32gdlxEa4wbALMjoPWGDZ6hPN38Q2W7hNi7aFTJnPOX8MCAGSfnKqgqsMlTpwM%2BYAgdYE0raSp0ijsjn4h2Ca3FE1hae5el0Fc0buHJ0kUohdCzQrzB4Qwvq"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
cf-ray
7c79c8fb9b6f9b63-FRA
x-amz-cf-id
9vsKLOnYvn_sb605i37L1CUtNd2gIHBxCre693Vmr9dtzubzzMMw6g==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
custombox.min.css
www.avanan.com/hubfs/website/code/css/vendor/ 		41 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hubfs/website/code/css/vendor/custombox.min.css
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
deb3d40a52e939dc606cacea278753f149b56d19b6619994069659687e3a7728
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:34 GMT
strict-transport-security
max-age=31536000
via
1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-12524627747,FD-10555825155,P-1835778,FLS-ALL
content-security-policy
upgrade-insecure-requests
age
483502
x-amz-cf-pop
FRA56-P7
x-amz-request-id
7A80PSFVTFEZSS48
content-encoding
br
edge-cache-tag
F-12524627747,FD-10555825155,P-1835778,FLS-ALL
cache-tag
F-12524627747,FD-10555825155,P-1835778,FLS-ALL
x-amz-version-id
7rgoaYxL_.zq0Q9pSWvug18ufCSiqriy
x-cache
RefreshHit from cloudfront
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
GqISWyLzyQz5wU53pnf5cFi781RTgePMuFwrtfOM2vAiObJO8kd16qAAht/ooJXA99nOO7iWfEc=
last-modified
Thu, 29 Aug 2019 14:21:43 GMT
server
cloudflare
etag
W/"3546f0274dff535bcf97625374c1c7cf"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rCmMtma1ACimUcSR5AVzlObSpk7bjaUywNUOqWdZYj4cj26QkMWE9r%2BDNUiKNPWFiqoluQEiM0BNSp1sWNrkoWSJEQLCbkZpqsi2q9qnkKtAmCqdIcPzIBqpCiC2u1FXX0nLzUz2yXEuCXL5"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
cf-ray
7c79c8fb9b709b63-FRA
x-amz-cf-id
czbjLwv33TLMeiZYVurWf9onChmqlPzL6xpwpmEqL8Pq5wOi-aNfiw==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
theme.css
www.avanan.com/hubfs/website/code/css/ 		393 KB
55 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hubfs/website/code/css/theme.css
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf53806c2a4cef2c89a8502411683c83162fe73859d7d24244259e7e793df68a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-meta-cache-tag
F-12350310726,FD-10555529544,P-1835778,FLS-ALL
age
483502
x-amz-request-id
7A8278KFYESC89YT
x-amz-server-side-encryption
AES256
edge-cache-tag
F-12350310726,FD-10555529544,P-1835778,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
etag
W/"dd24981f95399e7f2d5674114004c268"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1566500436528
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Mon, 15 May 2023 07:49:34 GMT
strict-transport-security
max-age=31536000
via
1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
.PPc4ch_dqDLgdSTKOgEMtS97zSOmAVG
x-amz-cf-pop
FRA56-P7
x-cache
RefreshHit from cloudfront
cache-tag
F-12350310726,FD-10555529544,P-1835778,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
H7J/gIJjIlgzxEauV5bG9JDL/fbg9J4McRvYeuF/yvoVbopB71CxEZ5EnF4hVUrD2hWzbxyJhBM3McsV0rqNM0rozfLBOYBZYhSOmAGKgqQ=
last-modified
Fri, 06 Jan 2023 17:30:34 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M6CqhbCT6i0%2FpbfN%2BFWIzygm3ogvXi8wNB2T25FfZu9CGAn3jvai5qieQ3NTrLXM7IVRhSWaNnBJOGuw45MWmr%2BLQ9RH53ML9PEEoV%2F%2F89bydBCpBUPHDoS25djeGjr%2Fd1%2FKz9JXx6yGrxyu"}],"group":"cf-nel","max_age":604800}
cf-ray
7c79c8fb9b719b63-FRA
x-amz-cf-id
YAJwicmh594CPTpDtL91xSzcq51ipxjeo2YOWPw0cPxa5Bs2k7xcog==
header-slim.css
www.avanan.com/hubfs/website/code/css/components/ 		84 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hubfs/website/code/css/components/header-slim.css
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f54ad99ac9b8bf0271cc6d19132826863aa3dc7077b4d5c586f99c46130efb30
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-meta-cache-tag
F-29822257866,FD-10639271059,P-1835778,FLS-ALL
age
290338
x-amz-request-id
5T2CNBWDB1ZAVJ21
x-amz-server-side-encryption
AES256
edge-cache-tag
F-29822257866,FD-10639271059,P-1835778,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
etag
W/"b144dc1e3369574aa43f95d44261c80b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1590586777336
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Mon, 15 May 2023 07:49:34 GMT
strict-transport-security
max-age=31536000
via
1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
42YSFG0lTWtnZ.W1lT05OT2Zcvw1os6c
x-amz-cf-pop
FRA56-P7
x-cache
RefreshHit from cloudfront
cache-tag
F-29822257866,FD-10639271059,P-1835778,FLS-ALL
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
DIWxTIxd2MTchBnm8Lv1zp9BbaHLt+ShnwU3kbZrl5/2RaDIddRlP7uSb9WrQ/bCZKp5Uj8+0t4=
last-modified
Fri, 08 Oct 2021 20:18:11 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePdUYZ9ACtb%2B0tHr1B3sYLD2EK07P5D2ZjkzWI0jUTdnWpw8PIG9HKNdg6%2BTtZWNrxk298PCCIdmk5lJst%2BQfhDIbvsiUolHdSpLvRqhubJjbda7MUoDyyW7Cf23GDFkLmBAac1CjaoYtAbN"}],"group":"cf-nel","max_age":604800}
cf-ray
7c79c8fb9b729b63-FRA
x-amz-cf-id
rCuQqHySjGDmyJAk5kyYmQtX9H3M0_6Z2AjgKdlldC7m6pMtpROpog==
css
fonts.googleapis.com/ 		5 KB
959 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Cabin:400,500,600,700&display=swap
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f68519ba7639cdbff92cf7c044bd5455e4c87320689a3f2d4b2418ca4e91cd01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 May 2023 07:49:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 May 2023 07:49:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 May 2023 07:49:34 GMT
How-Safe-Are-Your-Emails-featured.png
www.avanan.com/hubfs/website/img/infographics/ 		621 KB
622 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/website/img/infographics/How-Safe-Are-Your-Emails-featured.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8deb475ac50713a43d3cf93fb2579f1badda5b9dee5704850b032f0f25564895
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-amz-meta-cache-tag
F-52270339845,FD-10949243896,P-1835778,FLS-ALL
age
340039
x-amz-request-id
7A84SWBVNEP1C437
x-amz-server-side-encryption
AES256
edge-cache-tag
F-52270339845,FD-10949243896,P-1835778,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
content-disposition
inline; filename="How-Safe-Are-Your-Emails-featured.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
cf-bgj
imgq:85,h2pri
etag
"c633bdada0f0b6b3a8ed9923b6fb540b"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1628160146967
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000
via
1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
.d7FqQt._o1Rnh6A1lokFj0_Ws48Edpl
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=866167
x-cache
RefreshHit from cloudfront
cache-tag
F-52270339845,FD-10949243896,P-1835778,FLS-ALL
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
635542
x-amz-id-2
YXn2BEz4PPwTRDVUle4tS68Xm4nVfTicgt3GxP3YJM+DwdTKh6gxFSnbrI1pEOZBHu0imoWpSos=
last-modified
Thu, 05 Aug 2021 10:42:28 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RwVp1weJfEBt79yanTtgAFPadi7TVTfMktne9WdbHjVmCvMVkf%2BW%2Busi12NX9O131TVJn1USjB1WHuNakKDz4nsUb45k2sXgaVaay8VlMn3wIoEPDBxoBwqZsl%2B43Bi6iFDeKgbTMfWxSnG5"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7c79c8fdde329b63-FRA
x-amz-cf-id
x8yz6Z_ZjUBd-FWPEpPYsJzsicDsCCefXHebg632QnxFLaNSZA0ohw==
av-cp-logo.png
www.avanan.com/hubfs/website/img/nav/ 		26 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/website/img/nav/av-cp-logo.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a87eea0ed4667d6241611511e68dce431477cbd9a06c9482b01323d6a0b972f9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-amz-meta-cache-tag
F-57079767617,FD-21136118110,P-1835778,FLS-ALL
age
285963
x-amz-request-id
7A8FMY8AMA59CRRC
x-amz-server-side-encryption
AES256
edge-cache-tag
F-57079767617,FD-21136118110,P-1835778,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
content-disposition
inline; filename="av-cp-logo.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
cf-bgj
imgq:85,h2pri
etag
"54f8e06ea392f631745f18834b4f75fc"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1633720390182
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000
via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
ihC_xVZudFnTMh6T1X7C3_Yl8xLb15Oa
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=45855
x-cache
RefreshHit from cloudfront
cache-tag
F-57079767617,FD-21136118110,P-1835778,FLS-ALL
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27014
x-amz-id-2
KvPqBBS7Yb4rw4oFtlRF1H1hRzNfo5NpoWWVn0pV2aCXONn5zqWFwSKzNCFu6E0L7nDOlt3R4As=
last-modified
Fri, 08 Oct 2021 19:13:11 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZkGXS%2FYA0yp1%2BtwgS%2BQgxUrw4V9XX504Oh8ALU0WHr%2Fj7qVbB9h36xt%2BNNGv58Nbt9eFOgThZj6Szm1k7b%2FAm%2Bgugko%2F3VPSWrk00CFpBXadhBRHJA4gH%2BiprwW6k1uKXxED2woBL7b0wUR"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7c79c8fdde339b63-FRA
x-amz-cf-id
5cyfZEFknuxB2JlKa04i4uOsBROOHmQIXPTvBJpx76EZ2CLitROrpA==
documentation.png
www.avanan.com/hubfs/website/img/nav/ 		868 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/website/img/nav/documentation.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e94bb9eafa09b4181f7208f1466552561329b27bc870ea785be1fbbeb32661d8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-amz-meta-cache-tag
F-21241301263,FD-21136118110,P-1835778,FLS-ALL
age
475436
x-amz-request-id
BE7GEJMKTXSTFC95
edge-cache-tag
F-21241301263,FD-21136118110,P-1835778,FLS-ALL
x-hs-https-only
worker
content-disposition
inline; filename="documentation.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
cf-bgj
imgq:85,h2pri
etag
"f4d503cd55e042264b3bbd74f58ac560"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000
via
1.1 645f43b8717568c0a4b2c8f32ab504dc.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
V87Vzt5MSqkUDoZ5asBko88rN0wJ5iGd
x-amz-cf-pop
MXP64-P1
cf-polished
origFmt=png, origSize=3416
x-cache
RefreshHit from cloudfront
cache-tag
F-21241301263,FD-21136118110,P-1835778,FLS-ALL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
868
x-amz-id-2
RRIJ9oaQll43xW5FeFrQ7yFp/Wkm88FsMmzfAGerqg8IsdO0QN9oTcsjVKW5th3IX9m11crdCIc=
last-modified
Thu, 14 Nov 2019 20:20:22 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uzX3vj%2B1UjVXrtueyvXGczSXbdKgSSRojImLA2Wxs62ZS4phDkVC9EiBegVPau6P%2BvrSrlr5I4TFnVnNuVkWj5plBAcE1JibVv7ZP9xr4sQkcCKe5ItOaqWA9Qh8YwJ%2FNI8Ic2qGCX953uty"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7c79c8fdde359b63-FRA
x-amz-cf-id
lF-qbrgrNyltJfM9bqg7aNMxyCUQHNiIzot3FEgoAvYgQ-_42VlG1w==
open-ticket.png
www.avanan.com/hubfs/website/img/nav/ 		700 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/website/img/nav/open-ticket.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
03817f3f6505178f6f24ef977ac8cd844ba3427f0353759e41bea905c565020a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-amz-meta-cache-tag
F-21241291417,FD-21136118110,P-1835778,FLS-ALL
age
475436
x-amz-request-id
DVAZYRNAJ317THK3
edge-cache-tag
F-21241291417,FD-21136118110,P-1835778,FLS-ALL
x-hs-https-only
worker
content-disposition
inline; filename="open-ticket.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
cf-bgj
imgq:85,h2pri
etag
"9034a241fdd02e0d9dc532075852965e"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000
via
1.1 782307cc86daaa076cbdb91c6d06353e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
0c9cY9eUX.md23IeRyXXqhmeaLhfDOS6
x-amz-cf-pop
MXP64-P1
cf-polished
origFmt=png, origSize=3180
x-cache
RefreshHit from cloudfront
cache-tag
F-21241291417,FD-21136118110,P-1835778,FLS-ALL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
700
x-amz-id-2
uC5JYI6bRhSS5bAmbu33xwAFgJfjDS+ax7c6bFe8peS+pNK7CwTeRAzWoKG2YBuW8218PwGtmbY=
last-modified
Thu, 14 Nov 2019 20:20:22 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKG9kpJk8ngmTVWy2q6mgfhfnKmC15b3jaeNJrO1HqjQjWnakqDxt%2Fk6tETXMazuLo9QhlNjbtH0KDjjwrIH%2F0sgqU6UT%2BGC4hcXMt94iaJHZyok9z5hXB47GYG3WmwPcVrCKuVrwSvJWEhw"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7c79c8fdde369b63-FRA
x-amz-cf-id
5S9k3BGLX6mCTF2pyPNnpD6Hfz7iIcUIBe2AfkrCf4_nWQaklfcRTw==
jeremy_fuchs-1.png
www.avanan.com/hubfs/website/img/people/ 		1009 KB
1011 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/website/img/people/jeremy_fuchs-1.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c31f9221454873de9c5bc222c2b5c97f216d3b21b0a3589f77f49fbcacf4a0d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-amz-meta-cache-tag
F-27817468088,FD-26510702723,P-1835778,FLS-ALL
age
4644
x-amz-request-id
SEF6BS31YRQHZ11C
x-amz-server-side-encryption
AES256
edge-cache-tag
F-27817468088,FD-26510702723,P-1835778,FLS-ALL
x-hs-https-only
worker
content-disposition
inline; filename="jeremy_fuchs-1.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
cf-bgj
imgq:85,h2pri
etag
"f708d6febff5bc6d07172bd7465dd726"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000
via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
nQ.kuHwFXuupsUc1qfCvxdS2PMk7c1js
x-amz-cf-pop
FRA56-P7
cf-polished
origFmt=png, origSize=1632605
x-cache
RefreshHit from cloudfront
cache-tag
F-27817468088,FD-26510702723,P-1835778,FLS-ALL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1033412
x-amz-id-2
SV4ZTZuMQeaK+MPx55ORJZmGWKVGU591qI88UqAzplxvZldiOIRK2SaCDbuCkwHzo3fLxDawBrg=
last-modified
Tue, 31 Mar 2020 14:03:42 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HTI4D4WFGOJQL3ZZ8tzCGm3hkspMVU4JZQv%2FVj8nAldAOyjPmx%2BBUWEy82tfRgfrZhN2p20KHedgj%2Faix5aFGXnBia5n%2FW8%2BkgIZq9WI9wvX1Aikt7BCHOr2jzVKdswQsdcWCrGdLnAA662X"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7c79c8fdde389b63-FRA
x-amz-cf-id
En-G3KsWs-N1PdYelc-UdQ-9P16D3E7roHyOC_m5PZSRM4E3EuYFAg==
relay.png
www.avanan.com/hubfs/website/img/blog/featured/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/website/img/blog/featured/relay.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6967002e1c0e51d3644161948e5e6d7df887b0c8e2a1b7fa9ec899186cb17bc0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-amz-meta-cache-tag
F-71620670046,FD-11279853394,P-1835778,FLS-ALL
x-amz-request-id
GVPWNDTKBYHMP0CG
x-amz-server-side-encryption
AES256
edge-cache-tag
F-71620670046,FD-11279853394,P-1835778,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
etag
"f64980a83984dae6ea9cd92f35951e17"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1650552718410
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000
via
1.1 f92e634cae29c615cbe8f686d8333cf6.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
EatTcD5ceLdltvwZWpPsiGB4aWIe6iSF
x-amz-cf-pop
MXP64-P1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-71620670046,FD-11279853394,P-1835778,FLS-ALL
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54083
x-amz-id-2
c28q14IAvweKiJ4nMgzHuaUCqo+mf66CPLY5VEAfSFTbVgGdgKpWz81b7lrKzbsnC77BX6kFQ9Q=
last-modified
Thu, 21 Apr 2022 14:52:54 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9pcLtSk4Ip0ZWHFPUYILnDmssdCFMFqQYiX%2Fv3Zki20CY7NWMjE9xCAfoKYqZJLmov8dMvt%2BMobWWB%2BycASf5eVWmOOiXCi%2BUEol1VDGH4r9iY9obUTel1fZOBAghDVUQ8KqmkxFlK5IpX5"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7c79c8fdde399b63-FRA
x-amz-cf-id
X88IVjqL6K8ir8cJyd-bthRvnUHBD2HfYIbAOMX0-W-XtylWbPKH_g==
E-v1.js
fast.wistia.net/assets/external/ 		642 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.net/assets/external/E-v1.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
23ad4b302eac0ba8eabf2181ec466f0b17ff86f9750d7ee59a7202902b746446
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
323
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
118945
x-served-by
cache-iad-kjyo7100160-IAD, cache-gig2250064-GIG
x-browser-version
113
last-modified
Thu, 11 May 2023 21:51:24 GMT
server
AmazonS3
x-timer
S1684136976.560620,VS0,VE0
etag
"f5579b2839f3d573e3a03975d3437ad0"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
89f11db1e4b8d3d3b6ce2e5530fcf20c913ad10a
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
67, 10
Featured%20Images%20-%202022-04-27T102707.734.png
www.avanan.com/hubfs/ 		17 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/Featured%20Images%20-%202022-04-27T102707.734.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9938667d93de196aaf78c8f64774253cd228dcb3d1c22e683b1cd27e6bc08c8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-amz-meta-cache-tag
F-72074720330,P-1835778,FLS-ALL
x-amz-request-id
GVPG9AFQ9F2VD3K7
x-amz-server-side-encryption
AES256
edge-cache-tag
F-72074720330,P-1835778,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
etag
"5b9ac09ea6df1f506544d1ece2446d03"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1651069635183
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Mon, 15 May 2023 07:49:36 GMT
strict-transport-security
max-age=31536000
via
1.1 4d4b96028acf63781fb210bb3b43b4f4.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
dSP64XqcSjcKq48wGX2T9rgL83AasJ1h
x-amz-cf-pop
MXP64-P1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-72074720330,P-1835778,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17732
x-amz-id-2
1t/OxSsHBzj55iyQ7erhmtnNQaJd4aj6gfo9ydEznjFjeuHK/nSu017i7AvBzCdB9TJzNTfEh3M=
last-modified
Wed, 27 Apr 2022 14:27:16 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7OrsdSO0%2BiocXTI5PsysOPz%2BYpFeNeB2SQJbUlBBSMrkn23SvqASfv%2BFGCK44TOQ7MF%2F0Bwi3JECTbCxsm9A9FAM03%2B4ONSFZzUEJOleDIqoHqqb2POUovIqIxCWhcumyjF1DrwKiBf263R"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7c79c8fdde3b9b63-FRA
x-amz-cf-id
hUVGFYgNSjtesvI7UeQwbkuuXwqVtRfJvywoYEiitgYQw4lI3DGB9w==
c953fa87-efa0-494e-9947-98ffe764fcd8.png
no-cache.hubspot.com/cta/default/1835778/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://no-cache.hubspot.com/cta/default/1835778/c953fa87-efa0-494e-9947-98ffe764fcd8.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf6f2ddd3a93cfc831316931e733e85bfa4d344c33398e6c32115761bec7ba69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
x-amz-version-id
null
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
D66WPAVWV2BPMS0S
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1111
x-amz-id-2
QYr3+6a0ok+xBzYYoWMf6tY4n7xT67RwnuaaL+SdvyFSsUdRRV40Odds8LP9pe+bOhlrR7d8mNk=
last-modified
Fri, 24 Jul 2020 18:46:48 GMT
server
cloudflare
etag
"af14e3eef5578014fe49b0f4a662ac5c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IhOqzbt4ZZEyrbo526%2F7k23jiQHhDfBe8hCe2TMhzqb9U7yVIHSkradQDuxrzGqJmmjAu2HoTn%2FKgAtQOFA0qeKfxrH6NfPMUSb7Xi3gwBXoszQWCQL02dRD66WJ98baltFhOmzt%2FvU7Zi7QEaDzpV7b"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store
accept-ranges
bytes
cf-ray
7c79c8fe0a19906c-FRA
current.js
js.hscta.net/cta/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscta.net/cta/current.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a7c0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
384ebb3a6b18fba46505d1421ff20bcd924b64606de2641eec22ed8bc41bf0fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
x-amz-version-id
uhL6dnppSo8KeomrebPU9hB2_.Cn105d
via
1.1 68a3b1d5c75429221abc685a453afb60.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
IAD12-P3
age
215
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=cta-embed-js/static-1.167/bundles/current.js&cfRay=7c79c3c22fbb92a2-IAD
x-cache
Hit from cloudfront
cache-tag
staticjsapp-CtaEmbed-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
5
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
de8e4468-3e37-4106-9d90-17c824f3b8e4
last-modified
Wed, 26 Apr 2023 03:31:59 UTC
server
cloudflare
etag
W/"5c558aa2f7c9b2022b11cf9710ccaf47"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-589c5fd4fb-vnl6w
cf-ray
7c79c8fdea1b9213-FRA
x-amz-cf-id
o_2RHrUyYfAqG07zVXtCufVrmaBsq3RQG1AC3K5zCD2YwL8lunZ_lQ==
x-hs-target-asset
cta-embed-js/static-1.167/bundles/current.js
widget.js
www.gartner.com/reviews/public/Widget/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gartner.com/reviews/public/Widget/js/widget.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-112.fra56.r.cloudfront.net
Software
Apache / Express
Resource Hash
1c14c58f54d58b7e29603e42437008c3ddac500dd339923141afdbe279c8a123

