urlscan.io logo urlscan.io
SecurityTrails logo

www.varonis.com Open in urlscan Pro
45.60.154.169  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&_hsmi=274892453&_hsenc=p2ANqtz-8l_K5Ee340xuT9v...
Effective URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&_hsmi=274892453&_hsenc=p2ANqtz-8l_K5Ee340xuT9v...
Submission: On September 20 via manual from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 49 IPs in 3 countries across 38 domains to perform 182 HTTP transactions. The main IP is 45.60.154.169, located in United States and belongs to INCAPSULA, US. The main domain is www.varonis.com. The Cisco Umbrella rank of the primary domain is 539348.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q3 on August 30th 2023. Valid for: 6 months.
This is the only time www.varonis.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
47 45.60.154.169 19551 (INCAPSULA)
3 2606:4700::68... 13335 (CLOUDFLAR...)
31 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2400:52e0:1e0... 200325 (BUNNYCDN)
1 2606:2800:233... 15133 (EDGECAST)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:440... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f08... 32934 (FACEBOOK)
2 2606:2800:234... 15133 (EDGECAST)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700:440... 13335 (CLOUDFLAR...)
3 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42::396 54113 (FASTLY)
4 152.195.15.58 15133 (EDGECAST)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 52.57.3.170 16509 (AMAZON-02)
1 146.75.116.157 54113 (FASTLY)
9 184.86.251.7 20940 (AKAMAI-ASN1)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 52.222.236.4 16509 (AMAZON-02)
2 3 37.252.171.53 29990 (ASN-APPNEX)
1 15.197.193.217 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.1.140 54113 (FASTLY)
1 104.244.42.197 13414 (TWITTER)
1 104.244.42.67 13414 (TWITTER)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
2 2001:4860:480... 15169 (GOOGLE)
1 104.244.42.200 13414 (TWITTER)
2 52.202.224.54 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
2 3.69.80.35 16509 (AMAZON-02)
1 4 184.73.188.169 14618 (AMAZON-AES)
2 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
3 18.165.140.103 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
182 49
47    45.60.154.169 (United States)

ASN19551 (INCAPSULA, US)
www.varonis.com
info.varonis.com
3    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
31    2606:4700::6810:6fd1 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn2.hubspot.net
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)
plausible.io
1    2606:2800:233:66b5:799a:7cd3:f74d:7071 (United States)

ASN15133 (EDGECAST, US)
platform.linkedin.com
1    2606:4700::6812:4ffd (United States)

ASN13335 (CLOUDFLARENET, US)
static.hsappstatic.net
3    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cse.google.com
3    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2606:4700:4400::ac40:9284 (United States)

ASN13335 (CLOUDFLARENET, US)
142972.fs1.hubspotusercontent-na1.net
6    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    2606:4700::6810:4dba (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6811:fba8 (United States)

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
4    2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
3    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
4    152.195.15.58 (United States)

ASN15133 (EDGECAST, US)
cdn.bizible.com
cdn.bizibly.com
1    2606:4700::6810:bd59 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    2606:4700::6811:4341 (United States)

ASN13335 (CLOUDFLARENET, US)
scout-cdn.salesloft.com
6    52.57.3.170 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-3-170.eu-central-1.compute.amazonaws.com
tags.srv.stackadapt.com
1    146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
9    184.86.251.7 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-7.deploy.static.akamaitechnologies.com
j.6sc.co
c.6sc.co
b.6sc.co
2    2a02:26f0:3500:16::215:149a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    52.222.236.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-4.fra56.r.cloudfront.net
trackit.ktxlytics.io
3    37.252.171.53 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
ib.adnxs.com
1    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
2    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
app.hubspot.com
track.hubspot.com
1    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
clients1.google.com
1    151.101.1.140 (United States)

ASN54113 (FASTLY, US)
alb.reddit.com
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    2a02:26f0:7100::210:172 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ipv6.6sc.co
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
1    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
2    52.202.224.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-224-54.compute-1.amazonaws.com
scout.salesloft.com
3    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    3.69.80.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-80-35.eu-central-1.compute.amazonaws.com
epsilon.6sense.com
4    184.73.188.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-188-169.compute-1.amazonaws.com
c2.ktxlytics.io
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
2    2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    18.165.140.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-140-103.hel51.r.cloudfront.net
js.zi-scripts.com
2    2606:4700::6810:880f (United States)

ASN13335 (CLOUDFLARENET, US)
ws.zoominfo.com
Apex Domain
Subdomains		 Transfer
47 varonis.com
www.varonis.com — Cisco Umbrella Rank: 539348
info.varonis.com
4 MB
31 hubspot.net
cdn2.hubspot.net — Cisco Umbrella Rank: 20014
62 KB
11 google.com
cse.google.com — Cisco Umbrella Rank: 4999
www.google.com — Cisco Umbrella Rank: 11
clients1.google.com — Cisco Umbrella Rank: 659
region1.analytics.google.com — Cisco Umbrella Rank: 2225
175 KB
10 6sc.co
j.6sc.co — Cisco Umbrella Rank: 14010
c.6sc.co — Cisco Umbrella Rank: 19472
ipv6.6sc.co — Cisco Umbrella Rank: 14550
b.6sc.co — Cisco Umbrella Rank: 7792
19 KB
6 stackadapt.com
tags.srv.stackadapt.com — Cisco Umbrella Rank: 4568
11 KB
5 ktxlytics.io
trackit.ktxlytics.io — Cisco Umbrella Rank: 80737
c2.ktxlytics.io — Cisco Umbrella Rank: 59470
99 KB
5 linkedin.com
platform.linkedin.com — Cisco Umbrella Rank: 7471
px.ads.linkedin.com — Cisco Umbrella Rank: 830
px4.ads.linkedin.com — Cisco Umbrella Rank: 7048
162 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 96
region1.google-analytics.com — Cisco Umbrella Rank: 1878
22 KB
4 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 4608
203 KB
4 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1600
analytics.twitter.com — Cisco Umbrella Rank: 1065
syndication.twitter.com — Cisco Umbrella Rank: 1900
133 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 229
275 KB
4 hubspotusercontent-na1.net
142972.fs1.hubspotusercontent-na1.net
186 KB
3 zi-scripts.com
js.zi-scripts.com — Cisco Umbrella Rank: 23579
3 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 3974
625 B
3 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 806
ib.adnxs.com — Cisco Umbrella Rank: 360
2 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 691
14 KB
3 salesloft.com
scout-cdn.salesloft.com — Cisco Umbrella Rank: 25762
scout.salesloft.com — Cisco Umbrella Rank: 30841
4 KB
3 bizible.com
cdn.bizible.com — Cisco Umbrella Rank: 13961
26 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
stats.g.doubleclick.net — Cisco Umbrella Rank: 175
2 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
289 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 410
10 KB
2 zoominfo.com
ws.zoominfo.com — Cisco Umbrella Rank: 10820
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
234 B
2 6sense.com
epsilon.6sense.com — Cisco Umbrella Rank: 23716
844 B
2 hubspot.com
app.hubspot.com — Cisco Umbrella Rank: 10205
track.hubspot.com — Cisco Umbrella Rank: 4798
2 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1593
44 KB
2 plausible.io
plausible.io — Cisco Umbrella Rank: 15933
2 KB
1 t.co
t.co — Cisco Umbrella Rank: 707
376 B
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 2076
637 B
1 bizibly.com
cdn.bizibly.com — Cisco Umbrella Rank: 22453
204 B
1 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 964
149 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 1078
15 KB
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 4897
1 KB
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1759
8 KB
1 usemessages.com
js.usemessages.com — Cisco Umbrella Rank: 10102
22 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 4629
21 KB
1 hsappstatic.net
static.hsappstatic.net — Cisco Umbrella Rank: 12088
6 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
1 KB
182 38
Domain Requested by
38 info.varonis.com www.varonis.com
cdn2.hubspot.net
31 cdn2.hubspot.net www.varonis.com
9 www.varonis.com www.varonis.com
js.usemessages.com
7 b.6sc.co www.varonis.com
6 tags.srv.stackadapt.com www.varonis.com
tags.srv.stackadapt.com
cdn.bizible.com
6 www.google.com cse.google.com
www.varonis.com
4 c2.ktxlytics.io 1 redirects cdn.bizible.com
www.varonis.com
4 js.hs-banner.com www.varonis.com
js.hs-banner.com
4 connect.facebook.net www.varonis.com
connect.facebook.net
4 142972.fs1.hubspotusercontent-na1.net cdn2.hubspot.net
3 js.zi-scripts.com www.varonis.com
js.zi-scripts.com
3 px.ads.linkedin.com 2 redirects cdn.bizible.com
3 www.google.de www.varonis.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
www.varonis.com
3 cdn.bizible.com www.googletagmanager.com
www.varonis.com
cdn.bizible.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
cdn.bizible.com
3 www.googletagmanager.com www.varonis.com
www.googletagmanager.com
www.google-analytics.com
3 cse.google.com www.varonis.com
www.google.com
3 cdnjs.cloudflare.com www.varonis.com
2 ws.zoominfo.com js.zi-scripts.com
2 www.facebook.com www.varonis.com
2 stats.g.doubleclick.net cdn.bizible.com
www.googletagmanager.com
2 epsilon.6sense.com cdn.bizible.com
2 scout.salesloft.com cdn.bizible.com
2 secure.adnxs.com 1 redirects www.varonis.com
2 snap.licdn.com www.googletagmanager.com
snap.licdn.com
2 platform.twitter.com www.varonis.com
platform.twitter.com
2 plausible.io www.varonis.com
plausible.io
1 track.hubspot.com
1 region1.analytics.google.com www.googletagmanager.com
1 px4.ads.linkedin.com www.varonis.com
1 ib.adnxs.com 1 redirects
1 syndication.twitter.com platform.twitter.com
1 region1.google-analytics.com www.googletagmanager.com
1 ipv6.6sc.co cdn.bizible.com
1 c.6sc.co cdn.bizible.com
1 analytics.twitter.com www.varonis.com
1 t.co www.varonis.com
1 alb.reddit.com www.varonis.com
1 clients1.google.com www.varonis.com
1 cdn.bizibly.com www.varonis.com
1 app.hubspot.com www.varonis.com
1 insight.adsrvr.org www.varonis.com
1 trackit.ktxlytics.io www.varonis.com
1 j.6sc.co www.varonis.com
1 static.ads-twitter.com www.varonis.com
1 scout-cdn.salesloft.com www.varonis.com
1 js.hs-scripts.com www.googletagmanager.com
1 www.redditstatic.com www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 js.usemessages.com www.varonis.com
1 js.hs-analytics.net www.varonis.com
1 static.hsappstatic.net www.varonis.com
1 platform.linkedin.com www.varonis.com
1 fonts.googleapis.com www.varonis.com
182 55
Subject Issuer Validity Valid
imperva.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-30 -
2024-02-26		 6 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
hubspot.net
Cloudflare Inc ECC CA-3		 2023-04-06 -
2024-04-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
plausible.io
R3		 2023-09-16 -
2023-12-15		 3 months crt.sh
platform.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-07-11 -
2024-07-10		 a year crt.sh
hsappstatic.net
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
hubspotusercontent-na1.net
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-07 -
2023-09-28		 3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-25 -
2024-02-21		 6 months crt.sh
io.bizible.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-01 -
2024-07-01		 a year crt.sh
salesloft.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-20 -
2024-04-18		 a year crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M02		 2023-09-09 -
2024-10-07		 a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
6sc.co
R3		 2023-08-19 -
2023-11-17		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 05		 2023-07-26 -
2024-01-22		 6 months crt.sh
*.ktxlytics.io
Amazon RSA 2048 M02		 2023-06-19 -
2024-07-16		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2023-02-05 -
2024-02-05		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-01 -
2024-02-28		 6 months crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.6sense.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-06-02 -
2023-12-02		 6 months crt.sh
*.google.de
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
js.zi-scripts.com
Amazon RSA 2048 M03		 2023-09-17 -
2024-10-16		 a year crt.sh
zoominfo.com
Cloudflare Inc ECC CA-3		 2023-04-04 -
2024-04-03		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&_hsmi=274892453&_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&utm_content=274892453&utm_source=hs_email
Frame ID: 3DF0DB8B38ED43F24E7D17E8F468C7AD
Requests: 176 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.varonis.com
Frame ID: DBFC39156483EE1150F03D08D49A8177
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 365788345DC0ED17617379832BAB9375
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CrossTalk and Secret Agent: Two Attack Vectors on Okta's Identity Suitesearch

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource
Overall confidence: 100%
Detected patterns
  • //platform\.linkedin\.com/in\.js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • plausible\.io/js/plausible\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

182
Requests

97 %
HTTPS

65 %
IPv6

38
Domains

55
Subdomains

49
IPs

3
Countries

6111 kB
Transfer

9304 kB
Size

57
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 115
  • https://secure.adnxs.com/px?id=1629798&seg=31639437&t=2&gtmcb=129093072 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1629798%26seg%3D31639437%26t%3D2%26gtmcb%3D129093072
Request Chain 152
  • https://ib.adnxs.com/getuid?https://c2.ktxlytics.io/com.snowplowanalytics.iglu/v1?schema=iglu:io.kortx/dsp_sync/jsonschema/1-0-0&aid=6621358&dsp_type=adnxs&p=web&dsp_uid=$UID HTTP 302
  • https://c2.ktxlytics.io/com.snowplowanalytics.iglu/v1?schema=iglu:io.kortx/dsp_sync/jsonschema/1-0-0&aid=6621358&dsp_type=adnxs&p=web&dsp_uid=4828842153841139391 HTTP 302
  • https://c2.ktxlytics.io/com.snowplowanalytics.iglu/v1?dsp_uid=4828842153841139391&aid=6621358&n3pc=true&schema=iglu:io.kortx/dsp_sync/jsonschema/1-0-0&p=web&dsp_type=adnxs
Request Chain 156
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=23300%2C4766249&time=1695239832091&url=https%3A%2F%2Fwww.varonis.com%2Fblog%2Fokta-attack-vectors%3Futm_medium%3Demail%26amp%3B_hsmi%3D274892453%26amp%3B_hsenc%3Dp2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA%26amp%3Butm_content%3D274892453%26amp%3Butm_source%3Dhs_email&tm=gtmv2 HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=23300%2C4766249&time=1695239832091&url=https%3A%2F%2Fwww.varonis.com%2Fblog%2Fokta-attack-vectors%3Futm_medium%3Demail%26amp%3B_hsmi%3D274892453%26amp%3B_hsenc%3Dp2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA%26amp%3Butm_content%3D274892453%26amp%3Butm_source%3Dhs_email&tm=gtmv2&cookiesTest=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=23300%2C4766249&time=1695239832091&url=https%3A%2F%2Fwww.varonis.com%2Fblog%2Fokta-attack-vectors%3Futm_medium%3Demail%26amp%3B_hsmi%3D274892453%26amp%3B_hsenc%3Dp2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA%26amp%3Butm_content%3D274892453%26amp%3Butm_source%3Dhs_email&tm=gtmv2&cookiesTest=true&e_ipv6=AQIKd_ASLfHMCgAAAYq0KwMLwI4SHPhwQ6-ZNGxW0WPf7psJm4phukg61-OKz_mInexTAyeO