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 05:16:21 GMT
content-encoding
gzip
via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
9194
x-powered-by
Express
x-cache
Hit from cloudfront
last-modified
Fri, 12 May 2023 09:25:09 GMT
server
Apache
etag
W/"2256-1880f474508"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
x-amz-cf-id
Th__H7wBxR3qFJrOc3jNmP2VJWvOC65uR-3iM7F1P_1y8AQEiuBWRw==
Featured%20Images%20-%202023-05-09T124227.254.png
www.avanan.com/hubfs/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/Featured%20Images%20-%202023-05-09T124227.254.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c4923634b0e090f22232169832358f38a3ee6fd657a40d77f6775dff10edbb1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-amz-meta-cache-tag
F-114878032931,P-1835778,FLS-ALL
age
88191
x-amz-request-id
7JSK4RPB5SVGCF6V
x-amz-server-side-encryption
AES256
edge-cache-tag
F-114878032931,P-1835778,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
content-disposition
inline; filename="Featured%20Images%20-%202023-05-09T124227.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
cf-bgj
imgq:85,h2pri
etag
"250eb68b1be87ffbe2a0af8f9c28165e"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1683650558999
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000
via
1.1 9de65abaae1c9efde396060d6fa80946.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
XX7CU3hualpn4bokb6OdSK5v1QTN52SV
x-amz-cf-pop
MXP64-C2
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=40353
x-cache
RefreshHit from cloudfront
cache-tag
F-114878032931,P-1835778,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23604
x-amz-id-2
8EzIZswSPANEUKuz9W8j3YkIvW+30XQGCxaMdZSe22XST7z36N1FLgzG6lUgpAVFWvYbm4VluPE=
last-modified
Tue, 09 May 2023 16:42:40 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JhlnlYJk%2F%2FE1cpmYn9C7MiAgmIU%2BinLHQKjv9b1IpvOoPQBvCK9lC4etLg7Ggk3t4xyNiiv1AGckTNJnu34iHUqOMvFK7rIkrBY%2Fuw6y4uX10MGQAZkhRlOQAPRubYdOE5LdpSigC1pOW%2FDG"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7c79c8fdde3c9b63-FRA
x-amz-cf-id
zg1LGRjnhfdEZzI6xIl7jU9omgKXZu65PWvBCgXmfJL7uRwfnZJzBQ==
av-cp-logo-wht.png
www.avanan.com/hubfs/website/img/nav/ 		26 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/website/img/nav/av-cp-logo-wht.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe5f4af17be162aaf3e1dadbc08fe06e678c87620a221b3fef8e2ca7a779986d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-amz-meta-cache-tag
F-58090235831,FD-21136118110,P-1835778,FLS-ALL
age
475436
x-amz-request-id
5W2SQQTSY8NCHRT9
x-amz-server-side-encryption
AES256
edge-cache-tag
F-58090235831,FD-21136118110,P-1835778,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
content-disposition
inline; filename="av-cp-logo-wht.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
cf-bgj
imgq:85,h2pri
etag
"6b25c756c0ec059c8b971ac07c1a44e2"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1634845767354
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000
via
1.1 b238d3f6f579ec0d467edb5df6f43bbe.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
r2zJbm9CEK3FOJ9Q8VqLC35kT_FW.6aY
x-amz-cf-pop
MXP64-P1
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=46170
x-cache
RefreshHit from cloudfront
cache-tag
F-58090235831,FD-21136118110,P-1835778,FLS-ALL
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27120
x-amz-id-2
qt69G0tWbQTQitOzJMVo7a7BEZF3WzIGtXavykjCDVREx2AeexSOeUAb57OZoQco9JZdawTODrQ=
last-modified
Thu, 21 Oct 2021 19:49:28 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h2AWmmCPPutkjLijSaVZafyzvfM07iA9YflQ5vWjXzl8NubdCYWNM7EKNp3RwOyaaLkwL9X86eNSvZ66w7vp3zmPeIuXEgJV6%2B%2BxGHHXqmKE130w6fJN%2FAH7cvU2sEDCpSji12iNx1rzMNEY"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7c79c8fdde3d9b63-FRA
x-amz-cf-id
PHT5C4DtZpvpsXpF8JS-RZaHT0V-Ba9c_9o_FR_hLpxOmeUyg76Yug==
soc-2-cert.png
www.avanan.com/hubfs/website/img/icons/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/website/img/icons/soc-2-cert.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
49c8d692cb67ec3cc5b35e839c50c5c9eea05fe3ce82894eb02d22240554a0aa
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-amz-meta-cache-tag
F-24177175536,FD-10543955849,P-1835778,FLS-ALL
age
344465
x-amz-request-id
BE7XW7GA8ACC5DED
edge-cache-tag
F-24177175536,FD-10543955849,P-1835778,FLS-ALL
x-hs-https-only
worker
content-disposition
inline; filename="soc-2-cert.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
cf-bgj
imgq:85,h2pri
etag
"2242d63f47a733e65cdebd6f3be3a08a"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000
via
1.1 2c6b43ece241a6b4a6a59e19ffb626fe.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
ENN2NKV.l.gZzdTLCJgVyrfErf7Uu3mK
x-amz-cf-pop
MXP64-P1
cf-polished
origFmt=png, origSize=44339
x-cache
RefreshHit from cloudfront
cache-tag
F-24177175536,FD-10543955849,P-1835778,FLS-ALL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27216
x-amz-id-2
DsbrpKNU+LT9K7msWhX222e/N3TRzOX5x2T8D3TfNTWP0q/g0q9nlN6uj6plNj1SFAgiTpnktao=
last-modified
Wed, 08 Jan 2020 19:24:41 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oD3N%2FQs97DC9JfhujPoPIcm6LWuUs74rK2w2l96%2FURqXq4PuHdW3iAfb0tF12ljTOmiIWzCLRcurBG25EvBSrTi8Kyscs6jrq%2FEus4jNWviD22ZepQu%2FQwN%2FV5giMJtrC33C6qPe5Hldu%2BSi"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7c79c8fdde3f9b63-FRA
x-amz-cf-id
VZA1sG2XcMRzU2syxgyA5pAsdxC_Vg63cutyROUo64fCOcD0htW0yQ==
embed.js
static.hsappstatic.net/content-cwv-embed/static-1.194/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hsappstatic.net/content-cwv-embed/static-1.194/embed.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8e65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3689710be7d2e69e0ca54f8cb9bad5d54b13dbd4942b864b62000c1a7d17a028
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
x-amz-version-id
EhMKfxOgJXY2D7c9eaeCSuFDmIpnjYb6
via
1.1 b96e53b7b2901838d15d932e5dee1b2e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MXP63-P2
age
1166402
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 01 May 2023 19:07:36 GMT
server
cloudflare
etag
W/"23ee756eeedefd7526b6b9f474860e2e"
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NUbC1xXNlvLs2qtWi%2BQ6fi%2FarYlXdppEpTbEJ4toIGOKLv9tbieEUNrlUaxF4NT2GaHaaZGHjuIaeLNU4muingkIy6Ze4ZN6J%2BIj4EtRyxVBeigrp0Bq9zmFLEscltsVpx%2FNf%2BZNSMAGvcJkn0Zb1b6bXYY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7c79c8fe0f961e52-FRA
x-amz-cf-id
9UwTlW1P7sZG3Utw9W4uvmo43XYRcxTzSEu4OEgou-OqOer5S5kTcw==
expires
Tue, 14 May 2024 07:49:35 GMT
jquery.js
www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/6476923280/1577975561851/Custom/jacob_redesign/js/ 		142 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/6476923280/1577975561851/Custom/jacob_redesign/js/jquery.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
057d87ec0edbdb5fe7d60d32da4c3abfe1dc2e6a0aacd6543a5e9dabb7bbd21b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000
via
1.1 4ee1745ee3cece0fab563f5a32ba165a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
age
407
x-amz-cf-pop
IAD89-P1
x-amz-request-id
P1GSFZ3R56B6GZP9
content-encoding
br
x-cache
RefreshHit from cloudfront
x-amz-version-id
ebM6Jbr9unIlIJHsCtn.BkHxdP32W5Tn
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
0vabqr0vaaUw5ck3noRF2reLi9IsdV0YbIjSkd5i4sLYrxZAqVGXj1NP9opBkPn+7CbEqDo1pNc=
last-modified
Thu, 02 Jan 2020 14:32:42 GMT
server
cloudflare
etag
W/"58abfaae2dedf59326b2ea681f828a06"
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LlX9o8oM5RSoYcjWON8utXFnxFmisk9S5D2l3%2BqMQF4aQ3MUdDyA%2F0dZ%2B0zrAaclvSO4z5Xsz%2FyxOUEGk0y5Sl%2BGaNUFulhOKAHr%2BmW%2Fq70ljVqg0dRRGGOxfVF6lMBs0QsaIA6wPltV8Yc2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
cf-ray
7c79c8fdde149b63-FRA
x-amz-cf-id
KabXvKYJX_Jf_1-nhhJY0mbxrObHr-Dwyd7TOLZR9VX9-C79Yg2C3w==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
bootstrap.js
www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/6073918834/1577975558617/Custom/jacob_redesign/js/ 		112 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/6073918834/1577975558617/Custom/jacob_redesign/js/bootstrap.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
71577fb46a22fa031506bab9c5ddb4640e38ef10a1b4959a11288b41ce4b0757
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
age
395
x-amz-request-id
6DBYPYVQFYG828Z3
x-evy-trace-route-service-name
envoyset-translator
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener
listener_https
etag
W/"d810a38ca2781735a27cba0625a027db"
vary
origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
x-evy-trace-virtual-host
all
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000
via
1.1 b63906e2da6fa6b0ef48be29690d7a98.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
3IDp6mXhqSOlZQ4n6QKdC4Peyv0EBjJp
x-amz-cf-pop
IAD12-P2
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
192
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
eTWACCjaUJWDUWv9aEuOsSyE7cBbcJOo5H7OrE4dDnFBfNdURq69L9ZP2BGWxjfUh/Qgrnf2OZS8Jcs2uOj41g==
x-request-id
ec5cadcd-8f92-414c-be30-d8c31da7a9ce
x-evy-trace-route-configuration
listener_https/all
last-modified
Thu, 02 Jan 2020 14:32:39 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4LetncOG2Q%2FcRkQVMziKCH0JTss7bK0dEe1t2MmbTKkqY3Wpft1VxXAnPI07nJWRGwFy2Oc9oQBZvu6nJ%2FBuo51nCn1vj1YPnEDMzDUfjpjH9o4BVidUuJERVxYfEAbKe%2BWVUWlPn9Dda4Tc"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-55b7d448b-fwhk5
access-control-allow-credentials
false
cf-ray
7c79c8fdde219b63-FRA
x-amz-cf-id
Odz-dw-whEqPO1jRZG7N9NImBNAdfhuwvQUF7CFd4kUHyRO0vnIduw==
plugins.js
www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/6084513730/1577975558722/Custom/jacob_redesign/js/ 		508 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/6084513730/1577975558722/Custom/jacob_redesign/js/plugins.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a82df3611c2166b9b9e824830c57bc09ef40860b9dc83fb2897b9a2a3ab0b98
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
age
395
x-amz-request-id
MP95P6QRNYP9N5GP
x-evy-trace-route-service-name
envoyset-translator
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener
listener_https
etag
W/"c612fe430751a00bb8750c6601520596"
vary
origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
x-evy-trace-virtual-host
all
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000
via
1.1 0dc81f450c72d91e34b5a0b41d441f28.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
7fqlaiSrobvA_myCcLItYFNxElIoA1r6
x-amz-cf-pop
IAD89-P2
x-cache
RefreshHit from cloudfront
x-envoy-upstream-service-time
135
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
FeMQCPWXdcKkuCA47nZsYspJ329x1zVKpkzcp1J0yQSrsW4SZYhQdgwL+RkHTbi4p+ws/hZ+Xy0=
x-request-id
3c3c0f1b-ebc4-48bc-a3d2-d20dfdf04b91
x-evy-trace-route-configuration
listener_https/all
last-modified
Thu, 02 Jan 2020 14:32:39 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zONGRog0l6%2BpdUsBvZg4PrIhnmKgt0nMng8G3T83oN27dcPsgWqhcwGrlg22oMjL25q7wocTgt%2FNCL79e1EwaqRbiUjtjDE4QSAa7gxJ86gGcVzoBy4BA7KrYI2qj%2BB4PHdp7Lq%2Fj2r5scAX"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-55b7d448b-fwhk5
access-control-allow-credentials
false
cf-ray
7c79c8fdde249b63-FRA
x-amz-cf-id
2j3AJ06Y8pEagviFz9tDnNoq-df_9MBB2ze7J5DuUAtNKdUqsMhS1g==
module_11124227288_updated_blog_body.min.js
www.avanan.com/hs-fs/hub/1835778/hub_generated/module_assets/11124227288/1683298027233/ 		244 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs-fs/hub/1835778/hub_generated/module_assets/11124227288/1683298027233/module_11124227288_updated_blog_body.min.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b057f4707a4e3bbf69647a669ebc4dbf35a9b5b25864b5fc63162e71f58621c8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
x-amz-request-id
5KXG5419GGQT2QKZ
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
x-evy-trace-listener
listener_https
etag
W/"cf3f93254ba12a90654162233cedfbcf"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1683298027233
content-type
application/javascript; charset=utf-8
x-evy-trace-virtual-host
all
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000
via
1.1 e880df37740c4e68e519f8478d14cb88.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
2vRBYqYBKn.Un2cVRgM_9kk_TDebYnrs
x-amz-cf-pop
IAD89-P2
x-hs-alternate-content-type
text/plain
x-cache
Miss from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
178
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
cMQ/1Zx7sppBCT9eZrriGvfDaWVwNvQWJvGUs5K047AypEXDkosmjZaCfZpD8xew7LxLFDy6RvTVAuswuL0iHzBn3soZzetg3Eo35ID1Bgk=
x-evy-trace-route-configuration
listener_https/all
x-request-id
cfbf595f-7f3a-4b21-910a-f6a7f3a44d5a
last-modified
Fri, 05 May 2023 14:47:08 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKp3vi7il8cDcxEJt8J%2BCU%2BAbhXN9GGDbSW4Wh%2BBVcGNikex%2FURYe7QO22By2z0IBlLksFlYhtQ9mJfZw%2FMvFa3aiZ%2Bf8x7NKnudOzkWUpIrEWEPRTkmbJB72aqo6u1%2FQ1T0ZVD9H9UEzyJm"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-hubfs-td/envoy-proxy-55b7d448b-rwfnd
access-control-allow-credentials
false
cf-ray
7c79c8fdde259b63-FRA
x-amz-cf-id
bc3107eairPORVeZHzrE0yuOSfcA5RbLM7zT6hxWxVh-fDq2ZF_ouQ==
1835778.js
www.avanan.com/hs/scriptloader/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs/scriptloader/1835778.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3c80f16a52c4f2b6c7032400f5b63293b939042dd54d1661f1115159d678ef7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
500cb991-b09a-4775-8205-0d770895dd3c
x-envoy-upstream-service-time
9
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
d03a99f6-262e-49fb-90a1-5ec970d44630
last-modified
Mon, 15 May 2023 07:42:48 GMT
server
cloudflare
x-trace
2B1B4D611115B90197C4069498197AA7CDBB61A32D000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.avanan.com
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-5677b5b686-mwxt5
cache-control
public, max-age=60
access-control-allow-credentials
true
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qF4tekhfinF9jf78WZdENwhvJmOs%2FxZlDLTvaJyWKeBnTzyTuUfEBRwj5BVGXEztAqq3m61DvX%2Fw024VzpVXG071iNLJvN1jIzWK49eLzK1FX8bZTnkBC%2FzfqDRkJ2XOkxI02Nc7oHLtHl86"}],"group":"cf-nel","max_age":604800}
cf-ray
7c79c8fdde409b63-FRA
expires
Mon, 15 May 2023 07:50:35 GMT
conversion.js
www.googleadservices.com/pagead/ 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
95aa8e313379de34e63af40aea0436318a0f22781469dc888b494816dff2b259
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18138
x-xss-protection
0
server
cafe
etag
11333120444134058802
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 15 May 2023 07:49:35 GMT
popper.js
www.avanan.com/hubfs/website/code/js/vendor/ 		80 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hubfs/website/code/js/vendor/popper.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
94b9164549fba805d07a371447577e77ca7d335fb19f9eaf978209851969cf08
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000
via
1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-11719670560,FD-10555825718,P-1835778,FLS-ALL
content-security-policy
upgrade-insecure-requests
age
481975
x-amz-cf-pop
FRA56-P7
x-amz-request-id
FC0CBT9K6QMYCP64
content-encoding
br
edge-cache-tag
F-11719670560,FD-10555825718,P-1835778,FLS-ALL
cache-tag
F-11719670560,FD-10555825718,P-1835778,FLS-ALL
x-amz-version-id
OME08B.rG6TRAJ7DDfxDoqg2ImFXjByx
x-cache
RefreshHit from cloudfront
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
0D6l+1qTO5g8SPdXbsGaWNxxkWxkbJL6AxBIqo4hy+semsJQkx91EzAzmFTvAbjTS8BagWSa03Y=
last-modified
Tue, 30 Jul 2019 21:08:51 GMT
server
cloudflare
etag
W/"18977fcc54cc90302580895825f739ec"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OOrwVC43FSdX%2BxbPztUfqnV0HAvpohf8GTM%2BEj6SBDycbwaqCIAMaOUCPYgBK2vF5lc08k5ynklPhoP1G32%2BNU7d42Ac3r6%2BuuIuJeZpehVhA1TAWhXRIl%2BlkhjT6NaE%2BWkzlDS1LwdFl0qF"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
cf-ray
7c79c8fdde269b63-FRA
x-amz-cf-id
FDknETQJ0MQShoWMEuRQegbrsv1p5C9xO7Y5R2nkibh3l1FzPwsPbg==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
jquery-migrate.js
www.avanan.com/hubfs/website/code/js/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hubfs/website/code/js/jquery-migrate.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
56f9c5f99829774d0b2fbdcfd9750b617127e913afa0569afef6dfa22165659e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000
via
1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-10555716746,FD-10555648234,P-1835778,FLS-ALL
content-security-policy
upgrade-insecure-requests
age
481975
x-amz-cf-pop
FRA56-P7
x-amz-request-id
02XZ2XGV7E62WE9C
content-encoding
br
edge-cache-tag
F-10555716746,FD-10555648234,P-1835778,FLS-ALL
cache-tag
F-10555716746,FD-10555648234,P-1835778,FLS-ALL
x-amz-version-id
O.IWEvWv.S2HIJh2gVb3UjxcZN2zO5t0
x-cache
RefreshHit from cloudfront
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
2vPTTXsls9ZO6GPXWCHP8qZhXDAyQ0h4AV5KOSyQil9fggxUgUQ/sNZWe8dac5AA/4kj8ULNLqw=
last-modified
Tue, 18 Jun 2019 07:39:43 GMT
server
cloudflare
etag
W/"e16bb3f1cf4b40a9e4de0cf7d4950cb3"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJn8ThW7OA%2FhC6y1Id82Nk%2FJfslZTKK3PuKP8TH%2FJg9dyh3Sx5FgBRqfkmPnCDDDIyN2eMr8yUdy8Th9Q7dpUWAiNMw%2B4ZX8KzIBF%2B0KhC%2B0OmI2VXDhE1eo9pg%2B6H9czQqy3rQEwywepqc4"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
cf-ray
7c79c8fdde279b63-FRA
x-amz-cf-id
hrWuwd9bhYQEOCrPwb8mGyHtGXEWZSwtwYDIAk6WLFKaBvBj0Vpuyw==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
hs.megamenu.js
www.avanan.com/hubfs/website/code/js/vendor/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hubfs/website/code/js/vendor/hs.megamenu.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3640c9e176b212640e5d1ba0e522d80ebe382b5a18fc55ae4f7be28d1b138be
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000
via
1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-10555716444,FD-10555825718,P-1835778,FLS-ALL
content-security-policy
upgrade-insecure-requests
age
481975
x-amz-cf-pop
FRA56-P7
x-amz-request-id
FC039EA5J7YC6QGN
content-encoding
br
edge-cache-tag
F-10555716444,FD-10555825718,P-1835778,FLS-ALL
cache-tag
F-10555716444,FD-10555825718,P-1835778,FLS-ALL
x-amz-version-id
Tr8ZpL3KcSID6jBFr2cCd_jZ2gEqr8QS
x-cache
RefreshHit from cloudfront
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Le9oixEGm+l8wSrs1s5BM9m4yTc3g3hiolI9Cz8uAhjmgor1FJPe4IirHuWCawKV7C7ACj6sauiXjcTvpus+3xyfv4JyFOxX
last-modified
Tue, 18 Jun 2019 07:33:15 GMT
server
cloudflare
etag
W/"26676e58c4eb0c77a8d2c99b4bd1ad43"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Ld7z4KxdzAeCw7QRS4w1HWsCujiCTCHpSMSsEoBs4HlzAIl6EjqNIUbdmTccWMDwND3G4ejFuPS0APH7k3Sg%2Ba3pzYrtu9yB7xO%2Fh6Tvi%2FqKqUBUXbJpH6XibJXKBnMThhfwL26YW%2BQgbZz"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
cf-ray
7c79c8fdde289b63-FRA
x-amz-cf-id
aCEW0B8EV_vfmmYc9nCg2Cm30m-P283eMrKxVrQFZCIeRiUAN17Q8Q==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
custombox.min.js
www.avanan.com/hubfs/website/code/js/vendor/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hubfs/website/code/js/vendor/custombox.min.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd0af87d02bf88046acaf36141538c4852763b37b99ad5ea41ab6b07829818f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000
via
1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-12524627223,FD-10555825718,P-1835778,FLS-ALL
content-security-policy
upgrade-insecure-requests
age
481975
x-amz-cf-pop
FRA56-P7
x-amz-request-id
X1YCFPZEJE8KGF73
content-encoding
br
edge-cache-tag
F-12524627223,FD-10555825718,P-1835778,FLS-ALL
cache-tag
F-12524627223,FD-10555825718,P-1835778,FLS-ALL
x-amz-version-id
Tm64yWHx4y9EpRwZ0oVdBIU91wzQQVgx
x-cache
RefreshHit from cloudfront
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
LWv27+/635BRmC0Vm1JDhx0AIN9GIKgt3C7lJgw/jBrSnW4cC9uY1RQcGg5T6u59Ib4d753suh4=
last-modified
Thu, 29 Aug 2019 14:19:27 GMT
server
cloudflare
etag
W/"a99f3446cf6471542e7b5103c1e0ad26"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5itcNBZ51qniUDpjJkhEL%2FfPmrOQ7aS7uRwcrd6vIJZAuimtwyxop4xhn6I84WskJxiWZXXb0L5J8YVvCIYn8CrXNu1xHYqlJWOxe77v8UGp3cQRKKHOLpdQZxl5bonU%2BLNuT3t8Mf12t5us"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
cf-ray
7c79c8fdde299b63-FRA
x-amz-cf-id
i0xVqYXLzfn_P7wGZdT0npNrA5UaSFAV_r0TO3d0-y5h6hp7Cy3Klw==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
custombox.legacy.min.js
www.avanan.com/hubfs/website/code/js/vendor/ 		102 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hubfs/website/code/js/vendor/custombox.legacy.min.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b4c6df43d8be2860c107af980f4ae9c27dea1b14e0112921c3aef511bb29b07
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000
via
1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-12524756578,FD-10555825718,P-1835778,FLS-ALL
content-security-policy
upgrade-insecure-requests
age
481975
x-amz-cf-pop
FRA56-P7
x-amz-request-id
02XPPDADK61A573K
content-encoding
br
edge-cache-tag
F-12524756578,FD-10555825718,P-1835778,FLS-ALL
cache-tag
F-12524756578,FD-10555825718,P-1835778,FLS-ALL
x-amz-version-id
CNtvX5bcEOKz8jLqkiPSkGvNd2dpptBk
x-cache
RefreshHit from cloudfront
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
fCYP8oPEdhvyGjfjEfnoOar+Uh7kjBm7evHDd1pDGMW+Fkqynn+jz6gJQ5CWx2KH3kKkCA54nVw=
last-modified
Thu, 29 Aug 2019 14:19:27 GMT
server
cloudflare
etag
W/"626f9c989ad909171b9c7e56dccfadd0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2BmYUI7gPU3ddo6mPt0MZVG1a8PvC76InEq1JjIkH8%2F9Te81ehEm1NqnpUlzal8U%2BS%2BZPJ4mMyWMYCbEKk7f3vMw%2BjRZHWv6UgF3u2kTzUNoiALJ6UouTDB3bPILg9FsZWQsXhNEyjtTQRhD"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
cf-ray
7c79c8fdde2a9b63-FRA
x-amz-cf-id
VXEv4qUql0l1TjdpS6dYbIxhlgDKit8opfBKYJvgFCAmyAMjJa4Bkg==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
hs.core.js
www.avanan.com/hubfs/website/code/js/vendor/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hubfs/website/code/js/vendor/hs.core.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
87d6c8ca2c4746ba9c42bd4b56b9f8dcb23dc4f4c8a5e338039a915eddbb4cfb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000
via
1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-10555648509,FD-10555825718,P-1835778,FLS-ALL
content-security-policy
upgrade-insecure-requests
age
481975
x-amz-cf-pop
FRA56-P7
x-amz-request-id
SPTZT6Q6FTX3W1DW
content-encoding
br
edge-cache-tag
F-10555648509,FD-10555825718,P-1835778,FLS-ALL
cache-tag
F-10555648509,FD-10555825718,P-1835778,FLS-ALL
x-amz-version-id
t39fon58.c8wnVn0KiTmU6Cnt0f.z3k5
x-cache
RefreshHit from cloudfront
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
GNCYr+aOCUTxdqflonX/Ku+X7MxiRghswrnmKXvtDclZ8MDgMOxIAPuDyJATNfQo8Bq3S6eB/94=
last-modified
Tue, 18 Jun 2019 07:35:47 GMT
server
cloudflare
etag
W/"ad96a1d08e41474de9b172376ad8f2a6"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SVsWCtggHvsYhj64N7nD7vd1GDdMs%2FZOC682Ba%2FUKDZtkAl0WZJKku5kb%2BdghdPJ4XsgMhfaEq3SGRbEWaKm4ORyZzte7pTjPH%2FsX%2BfDe396TPSwKk6JFmyrFxHZ3hj3Znu%2Bs%2BOrMf0WA3nC"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
cf-ray
7c79c8fdde2c9b63-FRA
x-amz-cf-id
whc4nuSYZCgN6tAoTo9eR__vn7MnNGDe69n9XO4sqve696x_pFz4vQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
hs.header.js
www.avanan.com/hubfs/website/code/js/vendor/ 		45 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hubfs/website/code/js/vendor/hs.header.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
327f498e13e0a8166699d8d770f3806775c2707dd893d18f0139b84b0b9d8576
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000
via
1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-10658801982,FD-10555825718,P-1835778,FLS-ALL
content-security-policy
upgrade-insecure-requests
age
481975
x-amz-cf-pop
FRA56-P7
x-amz-request-id
XNR5374DD99454SM
content-encoding
br
edge-cache-tag
F-10658801982,FD-10555825718,P-1835778,FLS-ALL
cache-tag
F-10658801982,FD-10555825718,P-1835778,FLS-ALL
x-amz-version-id
sLoBYokxi8ZRjPnVZWHiocCdDukS9g6O
x-cache
RefreshHit from cloudfront
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
AgLNwml4lFZDGQTnmlE0al1L8MMWuMlLd3b9l4onO5adILQqOyw/K+ryaxAQVQgTMuAU/T0rVFs=
last-modified
Fri, 21 Jun 2019 15:22:17 GMT
server
cloudflare
etag
W/"da8e6062fc6df06d66405f3894ac0090"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OzSkKv9spUwjnLKBVippPLMC%2B0tb295xP8ATkwej4fBDhG9iBvrN52lI%2B%2FvC3e%2B7JGXEXnSNz3iTCthp4nDtqOI84lnSKTc1l9D6gg%2FNA%2B1RB632GA4reWF9PF4RQe%2FmYywWOPSWt7hijLZX"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
cf-ray
7c79c8fdde2e9b63-FRA
x-amz-cf-id
9oi7OH781SWTJ631gQhyQOA17CZQRuAzTrb0yAg-YnyXin8hwLQvkA==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
hs.unfold.js
www.avanan.com/hubfs/website/code/js/vendor/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hubfs/website/code/js/vendor/hs.unfold.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd6aef7e70901bd5018e23bf8f366b1363e27c9263a2e058df2ca725cf81aab5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000
via
1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-12349469375,FD-10555825718,P-1835778,FLS-ALL
content-security-policy
upgrade-insecure-requests
age
481975
x-amz-cf-pop
FRA56-P7
x-amz-request-id
7A82PTS9PE3788XW
content-encoding
br
edge-cache-tag
F-12349469375,FD-10555825718,P-1835778,FLS-ALL
cache-tag
F-12349469375,FD-10555825718,P-1835778,FLS-ALL
x-amz-version-id
jtHI_y0b8Eo2FGwKdP6LEhiHSwPKnVW3
x-cache
RefreshHit from cloudfront
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
5zVrKYMyccaeAq8wMJ5VeviOq4dmpNAxAn5PX99A/LaD8/DMGi7q5ZY167cRnmcnny+CBwoBXAY=
last-modified
Thu, 22 Aug 2019 18:14:11 GMT
server
cloudflare
etag
W/"cd7294af40bf5e701ac6f8cca4a7ebcc"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i3T5Op9Gwc0FZl1ROQKd0bBvyXYair8Yk2%2FNgm4B6HZUTY79YEL5cq90Uu2CDemT1u9xsDkEhEGO6T7eTHcLn6iCKQHCbRLV2j9TcK212EBhKs3K6922G8HgOcN%2B4%2FXVpLTJsxOWPyGPQV9q"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
cf-ray
7c79c8fdde2f9b63-FRA
x-amz-cf-id
ZxgyKpAfZk-wjm5YwW963RuI6FdWJc9YStMPpZZL0uuv_0voGOmEIQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
hs.slick-carousel.js
www.avanan.com/hubfs/website/code/js/vendor/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hubfs/website/code/js/vendor/hs.slick-carousel.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
081d08f71fb7a07fd5247ce2d20af91a41899fd4ee1b129c18fedf8a04b5bbae
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000
via
1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-12709649959,FD-10555825718,P-1835778,FLS-ALL
content-security-policy
upgrade-insecure-requests
age
481975
x-amz-cf-pop
FRA56-P7
x-amz-request-id
5QZ74ZBDYYN6HVKN
content-encoding
br
edge-cache-tag
F-12709649959,FD-10555825718,P-1835778,FLS-ALL
cache-tag
F-12709649959,FD-10555825718,P-1835778,FLS-ALL
x-amz-version-id
47mSAiAgQ_ZLSqVaPMk.x.DaEXQJE5Q1
x-cache
RefreshHit from cloudfront
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
hB4lgsn8pytm1n3GJ43PWDNAfR6F4euu0j3/6l5cmCflU/60b39oP7tYhY3xDakqRBCszlSdsgTNU1kk/3N12Q==
last-modified
Thu, 05 Sep 2019 14:38:09 GMT
server
cloudflare
etag
W/"333f5cba208ba8133a37ded8fbd1d4df"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hzNPluwxldqjf06YIe%2BI3hV1JHQXbvroM1AOPOQnUKOG0MHGqi5ZFBzAeBuHTqTDZig%2Fd%2Fadlp%2BqOgq%2BnEcybDqjMxUps1t3lRpb7UCUdNWIAE%2FG5QnImOfmZLNFQc9Xh1YJ1vs3nJ38KflF"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
cf-ray
7c79c8fdde309b63-FRA
x-amz-cf-id
yTIMwnU4smytCrE1i2IYclcIQJ09KBh01B5F1OerURDH8V7vhA-h9Q==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
hs.modal-window.js
www.avanan.com/hubfs/website/code/js/vendor/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hubfs/website/code/js/vendor/hs.modal-window.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6713fb9ddf25585f97a9c877f75edbb8b2c0d0691c1402fe85c145a9098527d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000
via
1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-12524633360,FD-10555825718,P-1835778,FLS-ALL
content-security-policy
upgrade-insecure-requests
age
481975
x-amz-cf-pop
FRA56-P7
x-amz-request-id
NS1HX6WRRF58X5QH
content-encoding
br
edge-cache-tag
F-12524633360,FD-10555825718,P-1835778,FLS-ALL
cache-tag
F-12524633360,FD-10555825718,P-1835778,FLS-ALL
x-amz-version-id
37fiNFmrqmELkFKd5Hej0YGO_cs4_PVG
x-cache
RefreshHit from cloudfront
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
UNluLg5JNguDkoER7/xVCyMbUmKDKUUwayFWrNaxFQGh9uAPzR5qvhEyxSx28e3X55iZiWhbe6A=
last-modified
Thu, 29 Aug 2019 14:15:34 GMT
server
cloudflare
etag
W/"e835fc393be7df8bc21680227886c2a8"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4uT1MybGBDNJWE7rU6NT9h%2BeoElPeYQD4hwX62ilvM%2F8ZIVd4fJtrJ2zn0%2Fw7OEjY3GUACyb5HUCwop5tuh1aWcp3tTDNWrhz%2BGBs8WMk65XOutvZAzqWe2FSHTqHq2YZpbiFrgslBpRf9tR"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
cf-ray
7c79c8fdde319b63-FRA
x-amz-cf-id
Xmu3qd8QFUlZB7LF94ocVO-yKcZtbpttRo2WOTXfpN6HNrYrpVs3fA==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
gtm.js
www.googletagmanager.com/ 		384 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
14610505ce370f97a024cd871f8dc9f34ac3f07b25700f8d900744b79e5ebd88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109512
x-xss-protection
0
last-modified
Mon, 15 May 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 15 May 2023 07:49:35 GMT
gtm.js
www.googletagmanager.com/ 		265 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c15fcc8166f92d95e73d9a0829a374c8b89ddcbfb5f023b5c3c818d5c1cbed2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90524
x-xss-protection
0
last-modified
Mon, 15 May 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 15 May 2023 07:49:35 GMT
generic
match.adsrvr.org/track/cmf/ 		70 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=id17evj&ttd_tpi=1&ttd_puid=f3f76756-1d1f-4392-b34d-e3ac799fbf5d|06e41583-9ef2-4ab9-8a46-7ecb3254ea86
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 15 May 2023 07:49:35 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
t.gif
wec-assets.terminus.services/f3f76756-1d1f-4392-b34d-e3ac799fbf5d/ 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wec-assets.terminus.services/f3f76756-1d1f-4392-b34d-e3ac799fbf5d/t.gif?d=06e41583-9ef2-4ab9-8a46-7ecb3254ea86&s=1377b931-9870-4d98-b50a-0d6337acce8c&p=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&cb=1684136974972&t=The%20Gmail%20SMTP%20Relay%20Service%20Exploit&r=&e=page_viewed&u=2d7673d5-5847-48ee-b2b6-6dbf6c8397df-1684136974972
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-59.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:36:16 GMT
strict-transport-security
max-age=31536000
via
1.1 f49c99d2326b14738507e1c2ddcae1dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
799
x-cache
Hit from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
_ThSfoPSppKUVhqnFc8xpLLVWWu4khS8_1Tne4gv6jhWygJTEY5EDA==
6si.min.js
j.6sc.co/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.6sc.co/6si.min.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-88.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
12ce92cc3c4eb9d74f48e9a10eb919bdf30bbdc5ccf9843c6543fec302dec54f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 07:49:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 04 Apr 2023 21:13:35 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"642c92ff-8319"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, proxy-revalidate
accept-ranges
bytes
content-length
10492
expires
Mon, 15 May 2023 07:49:35 GMT
css
fonts.googleapis.com/ 		4 KB
777 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto|Montserrat
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/5097885803/1577975559034/Custom/system/default/gradient.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aaf9f27511743021075704cc1a18cd238c71531377f310c4170db754d42d7fa3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/5097885803/1577975559034/Custom/system/default/gradient.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 May 2023 07:49:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 May 2023 07:48:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 May 2023 07:49:35 GMT
qu48rtya1h
fast.wistia.net/embed/iframe/ Frame 3F97 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.net/embed/iframe/qu48rtya1h
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
e5d94fa4258ac39fcc082b7f33391bdf533ea00f37b6c42a8631d0c8e55a9ee5
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
334
cache-control
public, no-cache
content-encoding
br
content-length
2412
content-type
text/html; charset=utf-8
date
Mon, 15 May 2023 07:49:35 GMT
etag
W/"e5d94fa4258ac39fcc082b7f33391bdf"
p3p
CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy
strict-origin-when-cross-origin
server
envoy
strict-transport-security
max-age=0
timing-allow-origin
*
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
via
1.1 varnish, 1.1 varnish
x-browser
chrome
x-browser-version
113
x-cache
HIT, MISS
x-cache-hits
5, 0
x-content-type-options
nosniff
x-download-options
noopen
x-ecma-v
modern
x-envoy-upstream-service-time
60
x-permitted-cross-domain-policies
none
x-request-id
a027d27e-88c0-4f06-beaf-04303485d22f
x-runtime
0.058533
x-served-by
cache-iad-kcgs7200075-IAD, cache-gig2250064-GIG
x-timer
S1684136976.560566,VS0,VE118
lftracker_v1_OKM7ZEDV9rXg2zo4.js
lftracker.leadfeeder.com/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lftracker.leadfeeder.com/lftracker_v1_OKM7ZEDV9rXg2zo4.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-75.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5bfd27d96445b8d09c25ca415de93742d6d91728228df9c81a06e974b779153a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
YtKpQ7Kl2FyfBCIyb43LjeumiBRLVm4T
content-encoding
gzip
via
1.1 1e498d046330e15095a1a2a958463bf4.cloudfront.net (CloudFront)
date
Mon, 15 May 2023 07:43:08 GMT
last-modified
Fri, 05 May 2023 07:01:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
2023
etag
W/"a7f50e694ba15b3b94bf6fc304eafb43"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
FAwALybo1XHIF7Ro_sdP51-cPH6E_YqzTEJFpp4bq71fYjEmRJ2oVA==
close.svg
www.avanan.com/hubfs/jacob_redesign/page_icons/ 		513 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/jacob_redesign/page_icons/close.svg
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/6073351973/1577975559219/Custom/jacob_redesign/css/template.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
24a3a9ccca4cde6a90f28a96467b83fcc8e8b02ae532b85c46d45514e98c9dc9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/6073351973/1577975559219/Custom/jacob_redesign/css/template.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000
via
1.1 d76db2cbee553c8bb2de7fd88a960646.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-6129363300,FD-6106722142,P-1835778,FLS-ALL
content-security-policy
upgrade-insecure-requests
age
285963
x-amz-cf-pop
FRA56-P7
x-amz-request-id
R1ZJ8AH7AF4ZXETQ
content-encoding
br
edge-cache-tag
F-6129363300,FD-6106722142,P-1835778,FLS-ALL
cache-tag
F-6129363300,FD-6106722142,P-1835778,FLS-ALL
x-amz-version-id
aGBLOARAtDK9aU8eL5GIguuA_ii6l6Ic
x-cache
RefreshHit from cloudfront
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
H+JCzkEbgKWB+DboOREBSuv19RBRA5SVOvjLg1bjU3OS00kBUdbQFL0O9aDW2cvAEsucrIQD/BY=
last-modified
Wed, 14 Aug 2019 14:58:10 GMT
server
cloudflare
etag
W/"cad7540d366ad86e66ac89079055b4b9"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XHNsgi%2FpDYiStuKfTJATUQi0WVft%2FmRvMgvkFur8rt9J1lH8LvghqqokfQea3uLVDv%2FVDvWH2x5RnowYLrYWblNcW2dCX80APUpQbBsMiLcuEWx9lHZyPSVK6AsIDkEBzIEVAlKY8BFCOMPK"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
cf-ray
7c79c8fe1e779b63-FRA
x-amz-cf-id
sO7tTaO8jnpdjLBDXUK3fvgtP0nzIWt-S7lPQhjQvlZpxohkcYmMtQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
fa-solid-900.woff2
use.fontawesome.com/releases/v5.2.0/webfonts/ 		61 KB
62 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f