182 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request okta-attack-vectors
www.varonis.com/blog/ 		217 KB
59 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52d3da85ce89f2d11d9b35a05f01ed813023af731829a88556f028e18f881616
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
s-maxage=10800, max-age=0
cf-ray
809ca2cde820b3b0-MUC
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Wed, 20 Sep 2023 19:57:10 GMT
edge-cache-tag
CT-100052431977,CT-100138283282,CT-100247379222,CT-98243756052,CG-740355147,P-142972,CW-104582894481,CW-114784368718,CW-115642542216,CW-115948073012,CW-115948073023,CW-125777074029,CW-60280511003,CW-71662020467,CW-87397221683,CW-87930956413,CW-87944291354,CW-96126751858,CW-97266453797,E-100805726527,E-106410557973,E-108364953711,E-114794918156,E-115634408573,E-60279793823,E-60280511142,E-60281971978,E-60281971998,E-60281972084,E-73655310759,E-80785228186,E-87927120033,E-98046358057,MENU-87776709421,RA-60280510996,PGS-ALL,SW-2,B-740355147,GC-100803005043,GC-115636626695,GC-115977342816,GC-125774591019,GC-135490609319,GC-80785228207,GC-87929337765,GC-87930955017,GC-87944143779,TS-60284153915
etag
W/"b7df2f0873e3bc787420897b55cb9d23"
last-modified
Wed, 20 Sep 2023 17:26:10 GMT
link
</hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js>; rel=preload; as=script,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LOMUotzttNhUFPdTbbW23poAdkfyqTkQMIC3bUs7aNgMS8MNSjQBDWge2TIyinDHf0ZF5Hw70S6C049iJLLux5rbFILao3Y%2BDDzacMvnPrry1xtM3Sxt8STQqm3XOC9bfw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-cdn
Imperva
x-hs-cache-config
BrowserCache-5s-EdgeCache-180s
x-hs-cache-control
s-maxage=10800, max-age=0
x-hs-cf-cache-status
HIT
x-hs-content-id
98243756052
x-hs-https-only
worker
x-hs-hub-id
142972
x-hs-prerendered
Wed, 20 Sep 2023 17:26:10 GMT
x-iinfo
7-8278659-8278661 NNNN CT(5 9 0) RT(1695239830256 10) q(0 0 0 1) r(1 1) U12
index.js
www.varonis.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.varonis.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
fd5e0c3a0682f03217f201588e51e77bf778d5506224074918f505423f0e25a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 21 Apr 2023 15:17:56 GMT
x-cdn
Imperva
etag
W/"0bbd63c0750f141fd5cec04a9393647e"
content-type
application/javascript
x-iinfo
7-8278659-0 0CNN RT(1695239830256 158) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=28361977, public
content-length
4039
expires
Wed, 14 Aug 2024 02:16:47 GMT
project.js
www.varonis.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 		1 KB
699 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.varonis.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 09 Nov 2021 16:12:42 GMT
x-cdn
Imperva
etag
W/"61ca66de658cab9587e4636894680d5d"
content-type
application/javascript
x-iinfo
7-8278659-0 0CNN RT(1695239830256 167) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=28361977, public
content-length
562
expires
Wed, 14 Aug 2024 02:16:47 GMT
prism-okaidia.min.css
cdnjs.cloudflare.com/ajax/libs/prism/1.29.0/themes/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prism/1.29.0/themes/prism-okaidia.min.css
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf31d510ed313a8566d08e9b4fdbf94a0a51b35718372bc4bc75d6ff5c8282a5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://www.varonis.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5964040
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
518
last-modified
Tue, 23 Aug 2022 12:03:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6304c227-206"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z6DYTifi2nNEERqabQjQBjSHBPobxh2Yb2BvL3f%2BqMUtFSai8RPCO8OrNCusHx%2FPVt9wt1sSroo4KuwgwOufaWNEmO1uk%2B6jnfbYJxtbiApnYqNpOSozqvxKuQxwK%2BtUuFf8uJBBzt6UvayIsSQamyGk"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
809ca2ceda5218dc-FRA
expires
Mon, 09 Sep 2024 19:57:10 GMT
jquery-1.11.2.js
www.varonis.com/hs/hsstatic/jquery-libs/static-1.4/jquery/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.varonis.com/hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 08 Jan 2015 18:08:00 GMT
x-cdn
Imperva
etag
W/"5790ead7ad3ba27397aedfa3d263b867"
content-type
application/javascript
x-iinfo
7-8278659-0 0CNN RT(1695239830256 171) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=28361977, public
content-length
33204
expires
Wed, 14 Aug 2024 02:16:47 GMT
blog-no-code-styles.min.css
cdn2.hubspot.net/hub/142972/hub_generated/template_assets/115634408573/1691779171899/hook-www-varonis/css/templates/ 		46 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/142972/hub_generated/template_assets/115634408573/1691779171899/hook-www-varonis/css/templates/blog-no-code-styles.min.css
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ed2a2edca25cc1dd846e20cab22088d9c5b7991f52ff78f8ed21930fe92ad46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-encoding
br
age
1644703
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-hs-cf-lambda
us-east-1.EnforceAclForReads 2
x-evy-trace-listener
listener_https
etag
W/"ee303a3eadd35fd691e5a50c469af706"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1691779172809
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 2
date
Wed, 20 Sep 2023 19:57:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
b27d4992-aadf-4ddf-b76a-5ba4028c6587
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
170
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
b27d4992-aadf-4ddf-b76a-5ba4028c6587
last-modified
Fri, 11 Aug 2023 18:39:33 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qdx%2B3Qy%2Fn%2FS9TLkOr1yPHu67T4zpBl8N1JlkHGTwZCFkYoTd9Bn7x2gnx%2BnXho%2FD4JLkU%2FpTbVOQk%2B%2FQN8454P2%2FXOFRddxQXqqwJJPaxGNs4eZPNgkVokZOc2gi7vZnF7NVfkQ97Gfyj%2FJc880%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-cdn2-td/envoy-proxy-8dfbb9f7c-q4t87
cf-ray
809ca2cece711daa-FRA
css2
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Mono:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7c0fbbadde40aed1e86f4c46ea2fc1a26749994e48dc90a5bce7fd466712d99e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 20 Sep 2023 19:57:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Sep 2023 19:57:10 GMT
main.min.css
cdn2.hubspot.net/hub/142972/hub_generated/template_assets/60281971998/1695166897927/hook-www-varonis/css/ 		95 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/142972/hub_generated/template_assets/60281971998/1695166897927/hook-www-varonis/css/main.min.css
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11fe90edd9fc5cc3d226b4445c7e08d7da16e188388b2d4f12cbbccf28ddd3b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-encoding
br
age
72450
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-hs-cf-lambda
us-east-1.EnforceAclForReads 2
x-evy-trace-listener
listener_https
etag
W/"c144a1721caa377faf12f14a1dc0dcd5"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1695166899099
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 2
date
Wed, 20 Sep 2023 19:57:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
e0a84184-95b1-4baa-8ef7-88154e71749c
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
156
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
e0a84184-95b1-4baa-8ef7-88154e71749c
last-modified
Tue, 19 Sep 2023 23:41:40 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0eVdBqAJBut8TzLYik%2BpdAvtFnnWq3rgLkff4gzq7%2F5RTdcyOZWHetzC0oF62IfM3f1w3tebCpU9xwdWDymIRP700vcrDV7nw0WMFldoZryJE2o4M%2BzJZoROecqTJNl1isvYBUqAjEaLzdJZL5g%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-cdn2-td/envoy-proxy-8dfbb9f7c-q4t87
cf-ray
809ca2cece741daa-FRA
fonts.min.css
cdn2.hubspot.net/hub/142972/hub_generated/template_assets/60281971978/1681414273295/hook-www-varonis/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/142972/hub_generated/template_assets/60281971978/1681414273295/hook-www-varonis/css/fonts.min.css
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95c37cf1f09574f5dbb61a679e2039cf3fc891acb3c5d8ad40a5a8133bd6afd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1115720
x-amz-cf-pop
IAD66-C1
x-amz-server-side-encryption
AES256
x-hs-alternate-content-type
text/plain
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 13 Apr 2023 19:31:15 GMT
server
cloudflare
etag
W/"97e878d1ce8d38d99c26c5232d3e6c7a"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1681414274070
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iI1XH3CwqXFvzh2KowOb%2F8i5mNEfB6%2F3heWRxP4ZayiqUPQxUdAzWM%2FnkKe%2FJb74wHy8viimthYXfHm8AbF4ok%2FxnPE%2Fr9A86Y29ExHb0sC6Lh6E0Cg14O0yK%2FYftfm2PNGb2KyRD8joP3xhmkU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
809ca2cece751daa-FRA
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
module_71662020467_Announcement_Banner.min.css
cdn2.hubspot.net/hub/142972/hub_generated/module_assets/71662020467/1675114924139/ 		1 KB
925 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/142972/hub_generated/module_assets/71662020467/1675114924139/module_71662020467_Announcement_Banner.min.css
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ffd7ab24503a28bb9eb6137b4d1e1664ed138dca5d1ced6d1a98ff841a24541

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1349827
x-amz-cf-pop
IAD89-P2
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
x-hs-alternate-content-type
text/plain
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
141
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
0b4eedc5-fabb-4978-8914-f2cd5dacbb26
last-modified
Mon, 30 Jan 2023 21:42:05 GMT
server
cloudflare
etag
W/"dc5b8e6da3be06320569bf90cfe1b4c6"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1675114924139
x-evy-trace-virtual-host
all
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tPuQ8S2HwYRUekAN8cC69CHC8bbE%2B4xvKvPu7m2Nj6v7ltQH3%2FrgXOIplGIAV%2Fb3cZX%2FfPmNbkUz1ClUUxeEG%2BRVwusHY%2B058dauZ8EdJvBjJFfTVldZWBlLALmA%2B66I%2B%2BQIitDtpeXhbMm8dlk%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-cdn2-td/envoy-proxy-6db9d854cb-qmj5d
cf-ray
809ca2cece7c1daa-FRA
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
module_97266453797_Remediation_Announcement_Banner.min.css
cdn2.hubspot.net/hub/142972/hub_generated/module_assets/97266453797/1680550133721/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/142972/hub_generated/module_assets/97266453797/1680550133721/module_97266453797_Remediation_Announcement_Banner.min.css
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f31e1ce1202bc0ee8105deb5885a4b7b389b2cf936bff83f05032c8a2cafd0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
135606
x-amz-cf-pop
IAD89-P1
x-amz-server-side-encryption
AES256
x-hs-alternate-content-type
text/plain
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 03 Apr 2023 19:28:54 GMT
server
cloudflare
etag
W/"25e2f39fad365df55a45617ede2ed5ba"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1680550133721
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGKD%2FBuJCZ9GqvLdlcPmErtl5DDZzw31DdbFYo0GKajuUdg1c4S8sDuDC%2F3oeXs5G%2BEa4av9bi%2Fqq8cqv2Xg1YEo1Z00d3yiEmWvDY0Hqy0U9942g9kTZPyXuYIFSEcnQjDpwQCi5gtDt85i1vg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
809ca2cece8e1daa-FRA
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
module_96126751858_Site_Navigation.min.css
cdn2.hubspot.net/hub/142972/hub_generated/module_assets/96126751858/1691030600211/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/142972/hub_generated/module_assets/96126751858/1691030600211/module_96126751858_Site_Navigation.min.css
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45c7614c18a99d6d92d12cd7f4f06a07ce88256882a8889574d265fc32eace0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-encoding
br
age
575041
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-hs-cf-lambda
us-east-1.EnforceAclForReads 2
x-evy-trace-listener
listener_https
etag
W/"1e14b5836ec1ab1e8354d2661a31a88f"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1691030600211
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 2
date
Wed, 20 Sep 2023 19:57:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
d1599fbf-b690-4072-b013-4dc5c8bcf1b9
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
178
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
d1599fbf-b690-4072-b013-4dc5c8bcf1b9
last-modified
Thu, 03 Aug 2023 02:43:21 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zhtMj%2F1sb0XVPW25E8SyZ6RrsMyaV7%2BDAN0qAbon4WksO9c8AAT6tpatmYsxI0gYDiaky%2B6lfol8XB%2FZZQ1KmCmjIhEnBOckhFTRysPuWh0a7TFjFjsMSKLGSYsX7x8zCbANlSIxP3dNFCFiqVk%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-cdn2-td/envoy-proxy-8dfbb9f7c-hml5r
cf-ray
809ca2cece781daa-FRA
module_125777074029_Navigation_Submenu.min.css
cdn2.hubspot.net/hub/142972/hub_generated/module_assets/125777074029/1692210033148/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/142972/hub_generated/module_assets/125777074029/1692210033148/module_125777074029_Navigation_Submenu.min.css
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ef71ca3de1b4e89664ec102fe490b2abfbc80350253421c50a31bd3b22b9722

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-encoding
br
age
1209814
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-hs-cf-lambda
us-east-1.EnforceAclForReads 2
x-evy-trace-listener
listener_https
etag
W/"4d29d054ec06349f29591688037aa80f"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1692210033148
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 2
date
Wed, 20 Sep 2023 19:57:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD55-P1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
4d55eb47-d623-435a-8413-256bb8a12d47
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
163
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
4d55eb47-d623-435a-8413-256bb8a12d47
last-modified
Wed, 16 Aug 2023 18:20:34 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ei1Uuq3KEBbX65S3Y1CiDG8f3xUlvdGlRf1K20P0XEacHHNqN5PuGYMQ5eKVtPz4b9pM1eb941RG3oCHO4152aTTKkNivi%2BMhvAILEdWB6dy9BWrY%2Fj9Xca4jIQcGCmzlpo4NkyegoNA48xwEOg%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-cdn2-td/envoy-proxy-8dfbb9f7c-nn77m
cf-ray
809ca2cece831daa-FRA
LanguageSwitcher.css
www.varonis.com/hs/hsstatic/cos-LanguageSwitcher/static-1.11/sass/ 		1 KB
763 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.varonis.com/hs/hsstatic/cos-LanguageSwitcher/static-1.11/sass/LanguageSwitcher.css
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
957a85939578fa14d2371922b58dcbf67f9b769e459f38699ceee6a84751134d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 10 Mar 2020 17:42:28 GMT
x-cdn
Imperva
etag
W/"116ce0ec359fc58e099de58c90ed35b9"
content-type
text/css
x-iinfo
7-8278659-0 0CNN RT(1695239830256 163) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=28362567, public
content-length
578
expires
Wed, 14 Aug 2024 02:26:37 GMT
module_115948073012_Blog_Post_Header.min.css
cdn2.hubspot.net/hub/142972/hub_generated/module_assets/115948073012/1693341707705/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/142972/hub_generated/module_assets/115948073012/1693341707705/module_115948073012_Blog_Post_Header.min.css
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a1f86c63c2ee772b07a6f678e7f8cd51b3aea064d83423eb213fb1df9d6b34c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-encoding
br
age
83371
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-hs-cf-lambda
us-east-1.EnforceAclForReads 2
x-evy-trace-listener
listener_https
etag
W/"f5bff8587da6703942d1e04601fb2ccc"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1693341707705
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 2
date
Wed, 20 Sep 2023 19:57:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD66-C1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
41525740-938d-4bb3-ac37-4631defc7afb
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
148
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
41525740-938d-4bb3-ac37-4631defc7afb
last-modified
Tue, 29 Aug 2023 20:41:48 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7Iu9pJfuVX9%2Ba0w6YRLd7BcsLVpyZ64kXf4o6v6mQdaFmU2O%2BvBAZ07caIIS4SODi6Mv5ttH7NhI2Qchemyu19dq%2FFhPDi9xCkI0ik4ftnai9shjd1y9A5CvTVMsj98f%2FGzBGSADUU6avmzhU4%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-cdn2-td/envoy-proxy-8dfbb9f7c-q4t87
cf-ray
809ca2cece7a1daa-FRA
module_115948073023_Table_of_Contents_Sidebar_-_Global.min.css
cdn2.hubspot.net/hub/142972/hub_generated/module_assets/115948073023/1691779300110/ 		758 B
807 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/142972/hub_generated/module_assets/115948073023/1691779300110/module_115948073023_Table_of_Contents_Sidebar_-_Global.min.css
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0420b36738d9457c3f40a67c69135b170861becd9bac983563b3aeada5287aa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-encoding
br
age
1645970
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 2
x-evy-trace-listener
listener_https
etag
W/"af2e09f2a3860d065ab2b884c54bad8b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1691779300110
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 2
date
Wed, 20 Sep 2023 19:57:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
4adc6e92-4e62-4268-b467-8e2cc5470e85
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
140
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
4adc6e92-4e62-4268-b467-8e2cc5470e85
last-modified
Fri, 11 Aug 2023 18:41:41 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRMjQwnNpSak4umFUmA3dTYtaoTsEUXILOuTkhgCrWx6iTIWSgRH6DuPoZe8pJ29BUbi0b5Vooz1drqoB%2B0bSrl1GjGNtRn1kJ6wTZxKR3EmJuVrtK3ZQYrd9gSh8i2B2bU828kQ%2BoDdDJD89E0%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-cdn2-td/envoy-proxy-8dfbb9f7c-nn77m
cf-ray
809ca2cece7e1daa-FRA
module_60280511003_blog-form.min.css
cdn2.hubspot.net/hub/142972/hub_generated/module_assets/60280511003/1678832789186/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/142972/hub_generated/module_assets/60280511003/1678832789186/module_60280511003_blog-form.min.css
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e2924c80f612bf59a0cb21d31b05f0575ed143922e412e3e061bf02f5d5960a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1644703
x-amz-cf-pop
IAD89-P1
x-amz-server-side-encryption
AES256
x-hs-alternate-content-type
text/plain
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 14 Mar 2023 22:26:30 GMT
server
cloudflare
etag
W/"0beb1a886bb335c582b07556399b13e8"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1678832789186
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNfdeLKbpdD%2ByXpjkd%2BRfwa%2FfK%2Fih9pZMcvH19la1N3IcbjBYp8cXRhH%2BXEiTMFgr%2FmCj%2BW29BnpjrPNaVU3hucXDDfkX9KULFBZ5Pj4Qi4QTqOQRy5oTAUIgjeWn0BRkxr%2BXOmjVpyuo35ZRHg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
809ca2cece881daa-FRA
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
module_104582894481_What_You_Should_Do_Now_-_Global.min.css
cdn2.hubspot.net/hub/142972/hub_generated/module_assets/104582894481/1692928068437/ 		46 B
820 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/142972/hub_generated/module_assets/104582894481/1692928068437/module_104582894481_What_You_Should_Do_Now_-_Global.min.css
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8499144a67d70c01a19de99fb20ca5e7da3337e44814419b9a9c867da619b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