Request headers

Referer
https://use.fontawesome.com/releases/v5.2.0/css/all.css
Origin
https://www.avanan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
2FXS9BXE59KTHM2S
age
2148732
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
62472
x-amz-id-2
y0aVhYzhNvl7FC6tTsJOSQP3cuOB6jJ7i5eYjPy9MuLK77hpoaUzgFe/D/Orh+zwZdS3OelEfGg=
last-modified
Wed, 30 Jun 2021 15:41:55 GMT
server
cloudflare
etag
"b75b4bfe0d58faeced5006c785eaae23"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=enbaoxC32wUZfpHPdz2jZXlBqupVDLqC3jLA1MIQ7TzGX%2FyjVj0tJLP2PkbJgId6y3CxBM0i48ab2LVK9sUcPLSMVcGPHmhGtHNe74OyzDSYw7C7V1roecX1i3rp76uMwpq3HSWFShP66QifYBoGKypU"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7c79c8fe18a590e6-FRA
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900idisplay=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.avanan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 06:24:35 GMT
x-content-type-options
nosniff
age
177900
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 06:24:35 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900idisplay=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.avanan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 18:06:15 GMT
x-content-type-options
nosniff
age
308600
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 May 2024 18:06:15 GMT
u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
fonts.gstatic.com/s/cabin/v26/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:400,500,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.avanan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 22:52:46 GMT
x-content-type-options
nosniff
age
118609
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26100
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 18:41:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 22:52:46 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900idisplay=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.avanan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 17:29:29 GMT
x-content-type-options
nosniff
age
138006
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 17:29:29 GMT
pxiGyp8kv8JHgFVrJJLucHtA.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900idisplay=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.avanan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 19:24:36 GMT
x-content-type-options
nosniff
age
131099
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8668
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:07:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 19:24:36 GMT
98_IDOfMGbVzSZ0lp7BVIs2uidUkbVNUuySSMlMhLn9x93wAi-m88ZeXguQ8HqLcEBW8Scgis4HY3V6h8i0S-3zOiVewhx0tsNDXqf-GSJxyj56w3bcaY_WUu9jOH0jH6syOWEhH
lh6.googleusercontent.com/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh6.googleusercontent.com/98_IDOfMGbVzSZ0lp7BVIs2uidUkbVNUuySSMlMhLn9x93wAi-m88ZeXguQ8HqLcEBW8Scgis4HY3V6h8i0S-3zOiVewhx0tsNDXqf-GSJxyj56w3bcaY_WUu9jOH0jH6syOWEhH
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
c9f4f26b295a1e436fdec1b7d4293be8e52c1b56e6cc522dd88481faffb04146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:48:58 GMT
x-content-type-options
nosniff
age
37
content-disposition
inline;filename="pasted image 0.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85283
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 16 May 2023 07:48:58 GMT
KO7ByfngO2p9dqPPiK4I5HP6n37Nj2VlpoDuWNoOo80IGFVpVxOtTAzDRcpOjoEmkVoGVCA9yJQTF4luRD1NCucdBh62O5bGy-dT9LuksFfhPOe4nqmVcJL7d0ej55LacpNHOSfl
lh5.googleusercontent.com/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh5.googleusercontent.com/KO7ByfngO2p9dqPPiK4I5HP6n37Nj2VlpoDuWNoOo80IGFVpVxOtTAzDRcpOjoEmkVoGVCA9yJQTF4luRD1NCucdBh62O5bGy-dT9LuksFfhPOe4nqmVcJL7d0ej55LacpNHOSfl
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a260880e14e5092f64a82ce312043ad414261d82dab1b3a982329e64d9b4da09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="pasted image 0.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94409
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 16 May 2023 07:49:35 GMT
purify.min.js
cdnjs.cloudflare.com/ajax/libs/dompurify/2.4.3/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/dompurify/2.4.3/purify.min.js
Requested by
Host: www.gartner.com
URL: https://www.gartner.com/reviews/public/Widget/js/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
265dc9381f2b760551a12eb31f4bbc194ea6609b90fd79a59fc53cb0e1210146
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
407338
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7628
last-modified
Fri, 06 Jan 2023 14:33:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"63b83136-1dcc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7M81Iow1Lury2STFijqdz8lHpt0j9xE7APlwzhAGS4RxRgFwY3fBYKsty070m005anwTFr5MOpqPbks4TJDryUwrkHiKSCPWA1X7sZJuVgi8tOq%2B9rBjrJZqosZWtxj4gGZ84iCDBo4PYT6O9mfuJ1T3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c79c8fe5919bbd3-FRA
expires
Sat, 04 May 2024 07:49:35 GMT
widget.css
www.gartner.com/reviews/public/Widget/css/ 		155 KB
112 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gartner.com/reviews/public/Widget/css/widget.css
Requested by
Host: www.gartner.com
URL: https://www.gartner.com/reviews/public/Widget/js/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-112.fra56.r.cloudfront.net
Software
Apache / Express
Resource Hash
caeacfc37ca68a7952a6f8f660a28ae52e64a62c5240b2976d502dccf8a8f48a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 05:43:17 GMT
content-encoding
gzip
via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
last-modified
Fri, 12 May 2023 09:25:10 GMT
server
Apache
x-amz-cf-pop
FRA56-C2
age
7578
x-powered-by
Express
etag
W/"26c23-1880f4748f0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
x-amz-cf-id
Fvua3hTXbpSspg0OZWk0SkZqPaRVDlBLX_sh1WOqbYofF59-1JuoRg==
data
www.gartner.com/reviews/public/Widget/ Frame 9F31 		34 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gartner.com/reviews/public/Widget/data?widget_id=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy&size=large
Requested by
Host: www.gartner.com
URL: https://www.gartner.com/reviews/public/Widget/js/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-112.fra56.r.cloudfront.net
Software
Apache / Express
Resource Hash
2193768a4eeab81d445dc71d0e14b7234f707b2f1deb9ebd5f508738fe4cda83

Request headers

Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
37
cache-control
private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 15 May 2023 07:48:58 GMT
etag
W/"57f-sr923y4RyJqqcTbg3QoemUgdIRE:dtagent1024322060615355013ZP:dtagent1024322060615355013ZP"
server
Apache
vary
Accept-Encoding
via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
x-amz-cf-id
vzkQ0tB1uhi4hiZnwsBRHhVBCIck5FYsF-34QZj9Azxy0EgTYIGh3Q==
x-amz-cf-pop
FRA56-C2
x-cache
Hit from cloudfront
x-oneagent-js-injection
true
x-powered-by
Express
x-ruxit-js-agent
true
fa-brands-400.woff2
use.fontawesome.com/releases/v5.2.0/webfonts/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589