age
488309
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-hs-cf-lambda
us-east-1.EnforceAclForReads 2
x-evy-trace-listener
listener_https
etag
"7e0b52d7773d1bdc69885fe97aa20285"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1692928068437
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 2
date
Wed, 20 Sep 2023 19:57:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD66-C1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
5d82cead-e02d-4884-ad96-62fd591f2ae0
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
169
alt-svc
h3=":443"; ma=86400
content-length
46
x-evy-trace-route-configuration
listener_https/all
x-request-id
5d82cead-e02d-4884-ad96-62fd591f2ae0
last-modified
Fri, 25 Aug 2023 01:47:49 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mTS%2BW8LETbIFS%2BDLV6xb1Jb7Vn8i7j2fuXd2vOb0gFgmMB4yJe%2BnTdQMW%2Fj0zxjOcrEu5lgXZHZp5bc6sI%2BmCeemYyY4hf1YqBOgMTVuWYixx3J91B2uWVmtbnor8pEc0%2FEifPh2JrmxwOI4XAs%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-cdn2-td/envoy-proxy-8dfbb9f7c-nn77m
accept-ranges
bytes
cf-ray
809ca2cece901daa-FRA
module_115642542216_Blog_Post_Conversion_Panel.min.css
cdn2.hubspot.net/hub/142972/hub_generated/module_assets/115642542216/1684180718003/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/142972/hub_generated/module_assets/115642542216/1684180718003/module_115642542216_Blog_Post_Conversion_Panel.min.css
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d514e3fc3d638136890b4a1f61d2f861af3bbd8f997ca15685efbd22554538c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1795037
x-amz-cf-pop
IAD89-C1
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
x-hs-alternate-content-type
text/plain
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
175
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
5119b3dc-4a97-4ee2-81e9-253064842a10
last-modified
Mon, 15 May 2023 19:58:39 GMT
server
cloudflare
etag
W/"688ebc7b9f5e3593cecd51eb92e4c6e6"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1684180718003
x-evy-trace-virtual-host
all
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HUhcaFJd32%2FkwZsj02rMSBv%2B3Tpi47U%2BjJkhVp%2BS14yITP3dPdY7vOOibVQoE0XQ8Z0WXQjPl3VRqlCxtHdYuXMm%2FXigCGapJUk5q%2Fj%2FwU4EGW20mLkgrM%2BBW%2BaBCKeXI%2F%2FpW4%2FUOoh74gzgdiY%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-cdn2-td/envoy-proxy-8dfbb9f7c-65zd4
cf-ray
809ca2cece851daa-FRA
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
module_114784368718_Blog_Keep_Reading.min.css
cdn2.hubspot.net/hub/142972/hub_generated/module_assets/114784368718/1684524759023/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/142972/hub_generated/module_assets/114784368718/1684524759023/module_114784368718_Blog_Keep_Reading.min.css
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1a1846f2d4d1abd1379f703e256e92f3b4b138f6dc90fdd8c99c58b7ca43457

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1795037
x-amz-cf-pop
IAD89-C1
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
x-hs-alternate-content-type
text/plain
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
116
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
96dd81bb-9126-4eac-a5bc-abd140019136
last-modified
Fri, 19 May 2023 19:32:40 GMT
server
cloudflare
etag
W/"d922d55fec70ef38b027578f64a0010f"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1684524759023
x-evy-trace-virtual-host
all
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJP2Fyq7zLRFZX3fnsxAnNiy6eZwuU3Sv%2BwcIH%2BBw%2B10BF2jRdrm8epbTtH9wi5uxTjlrvd96QsFlVvYeQV3z83Ps0M4ZUrm1RcxfANK4W%2FJlkAqq5YeMDQWtNsaaSjg9MeGDjBiXHgRRNKUi8A%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-cdn2-td/envoy-proxy-8dfbb9f7c-65zd4
cf-ray
809ca2cece791daa-FRA
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
module_87397221683_Footer_Site_Directory.min.css
cdn2.hubspot.net/hub/142972/hub_generated/module_assets/87397221683/1690924310897/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/142972/hub_generated/module_assets/87397221683/1690924310897/module_87397221683_Footer_Site_Directory.min.css
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
456766b19e4bca3d3e998e25a416376f2158061b925f28f32527aee2ff1e28db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-encoding
br
age
683405
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-hs-cf-lambda
us-east-1.EnforceAclForReads 2
x-evy-trace-listener
listener_https
etag
W/"8853d36396f354f645f3057dfc260fb6"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1690924310897
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 2
date
Wed, 20 Sep 2023 19:57:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
0944d81a-13a3-44ae-a132-145cbc45f51c
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
204
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
0944d81a-13a3-44ae-a132-145cbc45f51c
last-modified
Tue, 01 Aug 2023 21:11:51 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mt52EuobIyQXp5gC8hej0BE7TizuVfk0oNhTMAuUCH5juU%2FCap23%2BbcalNgvY4yPhCWVq9P3dATzNPLKCY39LA%2BkwCAkbHJGwmbaNHZSmUFkSLhHyPGdpkKQpgSwGIY27zE%2BnAVZxka7ZTgo4wQ%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-cdn2-td/envoy-proxy-8dfbb9f7c-8ktx6
cf-ray
809ca2cece871daa-FRA
module_87930956413_Footer_Legal_Links.min.css
cdn2.hubspot.net/hub/142972/hub_generated/module_assets/87930956413/1678467830039/ 		207 B
867 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/142972/hub_generated/module_assets/87930956413/1678467830039/module_87930956413_Footer_Legal_Links.min.css
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f08978088fd2635efee64efe38bdf155d6258f8b547fca43381435d0048ce46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
376773
x-amz-cf-pop
IAD89-P1
x-amz-server-side-encryption
AES256
x-hs-alternate-content-type
text/plain
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 10 Mar 2023 17:03:51 GMT
server
cloudflare
etag
W/"96007886169fd0ec341d641653f4f98b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1678467830039
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CrC0QgPQWe1IdaRudaSL%2FThR3w1OZM75Lu5yiqhhDBi7Rn8KJEqhvfF%2BeTDLMwYj27Cl7ve1m0LkhTW2pt8QTUhGX9hpc%2Bakmjj%2F8QQpP7wNzsP8P5dfkE47T9LDUqsiYPbP6NkVtmKmw6uZyuE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
809ca2cece8a1daa-FRA
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
module_87944291354_Footer_Copyright.min.css
cdn2.hubspot.net/hub/142972/hub_generated/module_assets/87944291354/1674235657411/ 		45 B
489 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/142972/hub_generated/module_assets/87944291354/1674235657411/module_87944291354_Footer_Copyright.min.css
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce52d3c9ed8217ae0ca3dd0479d5ced16baf2de6625e0c81166471aaa956136d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1578983
x-amz-cf-pop
IAD12-P2
x-amz-server-side-encryption
AES256
x-hs-alternate-content-type
text/plain
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
alt-svc
h3=":443"; ma=86400
content-length
45
last-modified
Fri, 20 Jan 2023 17:27:38 GMT
server
cloudflare
etag
"c54f91357d03928424b38f6d19c9c224"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1674235657411
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7z56OHhxeh3Q7PBherOzfCWBREBba7N4NS%2B2qq6DFSL%2BEvxZEhuIeDNqoaeUYZe66phGYFdApQMwzK6LWn49u9pdqjwHSttLl77lOaJml%2B1oOEjF%2BHiseblLrxesZ%2FqYYGkP3jdaWhaEaGZBGo%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
809ca2cece8c1daa-FRA
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
plausible.js
plausible.io/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plausible.io/js/plausible.js
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
1082
cdn-cachedat
09/20/2023 19:26:26
cdn-pullzone
682664
cross-origin-resource-policy
cross-origin
application
10.0.1.2
alt-svc
h3=":443"; ma=2592000
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cache-control
public, max-age=3600
permissions-policy
interest-cohort=()
cdn-requestid
db5853137cfa0c1be0735cdf1e340b6d
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
in.js
platform.linkedin.com/ 		510 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.linkedin.com/in.js
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:66b5:799a:7cd3:f74d:7071 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CE6) /
Resource Hash
c7d2435a17074fcf9d68f3dc278cdcdbaa0591d4dc6df866c6dd1f4b4f57d2ab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cdn-client-ip-version
IPV6
x-cdn
ECST
age
441
x-cache
HIT
x-cdn-proto
HTTP2
content-length
163638
x-li-uuid
AAYFz62eJewktSC0GiZMXA==
last-modified
Wed, 20 Sep 2023 19:49:49 GMT
server
ECAcc (frc/4CE6)
x-li-pop
prod-lva1-x
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
x-li-fabric
prod-lva1
cache-control
public, max-age=3600
x-li-proto
http/1.1
accept-ranges
bytes
expires
Wed, 20 Sep 2023 20:49:49 GMT
Frame%2036-1.svg
info.varonis.com/hubfs/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/Frame%2036-1.svg
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
4528e78b77fe65b0d6c730e7bc11691455d19dcefb698ebc14931cab40b8423a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Apr 2023 21:05:12 GMT
x-cdn
Imperva
etag
W/"4a0280ec41a09339bc32b34cd26d66f3"
content-type
image/svg+xml
x-iinfo
7-8278659-0 0CNN RT(1695239830256 350) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=462223, public
x-incap-sess-cookie-hdr
paSUPophclKiQSPKTMIPcpZOC2UAAAAAzhTLzsV9eFROH5/CHWX2eQ==
content-length
1384
expires
Tue, 26 Sep 2023 04:20:53 GMT
Frame%2036%20(2).svg
info.varonis.com/hubfs/ 		2 KB
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/Frame%2036%20(2).svg
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
a4450600125b5cdb5761654bbe725c5b4fcbc8e1a89f0a14b20f77157afc5715
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Apr 2023 21:05:13 GMT
x-cdn
Imperva
etag
"db75d74e33e96cccf27b2b6b95161418"
content-type
image/svg+xml
x-iinfo
7-8278659-0 0CNN RT(1695239830256 352) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=458332, public
x-incap-sess-cookie-hdr
J+WYYMmnGxuiQSPKTMIPcpZOC2UAAAAAB5yQTh3C8cRIz4Py2Qg6MA==
content-length
779
expires
Tue, 26 Sep 2023 03:16:02 GMT
Frame%2036%20(1).svg
info.varonis.com/hubfs/ 		1 KB
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/Frame%2036%20(1).svg
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c08ffc3f238414942b195ebfaa0516e524b4e6b6c5201c52b5174f5599282a23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 07 Apr 2023 16:37:00 GMT
x-cdn
Imperva
etag
"7cba335c1df43bbb31b831c70444dc5c"
content-type
image/svg+xml
x-iinfo
7-8278659-0 0CNN RT(1695239830256 343) q(0 -1 -1 -1) r(1 -1)
cache-control
max-age=458753, public
x-incap-sess-cookie-hdr
ubX0dzt3LguiQSPKTMIPcpZOC2UAAAAAgKUGCv6xspqJNP5bXvRlKw==
content-length
491
expires
Tue, 26 Sep 2023 03:23:03 GMT
NavIcon_M365_2.svg
info.varonis.com/hubfs/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/NavIcon_M365_2.svg
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
4b9e9037912adf4cb7724b3782cb690b0c90d8d31a5c54a6bfa3f6fc60063de8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 07 Apr 2023 16:33:12 GMT
x-cdn
Imperva
etag
W/"8bcc6d027ad47e870fe16a237dc73bfe"
content-type
image/svg+xml
x-iinfo
7-8278659-0 0CNN RT(1695239830256 348) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=462223, public
x-incap-sess-cookie-hdr
jY3PWrh/yA+iQSPKTMIPcpZOC2UAAAAAxkMMFTq0R/qiBEC1pBgkoA==
content-length
2008
expires
Tue, 26 Sep 2023 04:20:53 GMT
NavIcon_AzureFiles.svg
info.varonis.com/hubfs/Web%20Assets/Logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/Web%20Assets/Logos/NavIcon_AzureFiles.svg
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
8e648da8a366d494100d90e0af69a2945f34e53a2c70432ea12c0303039f2351
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 07 Aug 2023 14:15:32 GMT
x-cdn
Imperva
etag
W/"39f1c52d2cc888b95c60463165cda36d"
content-type
image/svg+xml
x-iinfo
7-8278659-0 0CNN RT(1695239830256 340) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=463908, public
x-incap-sess-cookie-hdr
j5UPcVrvWQ6iQSPKTMIPcpZOC2UAAAAA5GPE+512BIM7cO0UubABuQ==
content-length