Request headers

Referer
https://use.fontawesome.com/releases/v5.2.0/css/all.css
Origin
https://www.avanan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8BZRZZVXC93D94EH
age
870090
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
64144
x-amz-id-2
q64F+hWBgS/bJrRhSJXiNzvo0zN097a0TlXEKq/CEr9NHzjJE32kaPPAO6IAxD5gAh90DhC88Io=
last-modified
Wed, 30 Jun 2021 15:41:55 GMT
server
cloudflare
etag
"6814d0e8136d34e313623eb7129d538e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X7yw%2BXF9yAczwIjN1rITytZv%2FY56KtGV23mzvj02WxgCksdceK0DkOGNtpKDCm6%2FdXuhW%2BpuUMGjR4HpFucYzLPTVdnj9J6Ff2CUnNo9t2gEWkty15qADZKyWPkDdfz8m%2BjsaD3E63go%2Bq8aE4BPWzhk"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7c79c8fecc4b1957-FRA
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900idisplay=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.avanan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 03:01:39 GMT
x-content-type-options
nosniff
age
276476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7840
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 May 2024 03:01:39 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900idisplay=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.avanan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 15:41:35 GMT
x-content-type-options
nosniff
age
144480
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 15:41:35 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Montserrat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.avanan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 12 May 2023 02:20:05 GMT
x-content-type-options
nosniff
age
278970
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12708
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:55:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 May 2024 02:20:05 GMT
ruxitagentjs_A2NVfhjqru_10243220606153550.js
www.gartner.com/ Frame 9F31 		170 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gartner.com/ruxitagentjs_A2NVfhjqru_10243220606153550.js
Requested by
Host: www.gartner.com
URL: https://www.gartner.com/reviews/public/Widget/data?widget_id=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy&size=large
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-112.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
21091df3e91e575d018aa5b94c490bc0921233e901913052ceec557a2f3537ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gartner.com/reviews/public/Widget/data?widget_id=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy&size=large
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 05 May 2023 22:57:48 GMT
content-encoding
gzip
via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
last-modified
Wed, 03 Mar 2010 07:01:40 GMT
server
Apache
x-amz-cf-pop
FRA56-C2
age
809507
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
content-length
67984
x-amz-cf-id
wGiTV-62ZbAOEbf3Rgoo6wLFMi3jmoUVHWz-uKj234WRfQUvm7fCvQ==
expires
Sat, 04 May 2024 22:57:48 GMT
data.js
www.gartner.com/reviews/public/Widget/js/ Frame 9F31 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gartner.com/reviews/public/Widget/js/data.js
Requested by
Host: www.gartner.com
URL: https://www.gartner.com/reviews/public/Widget/data?widget_id=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy&size=large
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-112.fra56.r.cloudfront.net
Software
Apache / Express
Resource Hash
9a9a0e517e155893dcddb5939615e47f2cd61651e3f179ae21729e8847f8668a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gartner.com/reviews/public/Widget/data?widget_id=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy&size=large
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 05:16:22 GMT
content-encoding
gzip
via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
last-modified
Fri, 12 May 2023 09:25:08 GMT
server
Apache
x-amz-cf-pop
FRA56-C2
age
9193
x-powered-by
Express
etag
W/"6be-1880f474120"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
x-amz-cf-id
5yr1ys2P3YLVo6TCP3u-8s7Lcn9StMSWaAkFujoZGkAM9xZrO_nstA==
/
tr.lfeeder.com/ 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.lfeeder.com/?sid=OKM7ZEDV9rXg2zo4&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6W10sImdhQ2xpZW50SWRzIjpbXSwiY29udGV4dCI6eyJsaWJyYXJ5Ijp7Im5hbWUiOiJsZnRyYWNrZXIiLCJ2ZXJzaW9uIjoiMi42MS4wIn0sInBhZ2VVcmwiOiJodHRwczovL3d3dy5hdmFuYW4uY29tL2Jsb2cvdGhlLWdtYWlsLXNtdHAtcmVsYXktc2VydmljZS1leHBsb2l0P3V0bV9jYW1wYWlnbj1DYW1wYWlnbiUyMC0lMjBHbWFpbCUyMEVudGVycHJpc2UlMjBVUyUyMDUlMkY5JTIwLSUyMEZZMjMmdXRtX21lZGl1bT1lbWFpbCZfaHNtaT0yNTY5OTk1MTkmX2hzZW5jPXAyQU5xdHotXzQtWTQ4RjRSS2dWdWFFdklOVkxrWHg5a0xGV1lfQ2VkeTRfUm1rV3pXc0ZlZUpDWDNQMkFjSFQ5UDNiQnlieTd0TllmdDhTTGpIdzVKSFJ3eEd6MkxIX3JWR2cmdXRtX2NvbnRlbnQ9MjU2OTk5NTE5JnV0bV9zb3VyY2U9aHNfYXV0b21hdGlvbiIsInBhZ2VUaXRsZSI6IlRoZSBHbWFpbCBTTVRQIFJlbGF5IFNlcnZpY2UgRXhwbG9pdCIsInJlZmVycmVyIjoiIn0sImV2ZW50IjoidHJhY2tpbmctZXZlbnQiLCJjbGllbnRFdmVudElkIjoiNjRjN2FlYjFkYTJlNWQ0NSIsInNjcmlwdElkIjoiT0tNN1pFRFY5clhnMnpvNCIsImNvb2tpZXNFbmFibGVkIjp0cnVlLCJjb25zZW50TGV2ZWwiOiJub25lIiwiYW5vbnltaXplSXAiOnRydWUsImxmQ2xpZW50SWQiOiJMRjEuMS4wMjAwN2RkYmUxOGM3ODA0LjE2ODQxMzY5NzUzMDciLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlLCJhdXRvVHJhY2tpbmdNb2RlIjoib25fc2NyaXB0X2xvYWQifQ==
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-89.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
LambdaGeneratedResponse from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
HP0WNRbr4ARpxafogK-MZ0LhQd2k9d9joSA3PEqmpkOIFUWEpXOg0w==
optimize.js
www.google-analytics.com/gtm/ 		116 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=GTM-P5GTK6B
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3e00dbd0107d87573b81f1a74dfa5cde40905a92bd5634b8680bde46d926d744
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46404
x-xss-protection
0
last-modified
Mon, 15 May 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 15 May 2023 07:49:35 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 15 May 2023 06:35:39 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
4436
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Mon, 15 May 2023 08:35:39 GMT
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230126-FRA
insight.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::210:ca7a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Jan 2023 17:22:56 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=86049
accept-ranges
bytes
content-length
4777
bat.js
bat.bing.com/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Mon, 15 May 2023 07:49:34 GMT
last-modified
Thu, 11 May 2023 18:08:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DFDE8403DD024BFBA7BD3124C89B130C Ref B: FRA31EDGE0121 Ref C: 2023-05-15T07:49:35Z
etag
"80df77953384d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12183
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/881234066/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/881234066/?random=1684136975329&cv=11&fst=1684136975329&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&hn=www.googleadservices.com&frm=0&tiba=The%20Gmail%20SMTP%20Relay%20Service%20Exploit&auid=1025096594.1684136975&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9cc4593f52bca6bee12a30d4e096d25b8d93c7cbde26648fd215dc22ffb781aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 07:49:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1417
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hotjar-2523353.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2523353.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-49.fra56.r.cloudfront.net
Software
/
Resource Hash
dbc76164bf9cf40d574122130187f2507e944800ab74de82b1b5654b5245c367
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Mon, 15 May 2023 07:49:35 GMT
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/10a39219aa9b99ebe86f3404c6bea1a3
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
oLLnVzIddHYyxkG1EsEPrrcbp6e1dTnPXLcXkzsjFz5Z-yKacnfgAA==
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/e3t/Ctc/2H+113/ccGyW04/VWP20H1FLyZdVKxs13399NGzW89-nNw4-m1slN97h0Hy3q3phV1-WJV7CgJLtVS8wRw4kgLcfW1TVMFh48D3SKW4p6snp7_sJrVW3hhKLR7_NnzbW2KGvwb7G_439W2j4rQK6884kbVr562n4j_-J4W3gfVqm1PZ3xmW2qyn625zkQkMW1zMSMM94CmNYW2JszMn7zw5SbV8xR5K7lC6h1W2rbZd13zxJgQW33f-Ty4G6vwtW3bYsJX6V6_GBW3HxFhl5WqmpjW8QlG5M7hFyFJVPVT4G8_TDVLW77wpTJ5wSt-HW3wWFKk1T45vFW4dJxJp2KK5dzW8fCpnc3WRwklV65Mpz6_hM0WW8gbb3-7_9VCwW4nKhDT5sdpM5W98K7Wc1rwy2qW3MXpKY8xrnWFW9hzSww6RPzRq3by31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 15 May 2023 07:49:35 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27538
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
ekkfAL/yikfh8pfA9n7r0fkFh9dTXZNdpMWw20wk4Nsuh0zz3wNffiMXpbiMIN1frTK4Hqw2BBhZ3JkX5wASxA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
w.js
d10lpsik1i8c69.cloudfront.net/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/e3t/Ctc/2H+113/ccGyW04/VWP20H1FLyZdVKxs13399NGzW89-nNw4-m1slN97h0Hy3q3phV1-WJV7CgJLtVS8wRw4kgLcfW1TVMFh48D3SKW4p6snp7_sJrVW3hhKLR7_NnzbW2KGvwb7G_439W2j4rQK6884kbVr562n4j_-J4W3gfVqm1PZ3xmW2qyn625zkQkMW1zMSMM94CmNYW2JszMn7zw5SbV8xR5K7lC6h1W2rbZd13zxJgQW33f-Ty4G6vwtW3bYsJX6V6_GBW3HxFhl5WqmpjW8QlG5M7hFyFJVPVT4G8_TDVLW77wpTJ5wSt-HW3wWFKk1T45vFW4dJxJp2KK5dzW8fCpnc3WRwklV65Mpz6_hM0WW8gbb3-7_9VCwW4nKhDT5sdpM5W98K7Wc1rwy2qW3MXpKY8xrnWFW9hzSww6RPzRq3by31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-217.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 06:50:01 GMT
content-encoding
gzip
via
1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 19:59:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
3575
etag
W/"dc0bbcecf2e632d9beb92f4d88b21c2b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
cnwYcftSBDyLZo4ZrQtugmi6ndaIwWM8XlvFVd3K7BIRp38OAAFLfg==
px.js
px.spiceworks.com/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://px.spiceworks.com/px.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.212 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
a405625d3620d1ef8d74c8bdfae7a609a563854125a2e4d306b9b33083a50c7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-iinfo
11-2001896-2001898 NNYN CT(26 26 0) RT(1684136975387 37) q(0 0 0 0) r(1 1) U24
date
Mon, 15 May 2023 07:49:35 GMT
content-encoding
gzip
x-cdn
Imperva
content-type
text/javascript
tracker
www.influ2.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.influ2.com/tracker?clid=94f01642-c25e-4c39-b6b1-8eb7959ff1af
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.219 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
219.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
7d44991abb8050e8635c2c77d056df901f9a0ed11a854ff87e919fc09be4c13b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 google
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
tracking.js
trk.techtarget.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk.techtarget.com/tracking.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/e3t/Ctc/2H+113/ccGyW04/VWP20H1FLyZdVKxs13399NGzW89-nNw4-m1slN97h0Hy3q3phV1-WJV7CgJLtVS8wRw4kgLcfW1TVMFh48D3SKW4p6snp7_sJrVW3hhKLR7_NnzbW2KGvwb7G_439W2j4rQK6884kbVr562n4j_-J4W3gfVqm1PZ3xmW2qyn625zkQkMW1zMSMM94CmNYW2JszMn7zw5SbV8xR5K7lC6h1W2rbZd13zxJgQW33f-Ty4G6vwtW3bYsJX6V6_GBW3HxFhl5WqmpjW8QlG5M7hFyFJVPVT4G8_TDVLW77wpTJ5wSt-HW3wWFKk1T45vFW4dJxJp2KK5dzW8fCpnc3WRwklV65Mpz6_hM0WW8gbb3-7_9VCwW4nKhDT5sdpM5W98K7Wc1rwy2qW3MXpKY8xrnWFW9hzSww6RPzRq3by31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 13 Dec 2022 15:01:39 GMT
server
cloudflare
age
56273
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=1200
cf-ray
7c79c9006e369b94-FRA
expires
Mon, 15 May 2023 08:09:35 GMT
4393.js
tracking.g2crowd.com/attribution_tracking/conversions/ 		16 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.g2crowd.com/attribution_tracking/conversions/4393.js?p=https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation&e=
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
x-permitted-cross-domain-policies
none
content-security-policy
default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
x-xss-protection
1; mode=block
x-request-id
9707669a-29dc-44c7-8acb-542333c8ab31
x-runtime
0.004259
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"3dae93a05edd9dcfc1864b87178a31e0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=600, public
cf-ray
7c79c9006d133a97-FRA
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/881234066/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/881234066/?random=1684136975351&cv=9&fst=1684136975351&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&tiba=The%20Gmail%20SMTP%20Relay%20Service%20Exploit&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d5611a48c63965250e4fcd390221238a05573ebfc21857d3253927ff0983a868
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 07:49:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1504
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1aa038e69fb05d11fb4d6b5f280a40e03162f22452188f9227cd5e40aa1a9b80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 15 May 2023 07:49:35 GMT
content-md5
9LS5Mubi1PX4aegOWRRpfA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
X2j6fZXqOHFPuxcyE2BabUcRn7Id89E0Us9uj8GfU1WQPlxOw7i+Ac26h0ZBo06eHgc28i9MBvB9F8CxXb3EGg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
ead5f0fd54d4511b271d0d9c2d41d9dc
cross-origin-opener-policy
same-origin-allow-popups
etag
"13245e48a16d0f2ebc572d3335209111"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=()
x-frame-options
DENY
timing-allow-origin
*
expires
Mon, 15 May 2023 08:00:47 GMT
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6738) /
Resource Hash
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Mon, 15 May 2023 07:49:35 GMT
Content-Encoding
gzip
Age
731
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27630
Last-Modified
Tue, 24 Jan 2023 21:41:51 GMT
Server
ECS (frb/6738)
Etag
"9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
api
www.gartner.com/reviews/ Frame 9F31 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gartner.com/reviews/api?apiKey=ZTU3MThjMWEtOTc1ZS00YzgwLWIzZGEtNDg0ODlkMDc0ODRk&paramsKey=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy
Requested by
Host: www.gartner.com
URL: https://www.gartner.com/reviews/public/Widget/js/data.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-112.fra56.r.cloudfront.net
Software
Apache / Express
Resource Hash
861faea2aa24f42b2ab62f71cf6c59ea895a40b1acf9834408b42d61791cad84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gartner.com/reviews/public/Widget/data?widget_id=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy&size=large
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
content-encoding
gzip
via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
FRA56-C2
x-powered-by
Express
etag
W/"114e-QuQ0j/RK53gt+t9+fTWEbKZSMrM:dtagent1024322060615355013ZP:dtagent1024322060615355013ZP"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
cache-control
private
server-timing
dtSInfo;desc="0", dtRpid;desc="121849195"
x-amz-cf-id
UH-EmyrpQT6Bc8OjuGeuQu_YA3HHf_slE7X6xVwgZCNSpW6Ieu16eQ==
has-permission
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 		0
659 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=1835778&callback=jsonpHandler
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
x-hs-worker-debug-mode
false
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
b54a41ae-d499-4558-b2b9-3d8226a36cfe
x-envoy-upstream-service-time
4
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
reporting-endpoints
default="https://send.hsbrowserreports.com/csp/reports?cfRay=7c79c9008c5e906c&resource=unknown"
x-evy-trace-listener
listener_https
x-request-id
6703e77a-61ed-4463-92c6-6f5b19ab452b
server
cloudflare
x-trace
2B7885EC8B7F8BAF5D39DC8C93E4CF41C5BD0A1B70000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
GET
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-589c5fd4fb-hr6hf
x-evy-trace-virtual-host
all
cache-control
max-age=0
access-control-allow-credentials
true
cf-ray
7c79c9008c5e906c-FRA
postlisting
www.avanan.com/_hcms/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/_hcms/postlisting?blogId=4153530738&maxLinks=6&listingType=recent&orderByViews=false&hs-expires=1715538769&hs-version=2&hs-signature=AJ2IBuEA3PXeueoZP719hOdcp3y4j_X6XQ&currentUrl=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/hs/hsstatic/AsyncSupport/static-1.122/js/post_listing_asset.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
33898eec6c986fb47629644a8e77919b70f225f8e0c20020abb3cb1c88e87b8a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
d25f1d14-842c-4aae-a5a3-fa683355cd3e
x-envoy-upstream-service-time
25
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
a05a2b39-ff6d-4cdf-9b47-19a9967d91d4
last-modified
Mon, 15 May 2023 07:49:35 GMT
server
cloudflare
x-trace
2BC8F6AFA749CAC684C3FD77E45CA3CD93E69A0E16000000000000000000
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WwRi8O5bJeK6n2cXXbakA7vNnRu6e7tWzWKiU4xxE6sSZgXDeXP5PZhTTD5tgGSfDD0xhhqN6%2FvNvS9svOK0%2BcW8On%2BEAfC1lFgXjxffypMVUEmCRQyNtlNT68j6TcKFvuZHMAfkbFmnQ5kD"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
x-evy-trace-served-by-pod
iad02/cms-20-29-td/envoy-proxy-6f7769994f-vk8gf
x-evy-trace-virtual-host
all
access-control-allow-credentials
false
cf-ray
7c79c9007a209b63-FRA
x-robots-tag
none
postlisting
www.avanan.com/_hcms/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/_hcms/postlisting?blogId=4153530738&maxLinks=6&listingType=popular_all_time&orderByViews=true&hs-expires=1715538769&hs-version=2&hs-signature=AJ2IBuFCLCFwKyDk2aNtxb_53SWd-VHFVA&currentUrl=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/hs/hsstatic/AsyncSupport/static-1.122/js/post_listing_asset.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cee4c88acf7c3c3dcccb399551a63adc05cbbc91644ff64b5086136c7c0776ff
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
fb71f112-fb4a-44fb-b3ce-a38e567f41d3
x-envoy-upstream-service-time
29
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
e6f56d2b-efaf-469e-b195-9fdf4159e267
last-modified
Mon, 15 May 2023 07:49:35 GMT
server
cloudflare
x-trace
2B93EC853C34193B048B94175413A7E5775B63D912000000000000000000
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hpfFzSw7Ym56jxPVMzLOYuAQsKSIAY7NJjK%2F57sBAqjnnTkIGqPe5kF%2BkN9dwWxv%2BC4PoTaE0cuWf3XqtAwTXFHI9k1ApQBxbP8zIevowj9DBvgOa014jzqTS9CyYz%2FiIrX5XTwrqWrAbDDh"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
x-evy-trace-served-by-pod
iad02/cms-20-29-td/envoy-proxy-6f7769994f-vk8gf
x-evy-trace-virtual-host
all
access-control-allow-credentials
false
cf-ray
7c79c9007a249b63-FRA
x-robots-tag
none
token
cdn.linkedin.oribi.io/partner/110528/domain/avanan.com/ 		36 B
373 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/110528/domain/avanan.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:3a00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:15:53 GMT
content-encoding
gzip
via
1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
2022
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
xJYRMtySD0Gisc54ipHn2Nj896dgW_29SBe1ulLJ8xf_LqT2aaJc1A==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=110528&time=1684136975445&url=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D110528%26time%3D1684136975445%26url%3Dhttps%253A%252F%252Fwww.avanan.com%252Fblog...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=110528&time=1684136975445&url=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=110528&time=1684136975445&url=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmai...
0
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=110528&time=1684136975445&url=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&liSync=true&e_ipv6=AQLF362UaKO4IQAAAYgeYt2TDBHdEieg_CovIFsg2VPuOJrT27ldwlE7aKESwzed
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 4E865CC2B89C4BC38BA8C4261D53B39F Ref B: FRAEDGE1507 Ref C: 2023-05-15T07:49:35Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX7trIzzsZ34llddit/Fg==

Redirect headers

date
Mon, 15 May 2023 07:49:34 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: F18886B02B734242B1C4A4F943D321E0 Ref B: DUS30EDGE0312 Ref C: 2023-05-15T07:49:35Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=110528&time=1684136975445&url=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&liSync=true&e_ipv6=AQLF362UaKO4IQAAAYgeYt2TDBHdEieg_CovIFsg2VPuOJrT27ldwlE7aKESwzed
x-li-proto
http/2
content-length
0
x-li-uuid
AAX7trIxYuF9mTrL+0d9eA==
/
www.google.com/pagead/1p-user-list/881234066/ 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/881234066/?random=1684136975329&cv=11&fst=1684134000000&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&frm=0&tiba=The%20Gmail%20SMTP%20Relay%20Service%20Exploit&fmt=3&is_vtc=1&random=66485178&rmt_tld=0&ipr=y
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 07:49:35 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/881234066/ 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/881234066/?random=1684136975329&cv=11&fst=1684134000000&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&frm=0&tiba=The%20Gmail%20SMTP%20Relay%20Service%20Exploit&fmt=3&is_vtc=1&random=66485178&rmt_tld=1&ipr=y
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 07:49:35 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/881234066/ 		42 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/881234066/?random=1684136975351&cv=9&fst=1684134000000&num=1&guid=ON&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&tiba=The%20Gmail%20SMTP%20Relay%20Service%20Exploit&fmt=3&is_vtc=1&random=3607446648&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 07:49:35 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/881234066/ 		42 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/881234066/?random=1684136975351&cv=9&fst=1684134000000&num=1&guid=ON&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&tiba=The%20Gmail%20SMTP%20Relay%20Service%20Exploit&fmt=3&is_vtc=1&random=3607446648&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 07:49:35 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tbw_analytics_v1.0.js
d26x5ounzdjojj.cloudfront.net/tbw/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d26x5ounzdjojj.cloudfront.net/tbw/tbw_analytics_v1.0.js?7
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/e3t/Ctc/2H+113/ccGyW04/VWP20H1FLyZdVKxs13399NGzW89-nNw4-m1slN97h0Hy3q3phV1-WJV7CgJLtVS8wRw4kgLcfW1TVMFh48D3SKW4p6snp7_sJrVW3hhKLR7_NnzbW2KGvwb7G_439W2j4rQK6884kbVr562n4j_-J4W3gfVqm1PZ3xmW2qyn625zkQkMW1zMSMM94CmNYW2JszMn7zw5SbV8xR5K7lC6h1W2rbZd13zxJgQW33f-Ty4G6vwtW3bYsJX6V6_GBW3HxFhl5WqmpjW8QlG5M7hFyFJVPVT4G8_TDVLW77wpTJ5wSt-HW3wWFKk1T45vFW4dJxJp2KK5dzW8fCpnc3WRwklV65Mpz6_hM0WW8gbb3-7_9VCwW4nKhDT5sdpM5W98K7Wc1rwy2qW3MXpKY8xrnWFW9hzSww6RPzRq3by31
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.132 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-132.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
09fdb2959efa7f317724a5762ad6dd73d941613bfd3764ed8be04ddbc4338b4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Sun, 14 May 2023 19:35:42 GMT
Via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
Last-Modified
Tue, 24 Mar 2020 04:06:51 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C1
Age
44034
ETag
"463d5912885bbaf6257aaac2e9d8935e"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11917
X-Amz-Cf-Id
DafQfhf-jLfyz9NQXtkUFc1Gb4_bHVNV436xSZeUGn41BzgPZK-4aw==
cta-json
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit&pageId=71610396684&pid=1835778&sv=cta-embed-js-static-1.167&utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&rdy=1&cos=1&df=t&pg=c953fa87-efa0-494e-9947-98ffe764fcd8
Requested by
Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9660a687d49b304caa9c3ba8c0121998229f0c4e773c287cd72f66a0dd4afa12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-origin-hublet
na1
date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
120c70c3-f329-4f76-995b-9c15082a0dc2
x-evy-trace-route-service-name
envoyset-translator
x-envoy-upstream-service-time
28
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
05a6f73d-4a95-46bb-9c81-bfbf28aad2a5
server
cloudflare
x-trace
2BFF73E39DD0C7AE7943DC9140C4F731F4D624D1FE000000000000000000
vary
origin
access-control-allow-methods
OPTIONS, GET
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.avanan.com
x-evy-trace-virtual-host
all
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-58fd596dd9-h8hrp
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UsH5czulQTIxT80ht293AeTkDEiB6TQBc6nvelydkDPBI9YNQO14adla642mzLtcpJ46W00JD42DlKB6Z4Jxmi6VQylRUEnV%2B%2BM78H0uDLDBdCHK9fUadCKfSfhv%2BFVFy8YNM5eq3%2Btrp%2BqQTvCI0vV7q%2B%2FLbBHmOVQ%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag
noindex, follow
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray
7c79c900bc91906c-FRA
adsct
t.co/i/ 		43 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=ddcd74e6-2698-4ab8-bb61-80430b61993b&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8d678713-9b9f-4ec9-819d-df2775f6dd14&tw_document_href=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0967&type=javascript&version=2.3.29
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time
102
date
Mon, 15 May 2023 07:49:34 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
dcf1349b422dee32
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
9bbe339832d78e1b879ceff3b032675879704ae5e12164c2312f347607811ef4
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=ddcd74e6-2698-4ab8-bb61-80430b61993b&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8d678713-9b9f-4ec9-819d-df2775f6dd14&tw_document_href=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o0967&type=javascript&version=2.3.29
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time
107
date
Mon, 15 May 2023 07:49:34 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
9f0e62ab86c2f8d6
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
4bda13e65cc20ce3683ec563fb6f8e07cb822909c007480e96fda4ee38043e4b
content-length
43
collect
www.google-analytics.com/j/ 		4 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=196176192&t=pageview&_s=1&dl=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&ul=en-us&de=UTF-8&dt=The%20Gmail%20SMTP%20Relay%20Service%20Exploit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABQAAAACAAI~&jid=720145111&gjid=1663902084&cid=1694533053.1684136975&tid=UA-59393664-1&_gid=1319487684.1684136975&_r=1&_slc=1&gtm=45He35a0n81MQZBTTX&z=1752224784
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 May 2023 07:49:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.avanan.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
25018126.js
bat.bing.com/p/action/ 		0
139 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/25018126.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Mon, 15 May 2023 07:49:35 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 60EFCA5FC5B24E538BE7FBDC54487AF8 Ref B: FRA31EDGE0121 Ref C: 2023-05-15T07:49:35Z
x-powered-by
ARR/3.0
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=25018126&tm=gtm002&Ver=2&mid=cd1c6139-ab49-4965-8e43-24b81d8d6d6d&sid=094713e0f2f511edadc9956818f14882&vid=09472b90f2f511ed9d27bdd2955d5e91&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=The%20Gmail%20SMTP%20Relay%20Service%20Exploit&p=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&r=&lt=1088&evt=pageLoad&sv=1&rn=985661
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 May 2023 07:49:34 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0A9A15DC7A1C46BCAE93921F002ECDB0 Ref B: FRA31EDGE0121 Ref C: 2023-05-15T07:49:35Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
1936026250043111
connect.facebook.net/signals/config/ 		300 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1936026250043111?v=2.9.104&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a9d395934397a732fbe71389da2c91e6b1b145e84df96ebef2530466fae5741a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 15 May 2023 07:49:35 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88007
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
accoiWpyGrtiGbEBGPMHOrMM4A0uJKAG0dOu/CRMqTt/9DJnX0Hut0eomiK9J5EJ/x+f+fO0hh7EFyXL5pWKIQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=()
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
all.js
connect.facebook.net/en_US/ 		303 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=3ad2241afec574049bc4f3228e583fe2
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
06b19cc42570e31c7e4578e943ccdc73578e4bbd6854a7c8b7755bd5c9d88757
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Origin
https://www.avanan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 15 May 2023 07:49:35 GMT
content-md5
/FscLzqTtpHxNOlXN6MM8g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86993
x-fb-rlafr
0
x-fb-debug
gtX5K38EBkcbBE3JDOE8t1+GFjE/AY3x6Cm1SRVmiC4P4mUIExb/kvD9/nWq0VjL3jm83pQqeXc6snBjjBgWrw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
a0db6fbae8b3759ebd5ddb4465837604
cross-origin-opener-policy
same-origin-allow-popups
etag
"5074fc7f793f2e7fa0cb7edff4bfd299"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=()
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Tue, 14 May 2024 06:32:06 GMT
/
settings.luckyorange.net/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://settings.luckyorange.net/?u=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&s=128904
Requested by
Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e63415b27f670b7443693ed18a33bbc6c8c4f19976469ab38ae1784b29e70c6f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.avanan.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5t%2B0Pm8DzjpQoLWcu4jZ%2BbZ29slD2tAyhCQjZhYx8AC95QMdbaWX1ZEkbXbxUvnF3AYG8ZiIb3GcQAHI6fyWaIUyUwzgc5twnys7cDtQfTCwAO0D7ecSECQzqQq8HDx73M%2FyBgoJzXoDPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-credentials
true
cf-ray
7c79c90129a81ad4-FRA
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since
widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html
platform.twitter.com/widgets/ Frame 6B28 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.avanan.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669E) /
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1419434
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105435
Content-Type
text/html; charset=utf-8
Date
Mon, 15 May 2023 07:49:35 GMT
Etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:13 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/669E)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
collect
stats.g.doubleclick.net/j/ 		4 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-59393664-1&cid=1694533053.1684136975&jid=720145111&gjid=1663902084&_gid=1319487684.1684136975&_u=YEBAAEAAQAAAACAAI~&z=1170418967
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 15 May 2023 07:49:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.avanan.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
gif.gif
ibc-flow.techtarget.com/a/ 		43 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=1237514&r=1684136975530&ref=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&version=2.4
Requested by
Host: trk.techtarget.com
URL: https://trk.techtarget.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.208.111.34.bc.googleusercontent.com
Software
nginx/1.20.2 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

ibc_rate_tier
1237514
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
via
1.1 google
x-guploader-uploadid
ADPycdsvZy1k5uVqZwbZwfNKMl211CegU5oe0mh3UwUd97YhHUbF-Lv73DrjL_wHks1gp6ijAi4wHUks7Zu889khUuhH-CU-RMu7
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
last-modified
Thu, 08 Dec 2022 21:19:29 GMT
server
nginx/1.20.2
etag
"fc94fb0c3ed8a8f909dbc7630a0987ff"
vary
Origin
x-goog-generation
1670534369365034
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
cache-control
public, max-age=3600
access-control-allow-methods
GET, POST, OPTIONS
x-goog-stored-content-length
43
accept-ranges
bytes
access-control-allow-headers
ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
expires
Mon, 15 May 2023 08:49:35 GMT
modules.fd09c58d161df4a05875.js
script.hotjar.com/ 		264 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.fd09c58d161df4a05875.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2523353.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-122.fra56.r.cloudfront.net
Software
/
Resource Hash
9a83cb63ef8312699836ca708d4a7bb796a19592aab3ce4a57cca079cb334fbc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:42:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
448
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
69346
last-modified
Mon, 15 May 2023 07:41:30 GMT
etag
"63c4abfb080d7f444748372ed4a9453c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
OQBIlB5FC6UaQRVnlRaNLPPxtwSVI955SnqaSqxc9EmOh9gZK6thow==
1835778.js
js.hs-banner.com/ 		61 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/1835778.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/hs/scriptloader/1835778.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f23f42796e0c3e29ba160c46015b9aef160581a01ac3f0f14e26bf94b208fe79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
x-amz-version-id
YDXH_YH_fFN824GrCrw6l909TTdj_LzM
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
QPJ08VSD18ARP5Q9
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
age
37
x-envoy-upstream-service-time
38
x-amz-id-2
9ZWsBQ141KBeJGxYLDYRRpFbG0Cem4F3lk9Q9quoqnNiJZ1/pxDkIpx0aSP7Pk+c2PznlGxl/RF5KcNYout04jkUEOk+fNeSxjRDyobbjEU=
x-evy-trace-listener
listener_https
x-request-id
a49caab5-cd1f-49d4-a2cf-7e643d4fe16c
x-evy-trace-route-configuration
listener_https/all
last-modified
Mon, 17 Apr 2023 15:01:25 GMT
server
cloudflare
etag
W/"91a0403e81a48229dd9d61cc70615a87"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.avanan.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-6b7cfc8cf5-rc2n7
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
7c79c9014c2d5b80-FRA
expires
Mon, 15 May 2023 07:53:58 GMT
leadflows.js
js.hsleadflows.net/ 		545 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/hs/scriptloader/1835778.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7f6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
344cd43902a0ac8a2a12b112a9a9904fb7b26ebd33ead31a492aed6ef4e89b82

Request headers

Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Origin
https://www.avanan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
x-amz-version-id
gY.ddbQs4Pt.3p8HNDwQjbxkSRA75npf
via
1.1 c3d335addde48969fafe25d4064cee80.cloudfront.net (CloudFront)
cf-cache-status
EXPIRED
content-encoding
br
x-amz-cf-pop
IAD12-P3
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1202/bundle/main/lead-flows-release.js&cfRay=7c79c9015f0c9b83-IAD
x-cache
Hit from cloudfront
cache-tag
staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
12
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
c3d1bff3-10a6-4270-840b-29264a445cc5
last-modified
Mon, 08 May 2023 08:57:34 UTC
server
cloudflare
etag
W/"b2585633e816f12e4b5de8663cf46c30"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
x-hs-cache-status
MISS
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control
s-maxage=86400, max-age=0
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-589c5fd4fb-cssjl
cf-ray
7c79c9015f0c9b83-FRA
x-amz-cf-id
vkYtthGYADrKrFKiyEiw1O00W-f2kFV22XoQL5OwRHr6KQEus7KkRw==
x-hs-target-asset
lead-flows-js/static-1.1202/bundle/main/lead-flows-release.js
1835778.js
js.hs-analytics.net/analytics/1684136700000/ 		65 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1684136700000/1835778.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/hs/scriptloader/1835778.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:89ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3491c0c307e23d2e50f8fe6e613e44118d1b26b2838b5b1e82f0fc4d0804ac4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
D66QKABNKHJMZR5Z
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-envoy-upstream-service-time
22
x-amz-id-2
Wrmu7sON2ZOeXZdzu4j9udunmYBqO6aWCEiqQHcAKQ1Rj6Nxz1DWsJMXWeIbTpJB0Lmk7BSdskw=
x-evy-trace-listener
listener_https
x-request-id
480d647f-052b-434f-9e40-52acea0bb223
x-evy-trace-route-configuration
listener_https/all
last-modified
Tue, 18 Apr 2023 13:56:09 GMT
server
cloudflare
etag
W/"aad813f0743bfffb3c5f11c696b077ce"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-6b7cfc8cf5-tvx59
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
7c79c9014d040404-FRA
expires
Mon, 15 May 2023 07:54:35 GMT
fb.js
js.hsadspixel.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/hs/scriptloader/1835778.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:78be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adbb58c41a9b589400d5abd8c0ed6dc960b608725ac7d55b69d60ef97f9fdaac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
x-amz-version-id
...qzWeOuwQPilhtv7i.paPfmlSdbUaK
via
1.1 73c5607bdb5db0d651e25c848846d554.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-amz-cf-pop
IAD12-P3
age
201
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.371/bundles/pixels-release.js&cfRay=7c79c4160ca29b43-IAD
x-cache
Hit from cloudfront
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
4
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
b64afe88-61f0-42c3-b2c5-1a0682fe70b0
last-modified
Mon, 08 May 2023 03:29:04 UTC
server
cloudflare
etag
W/"7304e80add4d5200235aa7a228c53f5a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-589c5fd4fb-9sjmd
cf-ray
7c79c9018bad5b50-FRA
x-amz-cf-id
c5gD3M05ErD5irsUsJiSft2qScbp9pHmAf2ZIpi-gPVYvxbbXtWM9g==
x-hs-target-asset
adsscriptloaderstatic/static-1.371/bundles/pixels-release.js
gif.gif
ibc-flow.techtarget.com/a/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=1237514&r=1684136975530&ref=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&version=2.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.208.111.34.bc.googleusercontent.com
Software
nginx/1.20.2 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
ibc_rate_tier
Access-Control-Request-Method
GET
Origin
https://www.avanan.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 15 May 2023 07:49:35 GMT
expires
Mon, 15 May 2023 07:49:35 GMT
server
nginx/1.20.2
vary
Origin
via
1.1 google
x-guploader-uploadid
ADPycdsZ5A96RmBc1Gr_IAVrF2ARmm8nDZMDzQU4DqBYbO2GUnZ2Om5F6bvJ-NN_xJ1iCqn-SVQaQx670O-tGqz4W8-kuGn-9nWb
settings
syndication.twitter.com/ Frame 6B28 		869 B
660 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=bb66a6a31791e0e1e2a1c52659de51a4a49a8c94
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.avanan.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time
112
date
Mon, 15 May 2023 07:49:34 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Mon, 15 May 2023 07:49:35 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
2cb7ea1243dc4c45
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
7096f77ca9f713b7c405360edd12f1af9ba8b6941ba334806bee186cdb9a8da2
content-length
337
/
www.facebook.com/tr/ 		0
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1936026250043111&ev=PageView&dl=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&rl=&if=false&ts=1684136975570&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1684136975569.1409508750&it=1684136975501&coo=false&rqm=GET
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 15 May 2023 07:49:35 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
tbw
match.prod.bidr.io/cookie-sync/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/tbw
  • https://match.prod.bidr.io/cookie-sync/tbw?_bee_ppp=1
44 B
659 B 		Script
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/tbw?_bee_ppp=1
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
HTTP/1.1
Server
54.170.99.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-99-83.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
bc930f6c46467754435ba07fd8bc1036b4105460dabb2c51dc2b56d4bb52f72c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-content-type-options
nosniff
Server
gunicorn
Connection
keep-alive
Content-Length
44
content-type
application/javascript