885
expires
Tue, 26 Sep 2023 04:48:58 GMT
Logo_Windows_Full-Color-1.svg
info.varonis.com/hubfs/ 		480 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/Logo_Windows_Full-Color-1.svg
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
db1e2dc64218b7044da50d01d0ffb83bcdca49a35b1ab7ffcdef6736863986cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 29 Mar 2023 16:37:38 GMT
x-cdn
Imperva
etag
W/"d694fe76cecc0228afb418373de25fd7"
content-type
image/svg+xml
x-iinfo
7-8278659-0 0CNN RT(1695239830256 346) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=462222, public
x-incap-sess-cookie-hdr
O76ABZqQ7i+iQSPKTMIPcpZOC2UAAAAA8BL+6GaUf/RShp6J5LFvFg==
content-length
324
expires
Tue, 26 Sep 2023 04:20:52 GMT
Icon_Windows%20AD_Full-Color.svg
info.varonis.com/hubfs/ 		308 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/Icon_Windows%20AD_Full-Color.svg
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
a40943594d5eaaa010c66254e2dc4a83d8bc53104602afda2e3b622b8e78e2f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 07 Apr 2023 16:34:52 GMT
x-cdn
Imperva
etag
W/"cd83460848cbb057d8576e5cbd227359"
content-type
image/svg+xml
x-iinfo
7-8278659-0 0CNN RT(1695239830256 412) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=462222, public
x-incap-sess-cookie-hdr
NKb7b7YtYH2iQSPKTMIPcpZOC2UAAAAA8iqlPisMaHYe0bT8md6qiQ==
content-length
203
expires
Tue, 26 Sep 2023 04:20:52 GMT
Logo_GoogleDrive_icon.svg
info.varonis.com/hubfs/ 		1 KB
777 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/Logo_GoogleDrive_icon.svg
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
b40e79c5d412914e928d19e3cda375d940ed037dd6a1f6d7613b894e39898094
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 29 Mar 2023 16:35:55 GMT
x-cdn
Imperva
etag
W/"5ed1993efba372d504a94f9cededf3ac"
content-type
image/svg+xml
x-iinfo
7-8278659-0 0CNN RT(1695239830256 415) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=462222, public
x-incap-sess-cookie-hdr
Kz35bfSJxFSiQSPKTMIPcpZOC2UAAAAAfiE1Sn+y8Q7Zb1IcUVU5fQ==
content-length
592
expires
Tue, 26 Sep 2023 04:20:52 GMT
Logo_Salesforce_Full-Color-1.svg
info.varonis.com/hubfs/ 		12 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/Logo_Salesforce_Full-Color-1.svg
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
2f24b7fa64d8f44ddd36d64d9a647d13caea3756513d97abd40e3c8754efc63b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 29 Mar 2023 16:36:04 GMT
x-cdn
Imperva
etag
W/"be309990b75f168448dbfedb6fa65e11"
content-type
image/svg+xml
x-iinfo
7-8278659-0 0CNN RT(1695239830256 417) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=462223, public
x-incap-sess-cookie-hdr
Jm4zdrq7SH+iQSPKTMIPcpZOC2UAAAAA4pJeCyoCAJUHsN4m+COLEg==
content-length
4941
expires
Tue, 26 Sep 2023 04:20:53 GMT
Icon_Nasuni_Full-Color-1.svg
info.varonis.com/hubfs/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/Icon_Nasuni_Full-Color-1.svg
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
10426b160a932ef2b98908d2f32aca756777f9d0a90ee2d7bc334cb1629e0ddd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 03 Apr 2023 21:49:22 GMT
x-cdn
Imperva
etag
W/"f0b0eaa5332ee7de29889d93840bfc0f"
content-type
image/svg+xml
x-iinfo
7-8278659-0 0CNN RT(1695239830256 419) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=462223, public
x-incap-sess-cookie-hdr
J2oQfuYd4naiQSPKTMIPcpZOC2UAAAAAU1czFM9wboiz3Du247LAvQ==
content-length
1337
expires
Tue, 26 Sep 2023 04:20:53 GMT
Icon_UNIX_Full-Color-1.svg
info.varonis.com/hubfs/ 		13 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/Icon_UNIX_Full-Color-1.svg
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
5db5a02e960dde70bbf77fb6d28c61d4f6b5c291b3dd08d76a678d17c2d96420
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 07 Apr 2023 16:34:48 GMT
x-cdn
Imperva
etag
"f95d3f7607cf257b1cd570a34d5e7499"
content-type
image/svg+xml
x-iinfo
7-8278659-0 0CNN RT(1695239830256 421) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=461810, public
x-incap-sess-cookie-hdr
sApCAiNf8y+iQSPKTMIPcpZOC2UAAAAAWuy4IjEoC5Q7ALJlIQKqSw==
content-length
5932
expires
Tue, 26 Sep 2023 04:14:00 GMT
Logo_Box_Full-Color-1.svg
info.varonis.com/hubfs/ 		2 KB
955 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/Logo_Box_Full-Color-1.svg
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
f0adb972147098e0e4d6abbd7b83952363c8eab82429760136816142d675e321
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 29 Mar 2023 16:36:00 GMT
x-cdn
Imperva
etag
W/"12fad58f529b97c18d6081296d804d47"
content-type
image/svg+xml
x-iinfo
7-8278659-0 0CNN RT(1695239830256 430) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=462224, public
x-incap-sess-cookie-hdr
u/NRDBQ0mCeiQSPKTMIPcpZOC2UAAAAAyN/C+izDIE5lHFUz/PBn4g==
content-length
730
expires
Tue, 26 Sep 2023 04:20:54 GMT
Logo_Amazon%20Web%20Services_Full-Color%201.svg
info.varonis.com/hubfs/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/Logo_Amazon%20Web%20Services_Full-Color%201.svg
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
12feece8311f076308c2bbd3d8de66155192ea9df9a705a486f8e4684c45c5c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 29 Mar 2023 16:35:59 GMT
x-cdn
Imperva
etag
W/"9ec8f05ec8b4bccf14856667c2f4af0e"
content-type
image/svg+xml
x-iinfo
7-8278659-0 0CNN RT(1695239830256 431) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=462225, public
x-incap-sess-cookie-hdr
wKS8HeVBejqiQSPKTMIPcpZOC2UAAAAATKdWlcYPAPs4/wGuJF9RfA==
content-length
2643
expires
Tue, 26 Sep 2023 04:20:55 GMT
Logo_Okta_Full-Color-1.svg
info.varonis.com/hubfs/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/Logo_Okta_Full-Color-1.svg
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
6bc3c3712e26de83ecb08d0360e70ff826b4fda86e8348a3ee2208b4ab2ebad1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 29 Mar 2023 16:35:58 GMT
x-cdn
Imperva
etag
"6ae59b6e0ce4f86234daff364456a46c"
content-type
image/svg+xml
x-iinfo
7-8278659-0 0CNN RT(1695239830256 433) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=459098, public
x-incap-sess-cookie-hdr
HcDURVs/6B6iQSPKTMIPcpZOC2UAAAAAvrHuBFjFLCa4GEF8rhgxSQ==
content-length
1249
expires
Tue, 26 Sep 2023 03:28:48 GMT
Fill%201.svg
info.varonis.com/hubfs/ 		1 KB
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/Fill%201.svg
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
5a074c8ee602a0b3416f69defbab28371abb92ce73f934afa6e58ecec72b9256
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 27 Mar 2023 20:18:29 GMT
x-cdn
Imperva
etag
W/"6980550af35925ac7c226d9e70c95932"
content-type
image/svg+xml
x-iinfo
7-8278659-0 0CNN RT(1695239830256 435) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=462224, public
x-incap-sess-cookie-hdr
rNOQRolkQmuiQSPKTMIPcpZOC2UAAAAAVhhx1lY7dd3TrnbCpxiDDw==
content-length
659
expires
Tue, 26 Sep 2023 04:20:54 GMT
preview-full-Blog_AuthorPhoto_ThreatLabs_202103_FNL.webp
info.varonis.com/hubfs/ 		290 KB
290 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/preview-full-Blog_AuthorPhoto_ThreatLabs_202103_FNL.webp
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
25955bb316da86073e7c29a4b6c4e77fce1ab6a11b59bc303474fb1e9f4c891a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 31 Mar 2023 01:55:48 GMT
x-cdn
Imperva
etag
"1750568abca481d54f6f192cd8a1f46f"
content-type
image/webp
x-iinfo
7-8278659-0 0CNN RT(1695239830256 424) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=1705792, public
x-incap-sess-cookie-hdr
ircQLYodYQaiQSPKTMIPcpZOC2UAAAAAlSwBnAbe7BXm5WKLANeLKw==
content-length
296752
expires
Tue, 10 Oct 2023 13:47:02 GMT
Blog_VTL-OktaVulnerabilities_BlogHero_202211_V1.2.png
info.varonis.com/hubfs/ 		707 KB
707 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/Blog_VTL-OktaVulnerabilities_BlogHero_202211_V1.2.png
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c5dccc6e612fcc65067fab7c0e43a8d8f56da7b8604de08efa0a3e347b6e8ac7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Apr 2023 21:10:47 GMT
x-cdn
Imperva
etag
"400d2aaa653cc1aad4a6a43be17c4d07"
content-type
image/png
x-iinfo
7-8278659-0 0CNN RT(1695239830256 427) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=1683716, public
x-incap-sess-cookie-hdr
Y3V9ac2N4GyiQSPKTMIPcpZOC2UAAAAAqj7z3kzQ/ROmY/tgI5V0ZQ==
content-length
723461
expires
Tue, 10 Oct 2023 07:39:06 GMT
Blog_VTL_RomCom-Storm-0978_202307_FNL.png
info.varonis.com/hubfs/ 		891 KB
892 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/Blog_VTL_RomCom-Storm-0978_202307_FNL.png
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
35810de334ea35ec5659e1342db16372a812be3d97daef217d83e9ced6174392
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 18 Jul 2023 16:17:18 GMT
x-cdn
Imperva
etag
"ed4525e13e49ca059410a12574663dee"
content-type
image/png
x-iinfo
7-8278659-0 0CNN RT(1695239830256 436) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=1623099, public
x-incap-sess-cookie-hdr
nH0EV+namCyiQSPKTMIPcpZOC2UAAAAAR8ncWMkKsxHHJRdqfwUqhw==
content-length
912261
expires
Mon, 09 Oct 2023 14:48:49 GMT
jason-hill.jpg
info.varonis.com/hubfs/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/jason-hill.jpg
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
db26d8b29b1a327012ef634e50c1e4bc3eafdf52ef35bf9bdc281be8cc2fbbf6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 28 Mar 2023 21:23:36 GMT