Redirect headers

location
https://match.prod.bidr.io/cookie-sync/tbw?_bee_ppp=1
Date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ga-audiences
www.google.com/ads/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-59393664-1&cid=1694533053.1684136975&jid=720145111&_u=YEBAAEAAQAAAACAAI~&z=1533605114
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 07:49:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-59393664-1&cid=1694533053.1684136975&jid=720145111&_u=YEBAAEAAQAAAACAAI~&z=1533605114
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 07:49:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0516
px.spiceworks.com/px/ 		42 B
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.spiceworks.com/px/0516?buster=71570&pxref=&consent=true&_fpv=2.4&_fpt=2&_fp2=aac6f53daab85b0135726fe741849149
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.212 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-iinfo
11-2001896-2001898 PNNN RT(1684136975387 179) q(0 0 0 -1) r(0 0) U24
date
Mon, 15 May 2023 07:49:35 GMT
x-cdn
Imperva
content-length
42
content-type
image/gif
/
t.influ2.com/u/ 		63 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.influ2.com/u/?cb=1684136975595
Requested by
Host: www.influ2.com
URL: https://www.influ2.com/tracker?clid=94f01642-c25e-4c39-b6b1-8eb7959ff1af
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d48adf8a09e3b1d565616e747a349fb573c49b61dfd600cc1d76dd91f501622e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin
https://www.avanan.com
date
Mon, 15 May 2023 07:49:35 GMT
content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
logo-bubble-white-bg-2x-min.png
reviews.static.gartner.com/public/Widget/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://reviews.static.gartner.com/public/Widget/img/logo-bubble-white-bg-2x-min.png
Requested by
Host: www.gartner.com
URL: https://www.gartner.com/reviews/public/Widget/css/widget.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2800:14:c034:4840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache / Express
Resource Hash
b59a0404929cf4a3ad1cbd9c2ffaaff3f8c2e838a70867c1de2dfddc5a2b2f91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gartner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 07:47:07 GMT
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Thu, 04 May 2023 19:05:20 GMT
server
Apache
x-amz-cf-pop
FRA53-C1
age
518548
x-powered-by
Express
etag
W/"923-187e8279180"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
2339
x-amz-cf-id
EfT22OCntIv--LmVKLZsnXTfREJ_QJScSWdmD4xyGQE-ixsV6j5kpA==
stars.png
reviews.static.gartner.com/public/Widget/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://reviews.static.gartner.com/public/Widget/img/stars.png
Requested by
Host: www.gartner.com
URL: https://www.gartner.com/reviews/public/Widget/css/widget.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2800:14:c034:4840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache / Express
Resource Hash
22cecf5526a9a6a3c3d49dea18b28fd902a5a2bec155a04a7c21bb654b9ec0c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gartner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 10:37:54 GMT
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Thu, 04 May 2023 19:05:21 GMT
server
Apache
x-amz-cf-pop
FRA53-C1
age
508301
x-powered-by
Express
etag
W/"4f5-187e8279568"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
1269
x-amz-cf-id
JZXEa3JlNDvX9wtG8nd4evoynMgg3uLlmh2_rx7DWLRXWwMjq-famQ==
chevron-right.png
reviews.static.gartner.com/public/Widget/img/ 		217 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://reviews.static.gartner.com/public/Widget/img/chevron-right.png
Requested by
Host: www.gartner.com
URL: https://www.gartner.com/reviews/public/Widget/css/widget.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2800:14:c034:4840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache / Express
Resource Hash
f75e7361bbcda225d800dd06644f99253ae2cf5ab6a0e47ff7967474e7afb4a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gartner.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 08 May 2023 10:03:17 GMT
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Thu, 04 May 2023 19:05:20 GMT
server
Apache
x-amz-cf-pop
FRA53-C1
age
596778
x-powered-by
Express
etag
W/"d9-187e8279180"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
217
x-amz-cf-id
iPQPpCgQW1uGW-ejczUikZAutbzScaTQX_9ndN5eTAFlC1guAJue9w==
truncated
/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a2f15820ffe7ec552c256f18b8cd6485618d23a5648f535992e5c6928a542b7

Request headers

Referer
Origin
https://www.avanan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
font/woff2
4-Reasons-Microsoft-Safe-Links-Make-Office-365-Less-Safe-Featured.png
www.avanan.com/hubfs/website/img/blog/featured/ 		13 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/website/img/blog/featured/4-Reasons-Microsoft-Safe-Links-Make-Office-365-Less-Safe-Featured.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4212a717b8d61a5ee679e86faef6b912c275aac5508f97350dac01bede075100
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-amz-meta-cache-tag
F-11280554758,FD-11279853394,P-1835778,FLS-ALL
age
4595
x-amz-request-id
SYGNAD15E9SJ6N9G
edge-cache-tag
F-11280554758,FD-11279853394,P-1835778,FLS-ALL
x-hs-https-only
worker
content-disposition
inline; filename="4-Reasons-Microsoft-Safe-Links-Make-Office-365-Less-Safe-Featured.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
cf-bgj
imgq:85,h2pri
etag
"477b6391512f284fdb1b9be9e024d97f"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000
via
1.1 fd1922963c91836bd3bc6df1671c0612.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
ydaMoVEI3EqauKaA9V2_DbfLmkZ4PelZ
x-amz-cf-pop
MXP64-P1
cf-polished
origFmt=png, origSize=14729
x-cache
RefreshHit from cloudfront
cache-tag
F-11280554758,FD-11279853394,P-1835778,FLS-ALL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13698
x-amz-id-2
74OTIc6n20MhHP7Iib2qi6cjdmOuSl6viMFOQgoMxmYUB7Xdwe2xzksna6mmtpJ9bXyaJUswQOs=
last-modified
Mon, 15 Jul 2019 15:27:08 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gB3lOuMmdh1iD8juNiWqgch7jXxazQagZVS7iQyXrl%2F6oSaT768pRJZ7tb9zupBU2s83rEDKhgmlW6Wgj9t%2B4eVfod9pAJozUCEgjEmZa3zYbf%2FYy0f88SzMOSZC84LDeAsTmxgYpdBtB4aE"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7c79c901cbd19b63-FRA
x-amz-cf-id
X1JQ7R9QFywnjEMMEsyPUGO00tKkqI8PE2rZZq5Dvn5XUdgm_HV3tA==
Watch-Out-for-HTML-Attachments-the-Latest-Phishing-Trend-Targeting-Office-365-Featured.png
www.avanan.com/hubfs/website/img/blog/featured/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/website/img/blog/featured/Watch-Out-for-HTML-Attachments-the-Latest-Phishing-Trend-Targeting-Office-365-Featured.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
634cd6856c830752abf4b33133617045f344d5713d8fa567269172ed76d1cac3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-amz-meta-cache-tag
F-11279853502,FD-11279853394,P-1835778,FLS-ALL
age
4595
x-amz-request-id
19TP7M7QAPFJ31W8
edge-cache-tag
F-11279853502,FD-11279853394,P-1835778,FLS-ALL
x-hs-https-only
worker
content-disposition
inline; filename="Watch-Out-for-HTML-Attachments-the-Latest-Phishing-Trend-Targeting-Office-365-Featured.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
cf-bgj
imgq:85,h2pri
etag
"8125afc7f8e4f6afcb3215c0f0838e9f"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000
via
1.1 5d27236a5f6fb9836424f23bb92b0cd0.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
yOBXxHcQhK5AkB0oyxYBslCmMPyxVN5L
x-amz-cf-pop
MXP64-P1
cf-polished
origFmt=png, origSize=7014
x-cache
RefreshHit from cloudfront
cache-tag
F-11279853502,FD-11279853394,P-1835778,FLS-ALL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5920
x-amz-id-2
gXDlOQGP4gauv4Km9cFWsUwK+zjGeyEi9WhFtciKY2TrwxXYrEKWFD2YvznXdYtOUBlZDNJgmpeOYoh6jl00LAoBLo6ny3yo8s2nyvaQXZM=
last-modified
Mon, 15 Jul 2019 15:09:16 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oGlhtLMfYRb%2B5%2Fiw77XWwrs4cfroqx91iXJmn59l0bCd0zGnJfOS92B4Wplfg2OdPr0Bn0fKi9Pca1ZbM73%2BRFCwYzfyuRcFnEXYglXakYaTtivB2llqHzNqOC8zf5BlhGV%2B629GZsB0ffMI"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7c79c901cbd49b63-FRA
x-amz-cf-id
XSDSz31evsq4aUlw9s2fcu8pFFLvjW4nWHpgkiRriW-J3gAFTqrOLg==
Mimecast-vs-Proofpoint-Why-They-Cant-Secure-Office-365-and-Gmail-Part-1-Featured.png
www.avanan.com/hubfs/website/img/blog/featured/ 		10 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/website/img/blog/featured/Mimecast-vs-Proofpoint-Why-They-Cant-Secure-Office-365-and-Gmail-Part-1-Featured.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
54ff1ebf4247ecd1fdefdd027b695c8eca043b8987861f9edd37fee6ccceb2ef
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-amz-meta-cache-tag
F-11280371673,FD-11279853394,P-1835778,FLS-ALL
age
4595
x-amz-request-id
SYGY0PC0JNNBS0MK
edge-cache-tag
F-11280371673,FD-11279853394,P-1835778,FLS-ALL
x-hs-https-only
worker
content-disposition
inline; filename="Mimecast-vs-Proofpoint-Why-They-Cant-Secure-Office-365-and-Gmail-Part-1-Featured.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
cf-bgj
imgq:85,h2pri
etag
"b6aafb5047af62538589406b53694ac6"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000
via
1.1 19a7917090e2e0f15ec756ab558f27a6.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
N_MnPa4GyRrx42wIuC2oH5cUB01QyWa3
x-amz-cf-pop
MXP64-P1
cf-polished
origFmt=png, origSize=12541
x-cache
RefreshHit from cloudfront
cache-tag
F-11280371673,FD-11279853394,P-1835778,FLS-ALL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10722
x-amz-id-2
Ne6Omxw828vuFTgcUUDz5kDNvuxOhoUa4Uua5GXK9N/qmgaza+RieM7Won+l56/XiAYHmcDod6I=
last-modified
Mon, 15 Jul 2019 15:29:14 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TFcmNFqGnci5r34mmDwgbnwvtC6o0je%2FfeQKr7pZGet6ZqSJFuKXaYj1V7OL8BLShcbNvi9w%2FyUfrv1kDWYXdSyD1soYB34pWUc9DlxNu5kXvCzfP7ZqflprjAR%2F%2FrFOpgm%2FbELyYhdwke7J"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7c79c901cbd69b63-FRA
x-amz-cf-id
yi6G-Di70CAntZfYXQRnuZOv1FrZ9MZguko-Q82pjuI6YS9zW9GbIg==
Why-Multi-Factor-Authentication-Isnt-Foolproof-Featured.png
www.avanan.com/hubfs/website/img/blog/featured/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/website/img/blog/featured/Why-Multi-Factor-Authentication-Isnt-Foolproof-Featured.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
46891f1a0d9fc55b4650e10dbdc598a5269f19fdbd69305f8b8d1cd360b49f8d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-amz-meta-cache-tag
F-11288678777,FD-11279853394,P-1835778,FLS-ALL
age
4595
x-amz-request-id
VAGF492NAAM0JF8V
edge-cache-tag
F-11288678777,FD-11279853394,P-1835778,FLS-ALL
x-hs-https-only
worker
content-disposition
inline; filename="Why-Multi-Factor-Authentication-Isnt-Foolproof-Featured.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
cf-bgj
imgq:85,h2pri
etag
"bca56f3cf898c1b6593fb7ed155d1c49"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000
via
1.1 2cb4f544b3021873f01656b0bfa9897a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
FviQOCsHbLeXzaUcA2EbVpPC3vT_wGWu
x-amz-cf-pop
MXP64-P1
cf-polished
origFmt=png, origSize=11848
x-cache
Miss from cloudfront
cache-tag
F-11288678777,FD-11279853394,P-1835778,FLS-ALL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10258
x-amz-id-2
h1llt12ds70Qy8DvQyEiZqfwzQ9OU/0Np7BqzlDAUow3NFm8+a5YARMaF6+WuRGA8eTQt8+b8l8=
last-modified
Mon, 15 Jul 2019 19:24:10 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25C2YAK4evo6%2Bv1%2BtLWEud4IzfhXn1GmxhjebHBG9K%2BnDyGY43Z0N%2FjC5%2BZw68PDlT2C9rUSHKSgmuf2ZpPTo4SOICl9cYBTHBDGzQxokC24MGDNXlfRfRZa8205W2m9RmCW%2B%2FKmsorj23t2"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7c79c901cbd89b63-FRA
x-amz-cf-id
oEM-Fdyp0AwcZGm8T_imFnSic_W_KPbahV30s5YSVXFv_Dezf2tt-w==
baseStriker-Office-365-Security-Fails-To-Secure-100-Million-Email-Users-Featured.png
www.avanan.com/hubfs/website/img/blog/featured/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/website/img/blog/featured/baseStriker-Office-365-Security-Fails-To-Secure-100-Million-Email-Users-Featured.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fbecdde63cefbeb511fc193ff653cf649ce9a2a9a120316d40f20b809afb647
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-amz-meta-cache-tag
F-11280371233,FD-11279853394,P-1835778,FLS-ALL
age
4595
x-amz-request-id
NYBZTBA02H1YB0BE
edge-cache-tag
F-11280371233,FD-11279853394,P-1835778,FLS-ALL
x-hs-https-only
worker
content-disposition
inline; filename="baseStriker-Office-365-Security-Fails-To-Secure-100-Million-Email-Users-Featured.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
cf-bgj
imgq:85,h2pri
etag
"fc3f83b4e407e381c43aab80d24ea1d4"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000
via
1.1 66a3254753daef98131e391b49752390.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
G5ELs3jKBLJmOK8DWOt6WhtX3JSMSxSz
x-amz-cf-pop
MXP64-P1
cf-polished
origFmt=png, origSize=7128
x-cache
RefreshHit from cloudfront
cache-tag
F-11280371233,FD-11279853394,P-1835778,FLS-ALL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5408
x-amz-id-2
EpkiD/RJIixnJ5BqxKfowywu/tTUoB73ZcVhDSECRenl9b7U+kjjEtJJtp2NklsWi/rED5R/kgY=
last-modified
Mon, 15 Jul 2019 15:25:56 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8eYummJN3GQRz302xjkjh5yBIT1QSBrn%2B7IQoVwt7DciPOq19G8jgKkPVA6iBtZHI9ZJrvl%2BMFrIIOlVAWs5yT69x4vMbq5NACnWMts5Srmjh44CszYodQyQgxomGp7%2F419HJCLoRSgjQ%2Fdp"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7c79c901cbda9b63-FRA
x-amz-cf-id
Kg5tNsjHptf2U1qtkBsWkW1OgIKldLbEdFqkJ69qlLB4O78sMWl7qQ==
Widespread-Attack-on-Office-365-Corporate-Users-with-Zero-day-Ransomware-Virus-Featured.png
www.avanan.com/hubfs/website/img/blog/featured/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/website/img/blog/featured/Widespread-Attack-on-Office-365-Corporate-Users-with-Zero-day-Ransomware-Virus-Featured.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f268614e7be44fc18dbfa5350bfeea8539258da4830ef728c56e05bf62f46b57
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-amz-meta-cache-tag
F-11280052410,FD-11279853394,P-1835778,FLS-ALL
age
4595
x-amz-request-id
VAG69A0A81AVWXNM
edge-cache-tag
F-11280052410,FD-11279853394,P-1835778,FLS-ALL
x-hs-https-only
worker
content-disposition
inline; filename="Widespread-Attack-on-Office-365-Corporate-Users-with-Zero-day-Ransomware-Virus-Featured.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
cf-bgj
imgq:85,h2pri
etag
"548590285b53aff019e25f9f13cb06ea"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000
via
1.1 4d4b96028acf63781fb210bb3b43b4f4.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
2lJpL73VoPYJGYmEK4csso3aWzFV5e03
x-amz-cf-pop
MXP64-P1
cf-polished
origFmt=png, origSize=9877
x-cache
Miss from cloudfront
cache-tag
F-11280052410,FD-11279853394,P-1835778,FLS-ALL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8328
x-amz-id-2
Q7sYmi1Pi34IqE042B0s2gsydyY2trFjm03ZJhzntSRYm5oRlGJsL4A0v6uyus/RySHw/G9AVic=
last-modified
Mon, 15 Jul 2019 15:28:27 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZHzpdCE3wCY3jE8FY5THAXKsjogUWFgz3%2BV8YSJaYB8cWZVNE0lL460pYMykjuPy5ZF4HiMcpOzDVuGbHjqFTUHckU6eRDc619QzmXUWW713ZGlj6sXQ%2FV%2FM1a5kIwchsaZu7JYXzvAvb4f7"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7c79c901cbdb9b63-FRA
x-amz-cf-id
mS836Mf5h1WSBxDtOsbcoecm-RVD5eI_y0XFGx_LSSHErfhFkdxdsg==
cta-loaded.js
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 		0
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-loaded.js?pid=1835778&pg=c953fa87-efa0-494e-9947-98ffe764fcd8&lt=1684136975075&dt=1684136975076&at=1684136975646&an=1
Requested by
Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-origin-hublet
na1
date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
6e7cb13e-87b8-4580-9a47-259b935e5e81
x-evy-trace-route-service-name
envoyset-translator
x-envoy-upstream-service-time
5
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
e47eaad1-d890-4ca9-9e34-12e11cbccb8c
last-modified
Mon, 15 May 2023 07:49:35 GMT
server
cloudflare
x-trace
2BD16C70A952AA1BFE1059A03840B71C2A18E56E25000000000000000000
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFqkOSXxz0%2BJI4WHg9WuCZfIfSySqjVHWW9RJb4bNvxZ0R8HuAW%2B3YDnzR6asnuy7CtMsT0eaQKHDHgcGxSxayOLIoHvwGcLG5n59DG76EtwqGWguwZMRU4LBq%2BU9DUCuMVQxJDX5YZlgP%2BsEztRVruphpZYPKCwlvU%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-58fd596dd9-p66lt
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
x-robots-tag
noindex, follow
cf-ray
7c79c901dd9f906c-FRA
counters.gif
perf.hsforms.com/embed/v3/ 		35 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf.hsforms.com/embed/v3/counters.gif?key=cta-json-success&value=1
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
MISS
x-hubspot-correlation-id
4b4cd3bc-cd74-4e50-ae95-358bdee2e060
x-evy-trace-route-service-name
envoyset-translator
x-envoy-upstream-service-time
5
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
bba3843b-30e9-42dc-b3d2-05cb204d4633
last-modified
Mon, 15 May 2023 07:49:35 GMT
server
cloudflare
x-trace
2B929761D6B6FB87A130913C505664F1D16BEC201C000000000000000000
vary
origin, Accept-Encoding
content-type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-58fd596dd9-tlszw
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
accept-ranges
bytes
x-robots-tag
none
cf-ray
7c79c902ff751c44-FRA
counters.gif
perf.hsforms.com/embed/v3/ 		35 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf.hsforms.com/embed/v3/counters.gif?key=cta-render-success&value=1
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
MISS
x-hubspot-correlation-id
d55e6b2c-336f-48e2-946e-f331df0eb870
x-evy-trace-route-service-name
envoyset-translator
x-envoy-upstream-service-time
8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
2f15d1a1-d596-4662-9bec-7c4bc1bca53d
last-modified
Mon, 15 May 2023 07:49:35 GMT
server
cloudflare
x-trace
2B490EDC2C3D6E35BAFD8331BB12F0CFAF9606237D000000000000000000
vary
origin, Accept-Encoding
content-type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-58fd596dd9-kt8kn
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
accept-ranges
bytes
x-robots-tag
none
cf-ray
7c79c902ff761c44-FRA
json
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 		113 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=1835778
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b648b3c9d20f3b87bf24c9f20cd940d40ab038f24fc3142588961fc57131e74b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
c8ef4251-30f8-4608-a2f4-afef788d1751
x-envoy-upstream-service-time
14
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
9bd33d25-38eb-409a-861c-59f8264f079b
server
cloudflare
x-trace
2B106E077613A87C1036520E4BE1C08AEFC0ABA7CA000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.avanan.com
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-5677b5b686-rqxxz
access-control-max-age
180
access-control-allow-credentials
false
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TQZ9coru1fnyZ%2BIhEE2T7ZPjColsHTCQaGhVMocf1jJasVtBp%2FrQu1AadN0QeYRjfSk1zUSetEyuYH%2BViCN%2BZs9jUivV%2B32EVNOmI56ASkH2ZSHpCk4rZfoeSYRvwmXBNNKSEucb%2FbWpYaSK"}],"group":"cf-nel","max_age":604800}
cf-ray
7c79c902f8cc365c-FRA
access-control-allow-headers
*
button.e7f9415a2e000feaab02c86dd5802747.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.e7f9415a2e000feaab02c86dd5802747.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6738) /
Resource Hash
ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Mon, 15 May 2023 07:49:35 GMT
Content-Encoding
gzip
Age
1419435
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2618
Last-Modified
Tue, 24 Jan 2023 21:41:06 GMT
Server
ECS (frb/6738)
Etag
"506673dbdb9085e7201e137e893cc152+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
9cd771d8-304c-4eeb-aa0d-f468d285d894
https://www.avanan.com/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.avanan.com/9cd771d8-304c-4eeb-aa0d-f468d285d894
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length
43
Content-Type
image/gif
insideIframe.js
fast.wistia.net/assets/external/ Frame 3F97 		45 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.net/assets/external/insideIframe.js
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/qu48rtya1h
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0650c9d588778e7184688747d8fb5e5b04cc78d212c3bbd7a0c9ecb2405c718a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://fast.wistia.net/embed/iframe/qu48rtya1h
Origin
https://fast.wistia.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
184
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
11913
x-served-by
cache-iad-kiad7000027-IAD, cache-gig2250064-GIG
x-browser-version
113
last-modified
Thu, 11 May 2023 21:51:25 GMT
server
AmazonS3
x-timer
S1684136976.978423,VS0,VE0
etag
"adfd638b96d6fd7c55b03281955cc88e"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
89f11db1e4b8d3d3b6ce2e5530fcf20c913ad10a
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
55, 3
E-v1.js
fast.wistia.net/assets/external/ Frame 3F97 		642 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.net/assets/external/E-v1.js
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/qu48rtya1h
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
23ad4b302eac0ba8eabf2181ec466f0b17ff86f9750d7ee59a7202902b746446
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fast.wistia.net/embed/iframe/qu48rtya1h
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:35 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
323
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
118945
x-served-by
cache-iad-kjyo7100160-IAD, cache-gig2250064-GIG
x-browser-version
113
last-modified
Thu, 11 May 2023 21:51:24 GMT
server
AmazonS3
x-timer
S1684136976.978501,VS0,VE0
etag
"f5579b2839f3d573e3a03975d3437ad0"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
89f11db1e4b8d3d3b6ce2e5530fcf20c913ad10a
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
67, 11
swatch
fast.wistia.net/embed/medias/qu48rtya1h/ Frame 3F97 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fast.wistia.net/embed/medias/qu48rtya1h/swatch
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/embed/iframe/qu48rtya1h
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
bc86fc5815dafcfc9de829b68ea7d450d31efee607b1b86c21bf595bb043a015
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fast.wistia.net/embed/iframe/qu48rtya1h
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:36 GMT
access-control-request-method
*
via
1.1 420b04515afbec0c45b59617f13f792a.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
x-cdn
cloudfront
x-amz-cf-pop
IAD55-P4
age
359024
edge-cache-tag
ec940dc247e1dc36e6ac27947cef8586
x-cache
Hit from cloudfront, HIT, MISS
x-envoy-upstream-service-time
20
content-disposition
inline
content-length
2539
x-served-by
cache-iad-kcgs7200144-IAD, cache-gig2250064-GIG
x-browser-version
113
last-modified
Mon, 09 May 2022 17:57:47 UTC
server
envoy
x-timer
S1684136976.979838,VS0,VE166
etag
hJMTrl2I2pxXJeMASa5vVy5Uioc=
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, no-cache,max-age=31536000
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
RHsBSjRX176dr7E4-lIMY_9sunbO9sDSnD3nVZpqKS0-T1oo9P-csQ==
x-cache-hits
0, 0
tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
platform.twitter.com/widgets/ Frame 78E6 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6738) /
Resource Hash
a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b

Request headers

Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1419435
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
13592
Content-Type
text/html; charset=utf-8
Date
Mon, 15 May 2023 07:49:35 GMT
Etag
"28919252629e2fa1d4ed52f48cb66ac0+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:10 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6738)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
platform.twitter.com/widgets/ Frame A4E6 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2b2d73daf636805223fb11d48f3e94f7.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6738) /
Resource Hash
a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b

Request headers

Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1419435
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
13592
Content-Type
text/html; charset=utf-8
Date
Mon, 15 May 2023 07:49:35 GMT
Etag
"28919252629e2fa1d4ed52f48cb66ac0+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:10 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6738)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
embeds
syndication.twitter.com/i/jot/ 		43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22AvananSecurity%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1684136975909%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=bb66a6a31791e0e1e2a1c52659de51a4a49a8c94
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time
111
date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=631138519
last-modified
Mon, 15 May 2023 07:49:35 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
158133792ca6630f
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
7096f77ca9f713b7c405360edd12f1af9ba8b6941ba334806bee186cdb9a8da2
content-length
43
embeds
syndication.twitter.com/i/jot/ 		43 B
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22AvananSecurity%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22context%22%3A%22rufous-eol%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1684136975910%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=bb66a6a31791e0e1e2a1c52659de51a4a49a8c94
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time
105
date
Mon, 15 May 2023 07:49:35 GMT
strict-transport-security
max-age=631138519
last-modified
Mon, 15 May 2023 07:49:35 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
a122d42b6a4fdb39
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
7096f77ca9f713b7c405360edd12f1af9ba8b6941ba334806bee186cdb9a8da2
content-length
43
truncated
/ Frame 78E6 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame A4E6 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
pista.js
d26x5ounzdjojj.cloudfront.net/2.14.0/ 		98 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d26x5ounzdjojj.cloudfront.net/2.14.0/pista.js
Requested by
Host: d26x5ounzdjojj.cloudfront.net
URL: https://d26x5ounzdjojj.cloudfront.net/tbw/tbw_analytics_v1.0.js?7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.132 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-132.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
10deca523f2d7d41a77738b61b503fb9ec9f7c8e5f96d34b4e760f7ab807983a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Mon, 15 May 2023 01:09:52 GMT
Via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
Last-Modified
Thu, 06 Aug 2020 17:08:18 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C1
Age
24000
ETag
"8f4885b5f0517e98f2ecf6c734d1decd"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
100013
X-Amz-Cf-Id
4IqhQvN6kapf8Mrr2lI9JIFTjIcCKDE601mMULlzuGu-jsu6cp_8NQ==
tp2
com-thebigwillow-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://com-thebigwillow-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.149.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-149-245.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.avanan.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.avanan.com
access-control-max-age
600
content-length
0
date
Mon, 15 May 2023 07:49:36 GMT
server
nginx
tp2
com-thebigwillow-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/ 		2 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://com-thebigwillow-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/tp2
Requested by
Host: d26x5ounzdjojj.cloudfront.net
URL: https://d26x5ounzdjojj.cloudfront.net/2.14.0/pista.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.149.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-149-245.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.avanan.com
date
Mon, 15 May 2023 07:49:36 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
/
www.facebook.com/tr/ 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1936026250043111&ev=Microdata&dl=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&rl=&if=false&ts=1684136976073&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22The%20Gmail%20SMTP%20Relay%20Service%20Exploit%22%2C%22meta%3Adescription%22%3A%22Hackers%20are%20using%20the%20Gmail%20SMTP%20Relay%20Service%20to%20spoof%20companies%20and%20get%20into%20the%20inbox.%20%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22Hackers%20are%20using%20the%20Gmail%20SMTP%20Relay%20Service%20to%20spoof%20companies%20and%20get%20into%20the%20inbox.%20%22%2C%22og%3Atitle%22%3A%22The%20Gmail%20SMTP%20Relay%20Service%20Exploit%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.avanan.com%2Fhubfs%2Fwebsite%2Fimg%2Fblog%2Ffeatured%2Frelay.png%23keepProtocol%22%2C%22og%3Aimage%3Awidth%22%3A%22960%22%2C%22og%3Aimage%3Aheight%22%3A%22540%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%22%2C%22og%3Atype%22%3A%22article%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.104&r=stable&ec=1&o=30&fbp=fb.1.1684136975569.1409508750&it=1684136975501&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 15 May 2023 07:49:36 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
iframeApi.js
fast.wistia.net/assets/external/ 		84 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.net/assets/external/iframeApi.js
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2b5bb03bf7c19ca7405613763d54e20d168ddf46d8286db6efba53b7861cdc75
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Origin
https://www.avanan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:36 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
929
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
21746
x-served-by
cache-iad-kiad7000133-IAD, cache-gig2250078-GIG
x-browser-version
113
last-modified
Thu, 11 May 2023 21:51:25 GMT
server
AmazonS3
x-timer
S1684136977.676382,VS0,VE1
etag
"26ee030557b3c3bf731b7a48d89b8e6b"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
89f11db1e4b8d3d3b6ce2e5530fcf20c913ad10a
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
31, 1
/
c.6sc.co/ 		7 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.6sc.co/
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-88.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:36 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/html
access-control-allow-origin
https://www.avanan.com
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
7
/
ipv6.6sc.co/ 		14 B
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipv6.6sc.co/
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:23::1726:629c Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fbb3bcb80a056423c4e9c19e56998a54ac7444913f387f2294acd76786fad9dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 07:49:36 GMT
vary
Origin
content-type
text/html
access-control-allow-origin
https://www.avanan.com
cache-control
max-age=0, no-cache, no-store
6si-ipv6
2a01:4a0:5a::4
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467815_388391900_250209884_27_865_6_0";dur=1
content-length
14
expires
Mon, 15 May 2023 07:49:36 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=7988b8b9b9fb2b24661a471cde834fcb&svisitor=null&visitor=ea4efefc-592b-43f8-8d82-832b1d262445&session=a390df9d-db1b-4d3e-8edc-1722668cb51b&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Mon%2C%2015%20May%202023%2007%3A49%3A35%20GMT%22%2C%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2015%20May%202023%2007%3A49%3A35%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%227988b8b9b9fb2b24661a471cde834fcb%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2015%20May%202023%2007%3A49%3A35%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Mon%2C%2015%20May%202023%2007%3A49%3A35%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Hackers%20are%20using%20the%20Gmail%20SMTP%20Relay%20Service%20to%20spoof%20companies%20and%20get%20into%20the%20inbox.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22The%20Gmail%20SMTP%20Relay%20Service%20Exploit%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&pageViewId=a0b8f9c8-744e-406f-8a37-b0a94713260f
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-88.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:36 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 18 Feb 2023 02:04:22 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f03226-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
insent
checkpointsoftwaretechnologiesincavanan.widget.insent.ai/ 		80 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/insent
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8e00:f:7ae2:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5eb576aaebbab677cf473e3d7eda32870c8301486dee7019b9615b328a61bc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 01:16:53 GMT
content-encoding
gzip
via
1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
x-amz-version-id
WBQZWn7wfJY2QhbFJ4fO0pWu2vqmeeLD
last-modified
Wed, 03 May 2023 07:15:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
23564
etag
"8bf34331acde0e669fccdce6c300c626"
x-cache
Hit from cloudfront
content-type
binary/octet-stream
content-length
23131
x-amz-cf-id
pRbz45DuJcikYAYUOaFN3UG8Td5JJbr6LbX2_lQbSxcf5HmTBxuJ6g==
like.php
www.facebook.com/plugins/ Frame C24F 		0
23 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1d91136d3caac8%26domain%3Dwww.avanan.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.avanan.com%252Ff1b07b0835f2f84%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&width=120
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=3ad2241afec574049bc4f3228e583fe2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 15 May 2023 07:49:36 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=0,i
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options
nosniff
x-fb-debug
RDg4WIfW7QfxSGhzR5xjSVr+ghuqy0g4iDjMqP3m4eZrMWfPjBy/mHdC5HvaEp/g5G219M72EXPeY7YHeoGa7Q==
x-xss-protection
0
like.php
www.facebook.com/plugins/ Frame 5FEB 		0
20 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfc3a3abe80282c%26domain%3Dwww.avanan.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.avanan.com%252Ff1b07b0835f2f84%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&width=120
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=3ad2241afec574049bc4f3228e583fe2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 15 May 2023 07:49:36 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=0,i
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options
nosniff
x-fb-debug
DmHYPCkA7lbkoa1s0geaTi/TdWrGRj+hJTgceNIZ6dtRiO3Ac3vGMNgWO7g118mBZott//KFloLSyvLqfuVO+w==
x-xss-protection
0
__ptq.gif
track.hubspot.com/ 		45 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4102216092&v=1.1&a=1835778&pi=71610396684&ct=blog-post&ccu=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit&cpi=71610396684&cgi=4153530738&lpi=71610396684&lvi=71610396684&lvc=en-us&pu=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&t=The+Gmail+SMTP+Relay+Service+Exploit&cts=1684136976346&vi=cd36c575b67e59e38da6947e65770bad&nc=true&u=23485541.cd36c575b67e59e38da6947e65770bad.1684136976343.1684136976343.1684136976343.1&b=23485541.1.1684136976343&pt=0&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
43631b35-754e-4428-8f14-588aebec5b4e
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
6
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
1a5f9ef9-a386-4f2a-b52a-9138dab3a086
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fzIK1HJk9eRAmS7un2Gz%2FveMhaxr8Z6vcm6OhQ5hfdBJI61N1KMNvS96cWRpky3UkrKaAgSAPjaIOhpFeY3RH56%2Bda4MZYra5MmqsGJYbRHmUkvXsJHlbFAznZk8GRh7iIvANML96jAYtsB8OJty"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-8684ddbc9d-fwlfz
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
7c79c9063a78906c-FRA
x-robots-tag
none
counters.gif
perf.hsforms.com/embed/v3/ 		35 B
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf.hsforms.com/embed/v3/counters.gif?key=cta-with-analytics&value=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d3f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
MISS
x-hubspot-correlation-id
d8a3c12f-1767-413b-80cd-e24f28ff58a3
x-evy-trace-route-service-name
envoyset-translator
x-envoy-upstream-service-time
8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
8ab7dc40-d364-45a9-b887-4474741b60ea
last-modified
Mon, 15 May 2023 07:49:36 GMT
server
cloudflare
x-trace
2B27D91EDEA551B1AA1B3CACA8959C4AF451EE69F8000000000000000000
vary
origin, Accept-Encoding
content-type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-58fd596dd9-p66lt
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
accept-ranges
bytes
x-robots-tag
none
cf-ray
7c79c9063b8c1c44-FRA
__ptq.gif
track.hubspot.com/ 		45 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%22c953fa87-efa0-494e-9947-98ffe764fcd8%22%2C%22456f8fc2-2a2d-451b-be42-2ab5d22687fa%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4102216092&v=1.1&a=1835778&pi=71610396684&ct=blog-post&ccu=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit&cpi=71610396684&cgi=4153530738&lpi=71610396684&lvi=71610396684&lvc=en-us&pu=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&t=The+Gmail+SMTP+Relay+Service+Exploit&cts=1684136976349&vi=cd36c575b67e59e38da6947e65770bad&nc=true&u=23485541.cd36c575b67e59e38da6947e65770bad.1684136976343.1684136976343.1684136976343.1&b=23485541.1.1684136976343&pt=0&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
84a5813c-3b69-4c13-99b6-754027b8156b
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
4
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
c7862c71-908c-4bd9-be68-a1de603dc1fa
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6LEPGQdFFKOjTFV7PACdRqF44qOO9XPxa8qaok81kdo42UhVwXsGbyGFGx2nKTmJcWE%2FbLPTru%2B0io%2FnhbTgq1eD45IS%2BagzWsEo5b5F4HN6sd%2BONVrZ1qHi3bAWYFNN6DLqYi2LVo3X0Zrys7QW"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-8684ddbc9d-zmw6r
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
7c79c9063a76906c-FRA
x-robots-tag
none
json
forms.hubspot.com/lead-flows-config/v1/config/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=1835778&utk=cd36c575b67e59e38da6947e65770bad&__hstc=23485541.cd36c575b67e59e38da6947e65770bad.1684136976343.1684136976343.1684136976343.1&__hssc=23485541.1.1684136976343&contentId=71610396684&currentUrl=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation
Requested by
Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
566c9c0f522fad08afd15f3a6f634a09912d66d9e50594fcf20d281c1c596a55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
30f83f51-c2df-43ef-b0cc-2bd979370453
x-evy-trace-route-service-name
envoyset-translator
x-envoy-upstream-service-time
28
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
6313509b-faad-4209-8a4d-856f7c5fbc1a
server
cloudflare
vary
origin
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.avanan.com
x-evy-trace-virtual-host
all
access-control-max-age
180
access-control-allow-credentials
false
cache-control
max-age=0, no-cache, no-store
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vswQJFJYMgrTvw%2Fa8fGYvKZbWbH3Bqik%2FUDU8MDwBy%2Bl9Xu78MvY8dcT99jrQ2v2n5%2FP87UD1xGz%2FA8hJPHqGYwb0kx5BBpQj88lLBcbSKd6cDoDb%2B3no70W5DUPHeN%2BlhskbOT%2FHf3hPkI2uG8%2F"}],"group":"cf-nel","max_age":604800}
x-robots-tag
none
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray
7c79c90689ec9019-FRA
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-58fd596dd9-wbxlv
img.gif
b.6sc.co/v1/beacon/ 		43 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=7988b8b9b9fb2b24661a471cde834fcb&svisitor=null&visitor=ea4efefc-592b-43f8-8d82-832b1d262445&session=a390df9d-db1b-4d3e-8edc-1722668cb51b&event=ipv6&q=%7B%22address%22%3A%222a01%3A4a0%3A5a%3A%3A4%22%7D&isIframe=false&m=%7B%22description%22%3A%22Hackers%20are%20using%20the%20Gmail%20SMTP%20Relay%20Service%20to%20spoof%20companies%20and%20get%20into%20the%20inbox.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22The%20Gmail%20SMTP%20Relay%20Service%20Exploit%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&pageViewId=a0b8f9c8-744e-406f-8a37-b0a94713260f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-88.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:36 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Tue, 05 Oct 2021 22:17:52 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"615ccf10-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
playPauseLoadingControl.js
fast.wistia.net/assets/external/ Frame 3F97 		78 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.net/assets/external/playPauseLoadingControl.js
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00945b4442ad74b80b55c6119f2fcaaf22d60baf60e92e4e90bb02c52ee48218
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://fast.wistia.net/embed/iframe/qu48rtya1h
Origin
https://fast.wistia.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:36 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
453
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
21067
x-served-by
cache-iad-kcgs7200042-IAD, cache-gig2250064-GIG
x-browser-version
113
last-modified
Thu, 11 May 2023 21:51:25 GMT
server
AmazonS3
x-timer
S1684136977.533681,VS0,VE0
etag
"9eaf53b1504f14d6f9de4aff217d7614"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
89f11db1e4b8d3d3b6ce2e5530fcf20c913ad10a
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
61, 8
truncated
/ Frame 3F97 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf

Request headers

Referer
Origin
https://www.avanan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
swatch
fast.wistia.net/embed/medias/qu48rtya1h/ Frame 3F97 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fast.wistia.net/embed/medias/qu48rtya1h/swatch
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
bc86fc5815dafcfc9de829b68ea7d450d31efee607b1b86c21bf595bb043a015
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fast.wistia.net/embed/iframe/qu48rtya1h
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:36 GMT
access-control-request-method
*
via
1.1 c4199de5b59b067ce72a20c751022aa8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
x-cdn
cloudfront
x-amz-cf-pop
IAD55-P4
age
1726443
edge-cache-tag
ec940dc247e1dc36e6ac27947cef8586
x-cache
Hit from cloudfront, MISS, MISS
x-envoy-upstream-service-time
21
content-disposition
inline
content-length
2539
x-served-by
cache-iad-kcgs7200144-IAD, cache-gig2250064-GIG
x-browser-version
113
last-modified
Mon, 09 May 2022 17:57:47 UTC
server
envoy
x-timer
S1684136977.569224,VS0,VE143
etag
hJMTrl2I2pxXJeMASa5vVy5Uioc=
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, no-cache,max-age=31536000
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
I3p1SIJNtbmQyOwtCdPyDpS40_CninrCQgIpDePSOQ_nb4gKahn9-w==
x-cache-hits
0, 0
ec940dc247e1dc36e6ac27947cef8586.webp
embed-ssl.wistia.com/deliveries/ Frame 3F97 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://embed-ssl.wistia.com/deliveries/ec940dc247e1dc36e6ac27947cef8586.webp?image_crop_resized=640x400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:aa00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
fe0ab3675277ef9da31361222eacbee840c65f6de37fdaf3ec0bf4f8e76814cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fast.wistia.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:48:58 GMT
access-control-request-method
*
via
1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
x-cdn
cloudfront
x-amz-cf-pop
FRA56-P4
age
38
edge-cache-tag
ec940dc247e1dc36e6ac27947cef8586
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
145
content-disposition
inline
surrogate-key
ec940dc247e1dc36e6ac27947cef8586 thumbnail-delivery
last-modified
Mon, 09 May 2022 17:57:47 UTC
server
envoy
etag
w1VY73JO4Ne6kbRZwIGXsgB6Bfw=
vary
Origin
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
none
x-amz-cf-id
l5zkBMeZOOUCEU1KqjXxF3Jf82uGfmTmhwflqNI_aWdQjCIeJ5sf6A==
hls_video.js
fast.wistia.net/assets/external/engines/ Frame 3F97 		473 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.net/assets/external/engines/hls_video.js
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ceaca9649a3f543b461e65bf843a47f282b0c02a5b06694abb8f46ba22076da9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://fast.wistia.net/embed/iframe/qu48rtya1h
Origin
https://fast.wistia.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:36 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
862
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
117918
x-served-by
cache-iad-kcgs7200074-IAD, cache-gig2250064-GIG
x-browser-version
113
last-modified
Thu, 11 May 2023 21:51:25 GMT
server
AmazonS3
x-timer
S1684136977.644339,VS0,VE0
etag
"6e342a7af762eb97d5d4218620b7581b"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
89f11db1e4b8d3d3b6ce2e5530fcf20c913ad10a
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
60, 8
bf
bf28149orj.bf.dynatrace.com/ Frame 9F31 		205 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bf28149orj.bf.dynatrace.com/bf?type=js3&flavor=cors&vi=DHUADFGDBDCRJFVKSHMMUKJAAHVCAFKW-0&modifiedSince=1683697995182&rf=https%3A%2F%2Fwww.gartner.com%2Freviews%2Fpublic%2FWidget%2Fdata%3Fwidget_id%3DYjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy%26size%3Dlarge&bp=3&app=c9f1951eb65229e3&crc=2195261336&en=4vwhu0vt&end=1
Requested by
Host: www.gartner.com
URL: https://www.gartner.com/ruxitagentjs_A2NVfhjqru_10243220606153550.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.139.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-139-167.compute-1.amazonaws.com
Software
/
Resource Hash
761d502444340391df82f7427631aa561866d4e819f17b6604521b11a80558fe

Request headers

Referer
https://www.gartner.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.gartner.com
x-oneagent-js-injection
true
date
Mon, 15 May 2023 07:49:36 GMT
cache-control
no-cache
content-length
205
content-type
text/plain;charset=utf-8
__ptq.gif
track.hubspot.com/ 		45 B
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=16&fi=9862d401-d68f-4977-9e32-b0849cab6384&lfi=4974344&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4102216092&v=1.1&a=1835778&pi=71610396684&ct=blog-post&ccu=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit&cpi=71610396684&cgi=4153530738&lpi=71610396684&lvi=71610396684&lvc=en-us&pu=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&t=The+Gmail+SMTP+Relay+Service+Exploit&cts=1684136976547&vi=cd36c575b67e59e38da6947e65770bad&nc=true&u=23485541.cd36c575b67e59e38da6947e65770bad.1684136976343.1684136976343.1684136976343.1&b=23485541.1.1684136976343&pt=0&cc=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
45b99356-8dfe-4ba8-989a-57b5ae30aa1a
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
4
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
4b35f9a2-c05d-4aa2-b038-7dba652c9372
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=306OCwpLRiODxx35hjqTu4SLer7c3b2KW1Qi8lJaY4vo11vnWbGgDe4yEMQzu1nxnZprKexIxtNFARH4LiGr2cPt065jgKlI%2FPQc78yc18ACQ7KXm%2F2GAL64TDahhkCKkDwUefE5LaFRfrlvSHxm"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-8684ddbc9d-ksqqd
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
7c79c9077fb21cb9-FRA
x-robots-tag
none
tp2
com-thebigwillow-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://com-thebigwillow-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.149.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-149-245.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.avanan.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.avanan.com
access-control-max-age
600
content-length
0
date
Mon, 15 May 2023 07:49:36 GMT
server
nginx
tp2
com-thebigwillow-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/ 		2 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://com-thebigwillow-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/tp2
Requested by
Host: d26x5ounzdjojj.cloudfront.net
URL: https://d26x5ounzdjojj.cloudfront.net/2.14.0/pista.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.149.245 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-149-245.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.avanan.com
date
Mon, 15 May 2023 07:49:36 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
/
checkpointsoftwaretechnologiesincavanan.widget.insent.ai/ Frame 1C73 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/?project_key=p2xERwhuLXXni4npvQaI&blog_url=www.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&event_listener=rDBPuwRBrgR8nX3&hubspot_cookies=[%22cd36c575b67e59e38da6947e65770bad%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
Requested by
Host: checkpointsoftwaretechnologiesincavanan.widget.insent.ai
URL: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/insent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8e00:f:7ae2:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c2aeabf81d51ea037c127d3cd1c782a531f0546ba4fe63964c784855eefd5fec

Request headers

Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1038809
cache-control
max-age=31536000
content-encoding
gzip
content-type
text/html
date
Wed, 03 May 2023 07:16:08 GMT
etag
W/"54312be93c83823dfe3b6655a0a825b1"
last-modified
Wed, 03 May 2023 07:15:59 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
x-amz-cf-id
o02OV0fckgne4SAR4wE7aC5_wGNvV_ZaUiKWm0dXPFR1uOvPqGqCrg==
x-amz-cf-pop
FRA60-P4
x-amz-version-id
4XU7cu6EJigCWIFnb_Mljc_dFM3Zjxmc
x-cache
Error from cloudfront
env.js
checkpointsoftwaretechnologiesincavanan.widget.insent.ai/ Frame 1C73 		437 B
805 B 		Script
General
Check archive.org
Download Go to
Full URL
https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/env.js
Requested by
Host: checkpointsoftwaretechnologiesincavanan.widget.insent.ai
URL: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/?project_key=p2xERwhuLXXni4npvQaI&blog_url=www.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&event_listener=rDBPuwRBrgR8nX3&hubspot_cookies=[%22cd36c575b67e59e38da6947e65770bad%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8e00:f:7ae2:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ff4e0b144f55e6bf1ac619baad9714973a381bc5c106e2cf62543d8d671f9c19

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/?project_key=p2xERwhuLXXni4npvQaI&blog_url=www.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&event_listener=rDBPuwRBrgR8nX3&hubspot_cookies=[%22cd36c575b67e59e38da6947e65770bad%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
DmgVUrsbNmh0zFcaosq_jdGFz91EWuHz
date
Mon, 15 May 2023 00:10:20 GMT
via
1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
last-modified
Mon, 10 Apr 2023 13:35:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
27556
etag
"649ed907ccaa01c40f7d298cda51d4e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
content-length
437
x-amz-cf-id
Ud6Jv-N5x48ZW8XccKdu6EvPLx0BuEuMJH3R7F3ZkJ4EE1C3J9dxgA==
pusher.min.js
js.pusher.com/6.0/ Frame 1C73 		64 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.pusher.com/6.0/pusher.min.js
Requested by
Host: checkpointsoftwaretechnologiesincavanan.widget.insent.ai
URL: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/?project_key=p2xERwhuLXXni4npvQaI&blog_url=www.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&event_listener=rDBPuwRBrgR8nX3&hubspot_cookies=[%22cd36c575b67e59e38da6947e65770bad%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.210.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-210-101.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9f69c562fa39d1b002af05da1c6b99247e69c14a48e67b35d8a8b0efd739128

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 11:36:00 GMT
content-encoding
gzip
via
1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
last-modified
Thu, 14 May 2020 14:40:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
1628017
etag
W/"ba16a869e0473ee0ff7636f71e340c60"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
max-age=2592000
x-amz-cf-id
E-byIv2xZ0aJSPvh9w1ioEa_IAZTt-ym_WnIMiRukGnEnvqnIdCZwA==
vendors.0db022f8.js
checkpointsoftwaretechnologiesincavanan.widget.insent.ai/static/js/ Frame 1C73 		1 MB
357 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/static/js/vendors.0db022f8.js
Requested by
Host: checkpointsoftwaretechnologiesincavanan.widget.insent.ai
URL: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/?project_key=p2xERwhuLXXni4npvQaI&blog_url=www.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&event_listener=rDBPuwRBrgR8nX3&hubspot_cookies=[%22cd36c575b67e59e38da6947e65770bad%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8e00:f:7ae2:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8faf8cba7ae5d563bc68ad2386be69177e2fc73e42f1192dc31374c09c2e1f4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/?project_key=p2xERwhuLXXni4npvQaI&blog_url=www.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&event_listener=rDBPuwRBrgR8nX3&hubspot_cookies=[%22cd36c575b67e59e38da6947e65770bad%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 03 May 2023 07:16:08 GMT
content-encoding
gzip
via
1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
x-amz-version-id
Bsm_SJZWVoueaKjX5TvNbNbW8bGjySXg
last-modified
Wed, 03 May 2023 07:15:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
1038809
etag
W/"5ff2edaf86904f2974fc8b4717a2a562"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-id
d_xxeXpDPk7nj1dNOpumS9Z7nJoEHfKtZLTevlAEQlmMa11VvNg9NA==
commons.935916ed.js
checkpointsoftwaretechnologiesincavanan.widget.insent.ai/static/js/ Frame 1C73 		228 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/static/js/commons.935916ed.js
Requested by
Host: checkpointsoftwaretechnologiesincavanan.widget.insent.ai
URL: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/?project_key=p2xERwhuLXXni4npvQaI&blog_url=www.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&event_listener=rDBPuwRBrgR8nX3&hubspot_cookies=[%22cd36c575b67e59e38da6947e65770bad%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8e00:f:7ae2:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45d396400e7f9bf0e5ee7717f5623171bafe345298ae8c6e7abeade263c7caad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/?project_key=p2xERwhuLXXni4npvQaI&blog_url=www.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&event_listener=rDBPuwRBrgR8nX3&hubspot_cookies=[%22cd36c575b67e59e38da6947e65770bad%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 03 May 2023 07:16:08 GMT
content-encoding
gzip
via
1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
x-amz-version-id
ug5yVjuTYMNcpsIw_qgxmymYs6htuXnd
last-modified
Wed, 03 May 2023 07:15:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
1038809
etag
W/"ba1910b02cf1b96e48a160e162868283"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-id
uYL6Y0zNzn_zp9f2ybwZ95PexecJkNJEfIRhegkX1eZcp7Ek5jVNkw==
reduxComponents.19a8bdea.js
checkpointsoftwaretechnologiesincavanan.widget.insent.ai/static/js/ Frame 1C73 		58 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/static/js/reduxComponents.19a8bdea.js
Requested by
Host: checkpointsoftwaretechnologiesincavanan.widget.insent.ai
URL: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/?project_key=p2xERwhuLXXni4npvQaI&blog_url=www.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&event_listener=rDBPuwRBrgR8nX3&hubspot_cookies=[%22cd36c575b67e59e38da6947e65770bad%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8e00:f:7ae2:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cecea75023618d7e563d4086ced7df8ad0040d882e6b5144a70f4699382329b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/?project_key=p2xERwhuLXXni4npvQaI&blog_url=www.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&event_listener=rDBPuwRBrgR8nX3&hubspot_cookies=[%22cd36c575b67e59e38da6947e65770bad%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 03 May 2023 07:16:08 GMT
content-encoding
gzip
via
1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
x-amz-version-id
obZQQBf6Cynen2864D0w.hDQUGzJk5oz
last-modified
Wed, 03 May 2023 07:15:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
1038809
etag
W/"19f1c4f86419f6e8c402378fc73fbd0e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-id
EGXSeNlHK8qgWNNyTRNXchSDeNuNIctdJAVbhaKis-2z8vyrJmQujA==
main.43707c0f.chunk.js
checkpointsoftwaretechnologiesincavanan.widget.insent.ai/static/js/ Frame 1C73 		121 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/static/js/main.43707c0f.chunk.js
Requested by
Host: checkpointsoftwaretechnologiesincavanan.widget.insent.ai
URL: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/?project_key=p2xERwhuLXXni4npvQaI&blog_url=www.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&event_listener=rDBPuwRBrgR8nX3&hubspot_cookies=[%22cd36c575b67e59e38da6947e65770bad%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8e00:f:7ae2:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b079c333c20b6e561a58cc58e549bee82b591412eb55b725944e798b15ff8123

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/?project_key=p2xERwhuLXXni4npvQaI&blog_url=www.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&event_listener=rDBPuwRBrgR8nX3&hubspot_cookies=[%22cd36c575b67e59e38da6947e65770bad%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 03 May 2023 07:16:08 GMT
content-encoding
gzip
via
1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
x-amz-version-id
oC2BH8fEtk..3ioxPHHVt3ijPr3lE.qo
last-modified
Wed, 03 May 2023 07:15:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
1038809
etag
W/"19e8f3904b07f4f909269af40e727a9c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
x-amz-cf-id
-35B0Gk-Te24IjBxPQgu1c4UQg8B6FL1Ta_FhEzrcOwsAKmWY3tYnQ==
english.json
checkpointsoftwaretechnologiesincavanan.widget.insent.ai/ Frame 1C73 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/english.json
Requested by
Host: checkpointsoftwaretechnologiesincavanan.widget.insent.ai
URL: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/static/js/vendors.0db022f8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8e00:f:7ae2:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
05c580da7227f1f1038b071466c09ff25dfaa681d82e4a71ed58beadf63e8670

Request headers

Accept
application/json, text/plain, */*
Cache-Control
max-age=31536000
Referer
https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/?project_key=p2xERwhuLXXni4npvQaI&blog_url=www.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&event_listener=rDBPuwRBrgR8nX3&hubspot_cookies=[%22cd36c575b67e59e38da6947e65770bad%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 03 May 2023 07:16:09 GMT
content-encoding
gzip
via
1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
x-amz-version-id
.x9m9BqeMhPVoW5CIGg8syeG7KzzoJAE
last-modified
Wed, 03 May 2023 07:15:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
1038807
etag
W/"05d6f056048cdc28c10284bd31bf2c30"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
cache-control
max-age=31536000
x-amz-cf-id
YS5M--yjNK1mcZITXZ1BchZsVO69KlS7rAatzgDZccZ5R44QRVtJ3g==
getuser
checkpointsoftwaretechnologiesincavanan.widget.insent.ai/ Frame 1C73 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/getuser?url=www.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation
Requested by
Host: checkpointsoftwaretechnologiesincavanan.widget.insent.ai
URL: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/static/js/vendors.0db022f8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8e00:f:7ae2:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
eb1004eac0394395a4c4bd2980c010156f9b29f3d6aa2616a67f9fdbc1d14ca9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/?project_key=p2xERwhuLXXni4npvQaI&blog_url=www.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&event_listener=rDBPuwRBrgR8nX3&hubspot_cookies=[%22cd36c575b67e59e38da6947e65770bad%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
hubspotCookies
["cd36c575b67e59e38da6947e65770bad"]
accept-language
de-DE,de;q=0.9
Authorization
Bearer p2xERwhuLXXni4npvQaI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:37 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
apigw-requestid
E9CSugR1CYcEJTQ=
x-xss-protection
1; mode=block
etag
W/"784-3sdtWlZ2qBgd30y5gmTfBvDWbQs"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-amz-cf-id
lhlDoKlINmdl4yAtbYbGTBVxK8AWfCU4R-EMMa2DMjNzmvtWpWDZgQ==
qu48rtya1h.m3u8
fast.wistia.com/embed/medias/ Frame 3F97 		570 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/embed/medias/qu48rtya1h.m3u8
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
af789ee1a6c4053d9d50bf1ce7a09130bb087e5504e91a63f0651f14de12824a
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fast.wistia.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:37 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=0
x-permitted-cross-domain-policies
none
age
333
x-cache
HIT, MISS
p3p
CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
x-envoy-upstream-service-time
27
content-length
570
x-request-id
06211e75-3ab4-478b-87e5-22cfbc8ea66b
x-served-by
cache-iad-kjyo7100020-IAD, cache-gig2250020-GIG
x-runtime
0.026294
referrer-policy
strict-origin-when-cross-origin
x-browser-version
113
server
envoy
x-timer
S1684136977.374699,VS0,VE119
etag
W/"af789ee1a6c4053d9d50bf1ce7a09130"
x-download-options
noopen
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type
application/x-mpegURL
access-control-allow-origin
*
cache-control
public, no-cache
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
125, 0
blank.gif
fast.wistia.net/assets/images/ Frame 3F97 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fast.wistia.net/assets/images/blank.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://fast.wistia.net/embed/iframe/qu48rtya1h
Origin
https://fast.wistia.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits
32, 2942
date
Mon, 15 May 2023 07:49:36 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
295072
x-cache
HIT, HIT
x-envoy-upstream-service-time
0
content-length
1214
x-served-by
cache-iad-kjyo7100120-IAD, cache-gig2250064-GIG
x-browser-version
113
last-modified
Thu, 11 May 2023 21:16:14 GMT
server
envoy
x-timer
S1684136977.952322,VS0,VE0
etag
"645d5b1e-4be"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000,public
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
x
distillery.wistia.com/ Frame 3F97 		0
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://distillery.wistia.com/x
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.105.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-105-253.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fast.wistia.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 15 May 2023 07:49:37 GMT
cache-control
max-age=0, private, must-revalidate
mput
pipedream.wistia.com/ Frame 3F97 		2 B
137 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pipedream.wistia.com/mput?topic=metrics
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.77.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-77-53.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://fast.wistia.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Mon, 15 May 2023 07:49:37 GMT
content-length
2
access-control-allow-methods
POST, OPTIONS
content-type
text/plain; charset=utf-8
clickstream.js
d10lpsik1i8c69.cloudfront.net/js/ Frame 7DF4 		287 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=e708588
Requested by
Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-217.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08364858e416bd80eb1c1e08b68b3b0bdf8c565df9324401e800e0a781147aeb

Request headers

Referer
Origin
https://www.avanan.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 03:19:19 GMT
content-encoding
gzip
via
1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
10384219
x-cache
Hit from cloudfront
last-modified
Fri, 02 Sep 2022 19:59:47 GMT
server
AmazonS3
etag
W/"6a7ba000cc0f3518baa46608eb12410c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
BDhmvbks2zFWRHrPfh7f4vN6WjmwRp6QMz-UJE3niYD8dUbAXgLgqQ==
img.gif
b.6sc.co/v1/beacon/ 		43 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=7988b8b9b9fb2b24661a471cde834fcb&svisitor=null&visitor=ea4efefc-592b-43f8-8d82-832b1d262445&session=a390df9d-db1b-4d3e-8edc-1722668cb51b&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2015%20May%202023%2007%3A49%3A37%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2015%20May%202023%2007%3A49%3A35%20GMT%22%2C%22timeSpent%22%3A%222009%22%2C%22totalTimeSpent%22%3A%222009%22%7D&isIframe=false&m=%7B%22description%22%3A%22Hackers%20are%20using%20the%20Gmail%20SMTP%20Relay%20Service%20to%20spoof%20companies%20and%20get%20into%20the%20inbox.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22The%20Gmail%20SMTP%20Relay%20Service%20Exploit%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&pageViewId=a0b8f9c8-744e-406f-8a37-b0a94713260f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-88.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:37 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 05 Jun 2021 07:56:05 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"60bb2e15-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
blink_green.png
d10lpsik1i8c69.cloudfront.net/graphics/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10lpsik1i8c69.cloudfront.net/graphics/blink_green.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-217.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9746bbc8be1eacd912bb90f2226b3f9141b15938f7b0281825c74999c0040c9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 04:32:12 GMT
via
1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 19:59:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
4072646
etag
"2e4ff7ec8bf18d247ee942621e0f9d65"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1283
x-amz-cf-id
pXiOtK33XjRzMlH-dCrOizeTTymYVrY5uEVemSyng6LxyVusatz7fg==
logo-light.png
d10lpsik1i8c69.cloudfront.net/graphics/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10lpsik1i8c69.cloudfront.net/graphics/logo-light.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-217.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 10 Apr 2023 00:58:30 GMT
via
1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 19:59:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
3048668
etag
"35ce74c31e3ef54462a234340af702d7"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1143
x-amz-cf-id
PhoiEEg7Dczgiwx_KNBrHgn5iG5_zDzsTfQh0bFHxUd_b4t49xxMjw==
sound-on-white.png
d10lpsik1i8c69.cloudfront.net/graphics/ 		277 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10lpsik1i8c69.cloudfront.net/graphics/sound-on-white.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-217.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 17:16:12 GMT
via
1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 19:59:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
2126006
etag
"76f1993de0fd323f67cece8d8e63bfa2"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
277
x-amz-cf-id
r-l0RxVu07AS8mJJKqbzjpIQByjNezRieYRrgFjAcBbvvOByy5SMoA==
mput
pipedream.wistia.com/ Frame 3F97 		2 B
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pipedream.wistia.com/mput?topic=metrics
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.77.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-77-53.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://fast.wistia.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Mon, 15 May 2023 07:49:37 GMT
content-length
2
access-control-allow-methods
POST, OPTIONS
content-type
text/plain; charset=utf-8
blog-subscription-laptop-icon-2.png
www.avanan.com/hubfs/website/img/blog/ 		109 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/website/img/blog/blog-subscription-laptop-icon-2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbf4d29d3505a4790b827cde56ca8e4e1d03ab709bb9db801f0a4f02c0fcc0e1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-amz-meta-cache-tag
F-110679711133,FD-11279827778,P-1835778,FLS-ALL
x-amz-request-id
2KRQ291XR6HZNJ8H
x-amz-server-side-encryption
AES256
edge-cache-tag
F-110679711133,FD-11279827778,P-1835778,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
content-disposition
inline; filename="blog-subscription-laptop-icon-2.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
cf-bgj
imgq:85,h2pri
etag
"8d71f834d25a82123bd27e64ec06b767"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1681321816755
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Mon, 15 May 2023 07:49:37 GMT
strict-transport-security
max-age=31536000
via
1.1 fbbaf051f1b6e237fbee09c998e075cc.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
eGk4cuTrlwYommw7ReeuO26P_osPr7sE
x-amz-cf-pop
MXP64-P1
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=212633
x-cache
RefreshHit from cloudfront
cache-tag
F-110679711133,FD-11279827778,P-1835778,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
112020
x-amz-id-2
hDpRxdSTLAAAOHcjkTSPS2jkOu+uEIWWDI4oZsr01oFDmefXBS1AXswUXgRnoqk1h6piJwS/JN8=
last-modified
Wed, 12 Apr 2023 17:50:17 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TEp7nCzJioitUS8YTMZUXOX1tTHSZQup9ur9RQ0jJPxPzbPF9c0hLv8Yqs%2BnM5IKh7J4Z9L5JarVfnYKgQCLL0S9xxSXYFWNli6ZEs59EcKIU1BUEwzyfv2QRgyl2e1wj%2Bo%2FocJXMLsiv1yL"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7c79c90dbb919b63-FRA
x-amz-cf-id
9WApkp1sqWYBsr5w3-qA9fZy5qav4YUeChkrfmcQDMnGIidn_dJO9g==
d7789a4a6a2dadfac9f63be60b6f079c9b4cda99.m3u8
embed-cloudfront.wistia.com/deliveries/ Frame 3F97 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-cloudfront.wistia.com/deliveries/d7789a4a6a2dadfac9f63be60b6f079c9b4cda99.m3u8
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:3800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
55b02a4e8ab36cd0f5f0a1c96265fb049f7264dd0030e84d5355838f0403f343

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fast.wistia.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:48:59 GMT
via
1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
x-cdn
cloudfront
x-amz-cf-pop
FRA56-P4
age
38
edge-cache-tag
d7789a4a6a2dadfac9f63be60b6f079c9b4cda99-hls-segment
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
47
content-length
2797
surrogate-key
d7789a4a6a2dadfac9f63be60b6f079c9b4cda99-hls-segment
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
server
envoy
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range,x-cdn
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
QWDnGf2-wSs4Z25Elo6H4UFzr_afA4mWi3R5ZpCWyPOLXEbg312pZQ==
expires
Tue, 14 May 2024 07:48:59 GMT
seg-1-v1-a1.ts
embed-cloudfront.wistia.com/deliveries/d7789a4a6a2dadfac9f63be60b6f079c9b4cda99.m3u8/ Frame 3F97 		74 KB
74 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-cloudfront.wistia.com/deliveries/d7789a4a6a2dadfac9f63be60b6f079c9b4cda99.m3u8/seg-1-v1-a1.ts
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:3800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
187153fd08d05ea0eaecb0c00992c57b2ce5b02dd63bcd4c776f0d9a343669f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fast.wistia.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 03:24:23 GMT
via
1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
x-cdn
cloudfront
x-amz-cf-pop
FRA56-P4
age
361514
edge-cache-tag
d7789a4a6a2dadfac9f63be60b6f079c9b4cda99-hls-segment
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
128
content-length
75576
surrogate-key
d7789a4a6a2dadfac9f63be60b6f079c9b4cda99-hls-segment
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
server
envoy
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range,x-cdn
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
jSFfD7MxkKMRaYEekuVzdbkq5Jg6MqsnRTop2Yas0bnSCiE-Oamv1g==
expires
Fri, 10 May 2024 03:24:23 GMT
reset.css
d10lpsik1i8c69.cloudfront.net/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d10lpsik1i8c69.cloudfront.net/css/reset.css
Requested by
Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=e708588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-217.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 10 Apr 2023 00:58:31 GMT
content-encoding
gzip
via
1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 19:59:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
3048667
etag
W/"7144eaceff0b31347712515a6116074e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000
x-amz-cf-id
2FgQj0Z89r5ecbnaYh-a9Sv_007d9H96_rWqo00L4i4OYKAG83hxQQ==
a8cf8718-6605-45a9-ac7f-f69220bf847c
https://www.avanan.com/ Frame 7DF4 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.avanan.com/a8cf8718-6605-45a9-ac7f-f69220bf847c
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length
0
Content-Type
f536bc2a-c648-4144-b6cd-8079830a389f
https://www.avanan.com/ Frame 7DF4 		30 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.avanan.com/f536bc2a-c648-4144-b6cd-8079830a389f
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb5a1fff57218742c5c1e469970504556a10d235b2379872b4ffcef9901d3bc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length
31224
Content-Type
026d439bd91de8ca0f25bebe632b85f163d73b67.m3u8
embed-cloudfront.wistia.com/deliveries/ Frame 3F97 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-cloudfront.wistia.com/deliveries/026d439bd91de8ca0f25bebe632b85f163d73b67.m3u8
Requested by
Host: fast.wistia.net
URL: https://fast.wistia.net/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:3800:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
361db3d022f6faee966335b2a09a1b9eda0295b5b7c701323a1f768cf127cdd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fast.wistia.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 04:10:55 GMT
via
1.1 7831c78db9d585e32d354900cc00dca6.cloudfront.net (CloudFront)
x-cdn
cloudfront
x-amz-cf-pop
FRA56-P4
age
99522
edge-cache-tag
026d439bd91de8ca0f25bebe632b85f163d73b67-hls-segment
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
136
content-length
2797
surrogate-key
026d439bd91de8ca0f25bebe632b85f163d73b67-hls-segment
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
server
envoy
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
Server,range,Content-Length,Content-Range,x-cdn
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
5lepROaruaiJjV-_zM3yseC1qHH5MeBt903_ZqNqUOTB8GIzTKZb-Q==
expires
Mon, 13 May 2024 04:10:55 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=7988b8b9b9fb2b24661a471cde834fcb&svisitor=null&visitor=ea4efefc-592b-43f8-8d82-832b1d262445&session=a390df9d-db1b-4d3e-8edc-1722668cb51b&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2015%20May%202023%2007%3A49%3A38%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2015%20May%202023%2007%3A49%3A37%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%223011%22%7D&isIframe=false&m=%7B%22description%22%3A%22Hackers%20are%20using%20the%20Gmail%20SMTP%20Relay%20Service%20to%20spoof%20companies%20and%20get%20into%20the%20inbox.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22The%20Gmail%20SMTP%20Relay%20Service%20Exploit%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&pageViewId=a0b8f9c8-744e-406f-8a37-b0a94713260f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-88.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:38 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 18 Feb 2023 01:45:17 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f02dad-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
bf
bf28149orj.bf.dynatrace.com/ Frame 9F31 		205 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bf28149orj.bf.dynatrace.com/bf?type=js3&flavor=cors&vi=DHUADFGDBDCRJFVKSHMMUKJAAHVCAFKW-0&modifiedSince=1683697995182&rf=https%3A%2F%2Fwww.gartner.com%2Freviews%2Fpublic%2FWidget%2Fdata%3Fwidget_id%3DYjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy%26size%3Dlarge&bp=3&app=c9f1951eb65229e3&crc=3247854151&en=4vwhu0vt&end=1
Requested by
Host: www.gartner.com
URL: https://www.gartner.com/ruxitagentjs_A2NVfhjqru_10243220606153550.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.139.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-139-167.compute-1.amazonaws.com
Software
/
Resource Hash
f291b251a2dcbeebe122189bd10993affa4c0c18435c06e9f4a0bb38d5ecaba0

Request headers

Referer
https://www.gartner.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.gartner.com
x-oneagent-js-injection
true
date
Mon, 15 May 2023 07:49:38 GMT
cache-control
no-cache
content-length
205
content-type
text/plain;charset=utf-8
img.gif
b.6sc.co/v1/beacon/ 		43 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=7988b8b9b9fb2b24661a471cde834fcb&svisitor=null&visitor=ea4efefc-592b-43f8-8d82-832b1d262445&session=a390df9d-db1b-4d3e-8edc-1722668cb51b&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2015%20May%202023%2007%3A49%3A39%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2015%20May%202023%2007%3A49%3A38%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%224011%22%7D&isIframe=false&m=%7B%22description%22%3A%22Hackers%20are%20using%20the%20Gmail%20SMTP%20Relay%20Service%20to%20spoof%20companies%20and%20get%20into%20the%20inbox.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22The%20Gmail%20SMTP%20Relay%20Service%20Exploit%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&pageViewId=a0b8f9c8-744e-406f-8a37-b0a94713260f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-88.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:39 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 18 Feb 2023 00:49:36 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f020a0-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=7988b8b9b9fb2b24661a471cde834fcb&svisitor=null&visitor=ea4efefc-592b-43f8-8d82-832b1d262445&session=a390df9d-db1b-4d3e-8edc-1722668cb51b&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2015%20May%202023%2007%3A49%3A40%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2015%20May%202023%2007%3A49%3A39%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225012%22%7D&isIframe=false&m=%7B%22description%22%3A%22Hackers%20are%20using%20the%20Gmail%20SMTP%20Relay%20Service%20to%20spoof%20companies%20and%20get%20into%20the%20inbox.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22The%20Gmail%20SMTP%20Relay%20Service%20Exploit%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&pageViewId=a0b8f9c8-744e-406f-8a37-b0a94713260f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-88.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:40 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Tue, 05 Oct 2021 22:17:52 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"615ccf10-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=7988b8b9b9fb2b24661a471cde834fcb&svisitor=null&visitor=ea4efefc-592b-43f8-8d82-832b1d262445&session=a390df9d-db1b-4d3e-8edc-1722668cb51b&event=active_time_track&q=%7B%22currentTime%22%3A%22Mon%2C%2015%20May%202023%2007%3A49%3A41%20GMT%22%2C%22lastTrackTime%22%3A%22Mon%2C%2015%20May%202023%2007%3A49%3A40%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%226013%22%7D&isIframe=false&m=%7B%22description%22%3A%22Hackers%20are%20using%20the%20Gmail%20SMTP%20Relay%20Service%20to%20spoof%20companies%20and%20get%20into%20the%20inbox.%20%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22The%20Gmail%20SMTP%20Relay%20Service%20Exploit%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation&pageViewId=a0b8f9c8-744e-406f-8a37-b0a94713260f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-88.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit?utm_campaign=Campaign%20-%20Gmail%20Enterprise%20US%205%2F9%20-%20FY23&utm_medium=email&_hsmi=256999519&_hsenc=p2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg&utm_content=256999519&utm_source=hs_automation
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 07:49:41 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 18 Feb 2023 02:04:22 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f03226-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

264 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 boolean| credentialless function| $ function| jQuery function| hsjQuery object| dataLayer function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ function| Cookies object| ldfdr object| _6si object| __core-js_shared__ object| Sslac object| IN object| _hsq object| hbspt function| GartnerPI_Widget object| bootstrap object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| __gaConnectorEventsEmitted object| _self object| Prism function| EventEmitter object| eventie function| imagesLoaded function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| __twttrf object| twitterFetcher function| jarallax function| VideoWorker object| hsVars function| hs_i18n_log function| hs_i18n_substituteStrings function| hs_i18n_insertPlaceholders function| hs_i18n_getMessage undefined| module_8578075 function| i18n_getmessage function| i18n_getlanguage function| DOMPurify string| GoogleAnalyticsObject function| ga function| twq string| _linkedin_data_partner_id object| GooglebQhCsO function| hj object| _hjSettings function| fbq function| _fbq number| __lo_site_id object| SWPX object| techtargetic object| hsPostListings function| hsPopulateListingFeed function| hsOnReadyPopulateListingFeed_691638024_1684002769724 function| hsOnReadyPopulateListingFeed_1237061103_1684002769725 object| google_conversion_id object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments object| t object| s string| insentCompanyDomain string| insentProjectName string| insentProjectKey object| insent function| _possibleConstructorReturn function| _inherits function| _classCallCheck function| _extends function| _createClass object| Custombox object| ce object| core object| System function| asap function| Observable object| regeneratorRuntime boolean| _babelPolyfill function| ES6Promise function| jsonpHandler function| lintrk boolean| _already_called_lintrk object| google_optimize function| UET function| UET_init function| UET_push function| onYouTubeIframeAPIReady object| script object| twttr object| gaplugins object| gaGlobal object| gaData object| ueto_bfd6a9b64b object| uetq object| FB boolean| __lo_csr_added object| __twttrll object| __twttr object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| _hsp object| __buffer object| tbw_parameters function| tbw_set_cookie function| tbw_get_all_cookies function| tbw_get_cookie function| tbw_get_part_of_cookie function| tbw_check_cookie function| tbw_get_host_name function| tbw_collector function| tbw_get_first_party_cookie function| tbw_get_parameters function| tbw_callback_other function| tbw_callback function| tbw_bw_call function| tbw_make_bw_call function| tbw_event_tracker function| tbw_form_event_tracker function| tbw_set_event_listeners function| tbw_get_bwid_from_url function| tbw_get_current_utc_time function| tbw_send_data function| tbw_parse number| animateId boolean| _hspb_ran boolean| _hspb_loaded boolean| PIXELS_RAN object| enabledEventSettings object| _paq function| sanitizeKey boolean| _hstc_loaded object| globalRoot undefined| hns function| bindToWindowOnError function| defineProperties object| leadflows object| hubspot function| OutpostErrorReporter function| _registerAvailablePopup object| _availablePopups boolean| popupPoliceActive undefined| hns2 undefined| jade undefined| I18n undefined| Pikaday undefined| reqwest undefined| exports undefined| define boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN object| GlobalSnowplowNamespace function| snowplow function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow object| _linkedin_data_partner_ids object| __webpack_modules__ object| __webpack_module_cache__ function| __webpack_require__ object| __webpack_exports__ object| Wistia string| _wistiaElemId object| _wq object| wistiaEmbeds boolean| _hstc_ran string| __hsUserToken number| expireDateTime object| cpxUrls string| queryParams object| paramString undefined| j undefined| currentElement undefined| currentHref undefined| modifiedHref boolean| isSessionActive boolean| isInsentUserWindowActive boolean| insentPauseUrlCheckInterval number| checkCookiesIntervalId string| insentPageUrl number| insentUrlChangeIntervalId boolean| LEAD_FLOW_DOCUMENT_READY_RAN string| eventListenerName function| wistiaBindIframes object| wistiaApi function| wistiaDispatch boolean| _loaded object| WTW_Watcher object| LO object| _loq object| triggerForms object| insentFoundFormsBlackList object| ziFormFields string| insentUserId string| insentPageSessionId

54 Cookies

Domain/Path Name / Value
.www.avanan.com/ Name: __cf_bm
Value: VQI5eJ1MBWMXeEmJOlNF1UwNbTaFKGiDtt_.OVEg3VA-1684136974-0-AavTXqH0CzWUAja3RYBDDAuPBLpJ09QbTPGl2mg79MQnjAxH9VWCAA+VuCjsW9eOEH3XgnolvaGxQktN76XC718=
.www.avanan.com/ Name: __cfruid
Value: 29a36a5d03d7514b58584f7c1ce22f18b2abbfdb-1684136974
www.avanan.com/ Name: d-a8e6
Value: 06e41583-9ef2-4ab9-8a46-7ecb3254ea86
www.avanan.com/ Name: s-9da4
Value: 1377b931-9870-4d98-b50a-0d6337acce8c
.hubspot.com/ Name: __cf_bm
Value: K4_12Ud90L0DW7oL6XCPyQYqUvx3pXgPKHIGD6ffEws-1684136975-0-ASe3OhmdYEtYIPek3mOqO4JI5tijDEec5/2ISOoVE2WL0OcAIORUQSsOeDwXiv8PZmBVHlmGi/gFOzGjSQXK+wE=
.avanan.com/ Name: _gcl_au
Value: 1.1.1025096594.1684136975
.avanan.com/ Name: _lfa
Value: LF1.1.02007ddbe18c7804.1684136975307
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.techtarget.com/ Name: __cf_bm
Value: 7mVoMyL5T5b93aTCquWnsYoJT_nxn8G1_zl0dRMEQd8-1684136975-0-AY7aIeu3HYhpf3Wlnzzl7sLjpnACn7ZgbBSFRNUBwcFo7LEir+UZqGqmEbV1BgFhKmsyASkwzvvgYp4VW9TUWvw=
.avanan.com/ Name: _ga
Value: GA1.2.1694533053.1684136975
.avanan.com/ Name: _gid
Value: GA1.2.1319487684.1684136975
.avanan.com/ Name: _gat_UA-59393664-1
Value: 1
.avanan.com/ Name: _uetsid
Value: 094713e0f2f511edadc9956818f14882
.avanan.com/ Name: _uetvid
Value: 09472b90f2f511ed9d27bdd2955d5e91
www.avanan.com/ Name: ln_or
Value: eyIxMTA1MjgiOiJkIn0%3D
.bing.com/ Name: MUID
Value: 31DFA717645E69821224B40565F268EE
tracking.g2crowd.com/ Name: _session_id
Value: 5b35d6e954cdc516c71b42c8341b5055
.g2crowd.com/ Name: __cf_bm
Value: VENHhG_VB0BJWB1eot8JOZu8w3XOaCbcgQt5zcI17Sg-1684136975-0-ASXCGqfETt0ESBrFHI2bdfnFRiwFsbnhoUdtdeejrpT5lb0xtVB9LiFOB7Oeb5RL/q19coo+llVKj4LsmvzsWtE=
.avanan.com/ Name: _fbp
Value: fb.1.1684136975569.1409508750
.linkedin.com/ Name: UserMatchHistory
Value: AQJJDBfzuqkBMwAAAYgeYtypVh9yFjV1icdq4mArAdHAJx9JyAPk7Yea3iKl-Ucq966DzuQvi7TyDQ
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJbI01htqxg0wAAAYgeYtyp7dJpSAx_rhaodsYz2puz8MSDNY29QZjzBqYizJIaa1__2snk1lj9XPVJ2HANCA
.linkedin.com/ Name: bcookie
Value: "v=2&f9563d43-b09c-409e-8e3f-6b174b660562"
.linkedin.com/ Name: lidc
Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2907:u=1:x=1:i=1684136975:t=1684223375:v=2:sig=AQHn4gd4Unkz7p79h3REtdmrBJ48Z8-9"
.t.co/ Name: muc_ads
Value: 345a77bd-8edf-421c-87c5-4320d64a0aa7
.spiceworks.com/ Name: _swnid
Value: m6jrtmpe3s0u
.spiceworks.com/ Name: _swauth
Value: n
.avanan.com/ Name: _hjSessionUser_2523353
Value: eyJpZCI6IjYxMjNiODE2LTA5YWMtNTA1Ny04YTk2LWE0ODMyNjFlMTk1MSIsImNyZWF0ZWQiOjE2ODQxMzY5NzU2MzIsImV4aXN0aW5nIjpmYWxzZX0=
.avanan.com/ Name: _hjFirstSeen
Value: 1
.avanan.com/ Name: _hjIncludedInSessionSample_2523353
Value: 0
.avanan.com/ Name: _hjSession_2523353
Value: eyJpZCI6ImQ4NzI4ZmEyLTI4NGUtNDc4Ny1iNjRkLTFmYjliOGY4YjJmNyIsImNyZWF0ZWQiOjE2ODQxMzY5NzU2MzgsImluU2FtcGxlIjpmYWxzZX0=
.avanan.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.twitter.com/ Name: personalization_id
Value: "v1_WXIBZcKgJX+GTLbKfiw80g=="
.www.linkedin.com/ Name: bscookie
Value: "v=1&20230515074935471ed88a-8df7-45e6-84a5-3044b0dd4e9eAQFuce5GxdbkOJThf7oCFqtysi4a5h0J"
.linkedin.com/ Name: li_gc
Value: MTswOzE2ODQxMzY5NzU7MjswMjFlSvUheoJPBesMj6swBgWJD7Yrjigl6xkbRTz8aOqXuA==
.bidr.io/ Name: bito
Value: AAJWdE7Iw8gAACJVbAuNRQ
.bidr.io/ Name: bitoIsSecure
Value: ok
www.avanan.com/ Name: tbw_bw_uid
Value: bito.AAJWdE7Iw8gAACJVbAuNRQ
www.avanan.com/ Name: tbw_bw_sd
Value: 1684136976
.influ2.com/ Name: R
Value: d9925c63f860e18da38f6b91
www.avanan.com/ Name: _sp_ses.05d9
Value: *
www.avanan.com/ Name: _sp_id.05d9
Value: 90b0fa28-8f62-410e-b697-604d692c217a.1684136976.1.1684136976.1684136976.c98dd16b-6824-456e-ba4b-6ff8934aa252
www.avanan.com/ Name: _gd_visitor
Value: ea4efefc-592b-43f8-8d82-832b1d262445
www.avanan.com/ Name: _gd_session
Value: a390df9d-db1b-4d3e-8edc-1722668cb51b
.avanan.com/ Name: __hstc
Value: 23485541.cd36c575b67e59e38da6947e65770bad.1684136976343.1684136976343.1684136976343.1
.avanan.com/ Name: hubspotutk
Value: cd36c575b67e59e38da6947e65770bad
.avanan.com/ Name: __hssrc
Value: 1
.avanan.com/ Name: __hssc
Value: 23485541.1.1684136976343
com-thebigwillow-prod1.collector.snplow.net/ Name: sp
Value: 768c89e8-79cf-40f6-9f88-8a7f7d062fb4
.6sc.co/ Name: 6suuid
Value: 54bb10027b412e0010e4616455020000a4920300
.avanan.com/ Name: _lo_uid
Value: 128904-1684136977012-09eaa18302ebdec0
.avanan.com/ Name: _lorid
Value: 128904-1684136977012-94734f3ece3c28b1
.avanan.com/ Name: _lo_v
Value: 1
.avanan.com/ Name: __lotl
Value: https%3A%2F%2Fwww.avanan.com%2Fblog%2Fthe-gmail-smtp-relay-service-exploit%3Futm_campaign%3DCampaign%2520-%2520Gmail%2520Enterprise%2520US%25205%252F9%2520-%2520FY23%26utm_medium%3Demail%26_hsmi%3D256999519%26_hsenc%3Dp2ANqtz-_4-Y48F4RKgVuaEvINVLkXx9kLFWY_Cedy4_RmkWzWsFeeJCX3P2AcHT9P3bByby7tNYft8SLjHw5JHRwxGz2LH_rVGg%26utm_content%3D256999519%26utm_source%3Dhs_automation
.avanan.com/ Name: insent-user-id
Value: SHbqcdKW15D32T5xe1684136977160

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api.hubapi.com
app.hubspot.com
b.6sc.co
bat.bing.com
bf28149orj.bf.dynatrace.com
c.6sc.co
cdn.linkedin.oribi.io
cdn2.hubspot.net
cdnjs.cloudflare.com
checkpointsoftwaretechnologiesincavanan.widget.insent.ai
com-thebigwillow-prod1.collector.snplow.net
connect.facebook.net
cta-service-cms2.hubspot.com
d10lpsik1i8c69.cloudfront.net
d26x5ounzdjojj.cloudfront.net
distillery.wistia.com
embed-cloudfront.wistia.com
embed-ssl.wistia.com
fast.wistia.com
fast.wistia.net
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
googleads.g.doubleclick.net
ibc-flow.techtarget.com
ipv6.6sc.co
j.6sc.co
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hscta.net
js.hsleadflows.net
js.pusher.com
lftracker.leadfeeder.com
lh5.googleusercontent.com
lh6.googleusercontent.com
match.adsrvr.org
match.prod.bidr.io
no-cache.hubspot.com
perf.hsforms.com
pipedream.wistia.com
platform.linkedin.com
platform.twitter.com
px.ads.linkedin.com
px.spiceworks.com
px4.ads.linkedin.com
reviews.static.gartner.com
script.hotjar.com
settings.luckyorange.net
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
static.hsappstatic.net
stats.g.doubleclick.net
syndication.twitter.com
t.co
t.influ2.com
tr.lfeeder.com
track.hubspot.com
tracking.g2crowd.com
trk.techtarget.com
use.fontawesome.com
vidassets.terminus.services
wec-assets.terminus.services
www.avanan.com
www.facebook.com
www.gartner.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.influ2.com
www.linkedin.com
104.244.42.197
104.244.42.67
104.244.42.8
104.26.10.16
13.107.42.14
13.224.194.132
13.225.78.75
13.32.27.112
142.250.185.226
143.204.210.101
143.204.214.217
146.75.116.157
18.66.112.89
18.66.122.59
18.66.97.49
2.16.187.88
2600:9000:20eb:3a00:2:53b2:240:93a1
2600:9000:214f:2800:14:c034:4840:93a1
2600:9000:223e:3800:1e:c86:4140:93a1
2600:9000:223e:aa00:1e:c86:4140:93a1
2600:9000:225e:8e00:f:7ae2:7780:93a1
2606:2800:234:59:254c:406:2366:268c
2606:2c40::c73c:67fe
2606:4700::6810:78be
2606:4700::6810:89ce
2606:4700::6811:180e
2606:4700::6811:7f6e
2606:4700::6811:c9cc
2606:4700::6811:d3f3
2606:4700::6812:18c4
2606:4700::6812:1e49
2606:4700::6812:8e65
2606:4700::6812:a7c0
2606:4700::6812:cec9
2606:4700::6812:d9f
2606:4700::6813:9a53
2606:4700::6813:9b53
2606:4700:e2::ac40:840f
2620:1ec:21::14
2620:1ec:4e:1::69
2620:1ec:c11::200
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:813::2001
2a00:1450:4001:828::2008
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2013
2a00:1450:4001:831::2001
2a00:1450:400c:c0c::9a
2a02:26f0:480:23::1726:629c
2a02:26f0:780::210:ca7a
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:400::622
2a04:4e42:600::622
3.226.139.167
3.33.220.150
34.107.254.219
34.111.208.231
34.202.77.53
45.60.13.212
52.2.105.253
52.207.149.245
52.222.236.122
52.222.236.25
54.170.99.83
00945b4442ad74b80b55c6119f2fcaaf22d60baf60e92e4e90bb02c52ee48218
03817f3f6505178f6f24ef977ac8cd844ba3427f0353759e41bea905c565020a
057d87ec0edbdb5fe7d60d32da4c3abfe1dc2e6a0aacd6543a5e9dabb7bbd21b
05c580da7227f1f1038b071466c09ff25dfaa681d82e4a71ed58beadf63e8670
0650c9d588778e7184688747d8fb5e5b04cc78d212c3bbd7a0c9ecb2405c718a
06b19cc42570e31c7e4578e943ccdc73578e4bbd6854a7c8b7755bd5c9d88757
081d08f71fb7a07fd5247ce2d20af91a41899fd4ee1b129c18fedf8a04b5bbae
08364858e416bd80eb1c1e08b68b3b0bdf8c565df9324401e800e0a781147aeb
08deb5fb8e8a49d3e598cab0f6c178154648cd6234894569a0987812b19475f3
09fdb2959efa7f317724a5762ad6dd73d941613bfd3764ed8be04ddbc4338b4b
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
0c5109ab0fecc5ef21cc3eddf9e5e66741feb3c03a08c0c5d12a153bffe56a4d
10deca523f2d7d41a77738b61b503fb9ec9f7c8e5f96d34b4e760f7ab807983a
12ce92cc3c4eb9d74f48e9a10eb919bdf30bbdc5ccf9843c6543fec302dec54f
14610505ce370f97a024cd871f8dc9f34ac3f07b25700f8d900744b79e5ebd88
187153fd08d05ea0eaecb0c00992c57b2ce5b02dd63bcd4c776f0d9a343669f7
1aa038e69fb05d11fb4d6b5f280a40e03162f22452188f9227cd5e40aa1a9b80
1c14c58f54d58b7e29603e42437008c3ddac500dd339923141afdbe279c8a123
21091df3e91e575d018aa5b94c490bc0921233e901913052ceec557a2f3537ae
2193768a4eeab81d445dc71d0e14b7234f707b2f1deb9ebd5f508738fe4cda83
22cecf5526a9a6a3c3d49dea18b28fd902a5a2bec155a04a7c21bb654b9ec0c9
23ad4b302eac0ba8eabf2181ec466f0b17ff86f9750d7ee59a7202902b746446
24a3a9ccca4cde6a90f28a96467b83fcc8e8b02ae532b85c46d45514e98c9dc9
257855f4e23a1e3d382077b15bfc30971c9c261fc23512c88abfdcda05f28bc4
265dc9381f2b760551a12eb31f4bbc194ea6609b90fd79a59fc53cb0e1210146
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b5bb03bf7c19ca7405613763d54e20d168ddf46d8286db6efba53b7861cdc75
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
327f498e13e0a8166699d8d770f3806775c2707dd893d18f0139b84b0b9d8576
33898eec6c986fb47629644a8e77919b70f225f8e0c20020abb3cb1c88e87b8a
344cd43902a0ac8a2a12b112a9a9904fb7b26ebd33ead31a492aed6ef4e89b82
361db3d022f6faee966335b2a09a1b9eda0295b5b7c701323a1f768cf127cdd7
3636e8810aa8b16828af450174251147977372f0201e77d464c719f110b0924f
3689710be7d2e69e0ca54f8cb9bad5d54b13dbd4942b864b62000c1a7d17a028
3726f6f71175b54abf48e8863b8634461bcbf34831f7c1b0a1d11e2604782b3a
384ebb3a6b18fba46505d1421ff20bcd924b64606de2641eec22ed8bc41bf0fb
389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862
3e00dbd0107d87573b81f1a74dfa5cde40905a92bd5634b8680bde46d926d744
3eb73cc89830d3824b5c588849b29a5d4bad5b71108ba60e17bad3e6276dd5f7
3f695cba501e8b8c76c6138dc39ea38470108b7974852832dcdae4fed1c80752
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245
4212a717b8d61a5ee679e86faef6b912c275aac5508f97350dac01bede075100
45d396400e7f9bf0e5ee7717f5623171bafe345298ae8c6e7abeade263c7caad
46891f1a0d9fc55b4650e10dbdc598a5269f19fdbd69305f8b8d1cd360b49f8d
49c8d692cb67ec3cc5b35e839c50c5c9eea05fe3ce82894eb02d22240554a0aa
4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589
4eed62e19ef261a18dade30aac09258399bbead589a04d061bce834f0d5a2bcd
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
54ff1ebf4247ecd1fdefdd027b695c8eca043b8987861f9edd37fee6ccceb2ef
55b02a4e8ab36cd0f5f0a1c96265fb049f7264dd0030e84d5355838f0403f343
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
566c9c0f522fad08afd15f3a6f634a09912d66d9e50594fcf20d281c1c596a55
56f9c5f99829774d0b2fbdcfd9750b617127e913afa0569afef6dfa22165659e
5a6284f5e68fe70bb17c9aecb532fdb513b37ec0096d21e9a7231fbcfeda6794
5bfd27d96445b8d09c25ca415de93742d6d91728228df9c81a06e974b779153a
5c4923634b0e090f22232169832358f38a3ee6fd657a40d77f6775dff10edbb1
5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f
634cd6856c830752abf4b33133617045f344d5713d8fa567269172ed76d1cac3
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
6967002e1c0e51d3644161948e5e6d7df887b0c8e2a1b7fa9ec899186cb17bc0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6fbecdde63cefbeb511fc193ff653cf649ce9a2a9a120316d40f20b809afb647
71577fb46a22fa031506bab9c5ddb4640e38ef10a1b4959a11288b41ce4b0757
723fbf8d73cd4e75f64f7d21558585aa1658b11332e87bd288f6987e398ecfb4
761d502444340391df82f7427631aa561866d4e819f17b6604521b11a80558fe
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7a2f15820ffe7ec552c256f18b8cd6485618d23a5648f535992e5c6928a542b7
7a82df3611c2166b9b9e824830c57bc09ef40860b9dc83fb2897b9a2a3ab0b98
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b4c6df43d8be2860c107af980f4ae9c27dea1b14e0112921c3aef511bb29b07
7d44991abb8050e8635c2c77d056df901f9a0ed11a854ff87e919fc09be4c13b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8150a6e66442996f64560b128d0effe532ed5eabdf0a8c6176c8c4e8ed502e6f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
861faea2aa24f42b2ab62f71cf6c59ea895a40b1acf9834408b42d61791cad84
87d6c8ca2c4746ba9c42bd4b56b9f8dcb23dc4f4c8a5e338039a915eddbb4cfb
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
8c31f9221454873de9c5bc222c2b5c97f216d3b21b0a3589f77f49fbcacf4a0d
8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
8deb475ac50713a43d3cf93fb2579f1badda5b9dee5704850b032f0f25564895
8e7902d12bed414b23fd30c7019fc0fe08d03b14984beb21e486aaa59135f803
8faf8cba7ae5d563bc68ad2386be69177e2fc73e42f1192dc31374c09c2e1f4f
9178d19c46b5a36fc8d4de24aa7fef3b62e7f69c259f4e81ee3f2d5aba263216
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
94b9164549fba805d07a371447577e77ca7d335fb19f9eaf978209851969cf08
95aa8e313379de34e63af40aea0436318a0f22781469dc888b494816dff2b259
9660a687d49b304caa9c3ba8c0121998229f0c4e773c287cd72f66a0dd4afa12
97152508df33871d78e6d8595480ac6c5cf8f2feb1fc1ef7fd2ef7a0517810c7
9746bbc8be1eacd912bb90f2226b3f9141b15938f7b0281825c74999c0040c9b
979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec
9a83cb63ef8312699836ca708d4a7bb796a19592aab3ce4a57cca079cb334fbc
9a9a0e517e155893dcddb5939615e47f2cd61651e3f179ae21729e8847f8668a
9cc4593f52bca6bee12a30d4e096d25b8d93c7cbde26648fd215dc22ffb781aa
a260880e14e5092f64a82ce312043ad414261d82dab1b3a982329e64d9b4da09
a28a88a058bb32f3fff988c31380f2392939d9c4d1bf38b32f531969a02a33de
a3c80f16a52c4f2b6c7032400f5b63293b939042dd54d1661f1115159d678ef7
a405625d3620d1ef8d74c8bdfae7a609a563854125a2e4d306b9b33083a50c7c
a62430c1506f9d9ecc0bca9ffa39a073d5148f07be4aa54ed4532f9650caf56a
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
a7fd41fd349db8949a256323b8d9af1f86fe14bbd84214553ca70cb488a95e7b
a87eea0ed4667d6241611511e68dce431477cbd9a06c9482b01323d6a0b972f9
a9d395934397a732fbe71389da2c91e6b1b145e84df96ebef2530466fae5741a
aaf9f27511743021075704cc1a18cd238c71531377f310c4170db754d42d7fa3
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adbb58c41a9b589400d5abd8c0ed6dc960b608725ac7d55b69d60ef97f9fdaac
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af789ee1a6c4053d9d50bf1ce7a09130bb087e5504e91a63f0651f14de12824a
b057f4707a4e3bbf69647a669ebc4dbf35a9b5b25864b5fc63162e71f58621c8
b079c333c20b6e561a58cc58e549bee82b591412eb55b725944e798b15ff8123
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3491c0c307e23d2e50f8fe6e613e44118d1b26b2838b5b1e82f0fc4d0804ac4
b59a0404929cf4a3ad1cbd9c2ffaaff3f8c2e838a70867c1de2dfddc5a2b2f91
b5eb576aaebbab677cf473e3d7eda32870c8301486dee7019b9615b328a61bc5
b648b3c9d20f3b87bf24c9f20cd940d40ab038f24fc3142588961fc57131e74b
bc86fc5815dafcfc9de829b68ea7d450d31efee607b1b86c21bf595bb043a015
bc930f6c46467754435ba07fd8bc1036b4105460dabb2c51dc2b56d4bb52f72c
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
bf6f2ddd3a93cfc831316931e733e85bfa4d344c33398e6c32115761bec7ba69
c15fcc8166f92d95e73d9a0829a374c8b89ddcbfb5f023b5c3c818d5c1cbed2e
c2aeabf81d51ea037c127d3cd1c782a531f0546ba4fe63964c784855eefd5fec
c2f55236378ce58c9007518bc29c7b6d7aaef7164131709f04779e5b8886f351
c9938667d93de196aaf78c8f64774253cd228dcb3d1c22e683b1cd27e6bc08c8
c9f4f26b295a1e436fdec1b7d4293be8e52c1b56e6cc522dd88481faffb04146
caeacfc37ca68a7952a6f8f660a28ae52e64a62c5240b2976d502dccf8a8f48a
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cd565a2cdc1f2f2f6c7b5f409fc5c6a6375cbab92a09a6c4a98868f68d6b62e9
ceaca9649a3f543b461e65bf843a47f282b0c02a5b06694abb8f46ba22076da9
cecea75023618d7e563d4086ced7df8ad0040d882e6b5144a70f4699382329b8
cee4c88acf7c3c3dcccb399551a63adc05cbbc91644ff64b5086136c7c0776ff
cf3e0ecae28a70c5e010c24c160321243efe54f497d49a6a8f31ca12ee7eb972
cf53806c2a4cef2c89a8502411683c83162fe73859d7d24244259e7e793df68a
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d48adf8a09e3b1d565616e747a349fb573c49b61dfd600cc1d76dd91f501622e
d5611a48c63965250e4fcd390221238a05573ebfc21857d3253927ff0983a868
d9f69c562fa39d1b002af05da1c6b99247e69c14a48e67b35d8a8b0efd739128
da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a
dbc76164bf9cf40d574122130187f2507e944800ab74de82b1b5654b5245c367
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
ddd0af87d02bf88046acaf36141538c4852763b37b99ad5ea41ab6b07829818f
deb3d40a52e939dc606cacea278753f149b56d19b6619994069659687e3a7728
e3640c9e176b212640e5d1ba0e522d80ebe382b5a18fc55ae4f7be28d1b138be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d94fa4258ac39fcc082b7f33391bdf533ea00f37b6c42a8631d0c8e55a9ee5
e63415b27f670b7443693ed18a33bbc6c8c4f19976469ab38ae1784b29e70c6f
e6713fb9ddf25585f97a9c877f75edbb8b2c0d0691c1402fe85c145a9098527d
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e94bb9eafa09b4181f7208f1466552561329b27bc870ea785be1fbbeb32661d8
eb1004eac0394395a4c4bd2980c010156f9b29f3d6aa2616a67f9fdbc1d14ca9
ef116c4b154888a36784c143110b264cfe6528a4061c5dcc14e6431ecfbcac56
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f23f42796e0c3e29ba160c46015b9aef160581a01ac3f0f14e26bf94b208fe79
f268614e7be44fc18dbfa5350bfeea8539258da4830ef728c56e05bf62f46b57
f291b251a2dcbeebe122189bd10993affa4c0c18435c06e9f4a0bb38d5ecaba0
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f54ad99ac9b8bf0271cc6d19132826863aa3dc7077b4d5c586f99c46130efb30
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f68519ba7639cdbff92cf7c044bd5455e4c87320689a3f2d4b2418ca4e91cd01
f75e7361bbcda225d800dd06644f99253ae2cf5ab6a0e47ff7967474e7afb4a6
fb5a1fff57218742c5c1e469970504556a10d235b2379872b4ffcef9901d3bc0
fbb3bcb80a056423c4e9c19e56998a54ac7444913f387f2294acd76786fad9dc
fbf4d29d3505a4790b827cde56ca8e4e1d03ab709bb9db801f0a4f02c0fcc0e1
fd5e0c3a0682f03217f201588e51e77bf778d5506224074918f505423f0e25a2
fd6aef7e70901bd5018e23bf8f366b1363e27c9263a2e058df2ca725cf81aab5
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fe0ab3675277ef9da31361222eacbee840c65f6de37fdaf3ec0bf4f8e76814cd
fe2d7250cc0730dc655721c5fa4bf5236dcabdf57f8593e8fe2096a42c0c8baf
fe5f4af17be162aaf3e1dadbc08fe06e678c87620a221b3fef8e2ca7a779986d
ff4e0b144f55e6bf1ac619baad9714973a381bc5c106e2cf62543d8d671f9c19