x-cdn
Imperva
etag
"8cbc5ef89b6dd83facf0906d344d492e"
content-type
image/jpeg
x-iinfo
7-8278659-8277963 2CNN RT(1695239830256 438) q(0 0 0 -1) r(1 1) U18
cache-control
max-age=1647672, public
x-incap-sess-cookie-hdr
ts84R2QN9zmiQSPKTMIPcpZOC2UAAAAAAavFCpOcYlHfvDNhl/xh7A==
content-length
14885
expires
Mon, 09 Oct 2023 21:38:22 GMT
Blog_BlogHero_VTL_VisualStudioBug_202305_FNL.png
info.varonis.com/hubfs/ 		651 KB
654 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/Blog_BlogHero_VTL_VisualStudioBug_202305_FNL.png
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
029ec8d7348de8dfb772d55ef56eda2bc6052c7b6e3fd6bea990119a29d702f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 31 May 2023 18:17:20 GMT
x-cdn
Imperva
etag
"dd431d312449189017d99f6eaa35385a"
content-type
image/png
x-iinfo
7-8278659-8277633 2CNN RT(1695239830256 440) q(0 0 0 -1) r(1 1) U18
cache-control
max-age=1647672, public
x-incap-sess-cookie-hdr
QuLJdZ4cvT+iQSPKTMIPcpZOC2UAAAAAjRt5fnyGdDW32J6LKcpSYQ==
content-length
666790
expires
Mon, 09 Oct 2023 21:38:22 GMT
dolev-taler.jpg
info.varonis.com/hubfs/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/dolev-taler.jpg
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
3e3ec33ee12a3806ccaf0e816e09f4c0ed5c0b13cf67e59d0cc2fe691778869e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 17 Mar 2023 20:59:52 GMT
x-cdn
Imperva
etag
"44b61f3bdce30ec4457b201e47d14682"
content-type
image/jpeg
x-iinfo
7-8278659-8278015 2CNN RT(1695239830256 441) q(0 0 0 -1) r(1 1) U18
cache-control
max-age=1647673, public
x-incap-sess-cookie-hdr
Ppb4M0TqoUaiQSPKTMIPcpZOC2UAAAAAdsgU0nEM7GLIqJMOmM/Pog==
content-length
9909
expires
Mon, 09 Oct 2023 21:38:23 GMT
Blog_BlogHero_VTL_GhostSites_202305_FNL.png
info.varonis.com/hubfs/ 		739 KB
740 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/Blog_BlogHero_VTL_GhostSites_202305_FNL.png
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
6aae8874eda232ce3c720c42409914a8935af244ed20afa347d2d1b85054dfd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 25 May 2023 19:31:59 GMT
x-cdn
Imperva
etag
"fe34892745f79012b954769f34eb0e1e"
content-type
image/png
x-iinfo
7-8278659-0 0CNN RT(1695239830256 444) q(0 -1 -1 -1) r(1 -1)
cache-control
max-age=1623099, public
x-incap-sess-cookie-hdr
3gs6TKOImm2iQSPKTMIPcpZOC2UAAAAA0BNdoIwKNGoTEv5MAZC+wg==
content-length
757233
expires
Mon, 09 Oct 2023 14:48:49 GMT
nitay-bachrach.jpg
info.varonis.com/hubfs/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/nitay-bachrach.jpg
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c97a1e92043773aff19f6a1b61dcaeb22cefb8d6ae57e5dcc0139d5b34dbc384
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 31 Mar 2023 01:20:42 GMT
x-cdn
Imperva
etag
"1d1022c1d7a017202b747a97ba1cb934"
content-type
image/jpeg
x-iinfo
7-8278659-8278729 2CNN RT(1695239830256 447) q(0 0 0 -1) r(1 1)
cache-control
max-age=1647675, public
x-incap-sess-cookie-hdr
OgA4TJO1zxKiQSPKTMIPcpZOC2UAAAAAKTy+Nd+C5gitG3n9Z18f6Q==
content-length
11307
expires
Mon, 09 Oct 2023 21:38:25 GMT
Blog_RansomwareStrain_Generic_BlogHero_202203_V1.0-01-1.png
info.varonis.com/hubfs/ 		606 KB
610 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/Blog_RansomwareStrain_Generic_BlogHero_202203_V1.0-01-1.png
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
90af140aa23f8924d938ea062cd485d58f04b3fd7885d018f910f3e9f121f8d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Apr 2023 21:08:10 GMT
x-cdn
Imperva
etag
"200aaae09e66294459a0c3e447267090"
content-type
image/png
x-iinfo
7-8278659-8278731 2CNN RT(1695239830256 449) q(0 0 0 -1) r(1 1) U18
cache-control
max-age=1617248, public
x-incap-sess-cookie-hdr
wPvRN+6ObRuiQSPKTMIPcpZOC2UAAAAAbWCLZ0vd6Suzg1v6mmHh2g==
content-length
620519
expires
Mon, 09 Oct 2023 13:11:19 GMT
prism.min.js
cdnjs.cloudflare.com/ajax/libs/prism/1.29.0/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prism/1.29.0/prism.min.js
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7b88bddc6c757b2fc8cb113e2469801ab14a78ec1a8fada4d6391e3573f5f9f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://www.varonis.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
12749281
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6336
last-modified
Tue, 23 Aug 2022 12:03:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6304c227-18c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BpRSAYwmzXW3%2BzKcpHB537CpQQeUydaHozrEFA56GivaGMgl2mnj3HFiZVCZImh4T9uojud4aKiM5JiHlG23UBJD5CHMeIT93RNFO3jG44fzRbfWkpy%2FYQxQOHY%2B8eUhYChKb98t0ys4A1WIYytAY%2FLu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
809ca2cf8bc118dc-FRA
expires
Mon, 09 Sep 2024 19:57:10 GMT
prism-autoloader.min.js
cdnjs.cloudflare.com/ajax/libs/prism/1.29.0/plugins/autoloader/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prism/1.29.0/plugins/autoloader/prism-autoloader.min.js
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0233342795c86e2079f7406bce72c481918b9ce416aedeb6b37044abae50fc8d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://www.varonis.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4846897
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2202
last-modified
Thu, 22 Jun 2023 11:16:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942d9d-89a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zAuQtR84XNAnjGfGX2fKGeUCt8vZbWJxyBnhMdwzw9MlDvkdEyyP2%2F9gAgjUtLMJIuqnZHvVJorwopBhfIPqT2FFNN%2FSNeFs5FVgVkod0DeX8NiL14%2FkWfvQJAhvURIZT451ScNpgV3G6YwsTncPRGo4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
809ca2cf8bc818dc-FRA
expires
Mon, 09 Sep 2024 19:57:10 GMT
facebook.svg
info.varonis.com/hubfs/ 		634 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/facebook.svg
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
7a5034e01d5b47ec7eee2b3a45a23919684146c27b715f4fd863037b11b2abff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 03 Apr 2023 21:49:25 GMT
x-cdn
Imperva
etag
W/"9667ebfd8e6880e7066c322b0b25a6c8"
content-type
image/svg+xml
x-iinfo
7-8278659-0 0CNN RT(1695239830256 452) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=462225, public
x-incap-sess-cookie-hdr
M3YUEOYqxVCiQSPKTMIPcpZOC2UAAAAAU2kugfKQ8Kz3kgqQpXUKMQ==
content-length
390
expires
Tue, 26 Sep 2023 04:20:55 GMT
linkedin.svg
info.varonis.com/hubfs/ 		1 KB
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/linkedin.svg
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
0b4639302db82b725feb2fb5b7c2f16d1ef8abe70409c496fe0dc777e143f45d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 07 Apr 2023 16:33:55 GMT
x-cdn
Imperva
etag
W/"15f6f62efcbc0f51585cd41ce283b99a"
content-type
image/svg+xml
x-iinfo
7-8278659-0 0CNN RT(1695239830256 454) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=462225, public
x-incap-sess-cookie-hdr
/KVyTcG6fRCiQSPKTMIPcpZOC2UAAAAAHs6VXXtqLQuvkMtRWXMccA==
content-length
551
expires
Tue, 26 Sep 2023 04:20:55 GMT
twitter.svg
info.varonis.com/hubfs/ 		1 KB
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/twitter.svg
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
3daf9b6a39281fdc04a57bdabe589d9aa970719d22733e04fc1ab799b7a5db49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 07 Apr 2023 13:49:35 GMT
x-cdn
Imperva
etag
W/"3ce4a000e199a193e3e73cfac7b4e108"
content-type
image/svg+xml
x-iinfo
7-8278659-0 0CNN RT(1695239830256 456) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=462226, public
x-incap-sess-cookie-hdr
JYhSdXlqdn2iQSPKTMIPcpZOC2UAAAAAvYIbnbQMT7AN2t/nXI7Ybg==
content-length
789
expires
Tue, 26 Sep 2023 04:20:56 GMT
instagram.svg
info.varonis.com/hubfs/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/instagram.svg
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
ae925eb57e9822aec57086375bcf93fe910d7c6c0d83cf10bf448c5348aaf0b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Mon, 03 Apr 2023 21:29:00 GMT
x-cdn
Imperva
etag
W/"2eeffa913d57b77cfd604f3ef1fae9ed"
content-type
image/svg+xml
x-iinfo
7-8278659-0 0CNN RT(1695239830256 458) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=462226, public
x-incap-sess-cookie-hdr
+2JPbwBe0x6iQSPKTMIPcpZOC2UAAAAAofxuUjHkWpGCaewfeGMNXg==
content-length
1363
expires
Tue, 26 Sep 2023 04:20:56 GMT
ISO-27001-Logo%201.png
info.varonis.com/hubfs/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/ISO-27001-Logo%201.png
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
556e002559cacd39c9454b1fd12f4a8f0a817f64e84fd617cda08a3e46a0f3ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 29 Mar 2023 16:10:56 GMT
x-cdn
Imperva
etag
"a413509b077bcf2faa7621b0d5d4de36"
content-type
image/png
x-iinfo
7-8278659-0 0CNN RT(1695239830256 460) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=456732, public
x-incap-sess-cookie-hdr
42OSSNB6TnaiQSPKTMIPcpZOC2UAAAAAVlavmEmfl9nDbh3yPvv+aA==
content-length
2497
expires
Tue, 26 Sep 2023 02:49:22 GMT
ISO-27001-Logo%20Copy%204%201.svg
info.varonis.com/hubfs/ 		13 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/ISO-27001-Logo%20Copy%204%201.svg
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
ba1b3f329ba47639a8586777bb19db73a9c3e37954b5e72ff97df8e0ea931062
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 29 Mar 2023 16:10:55 GMT
x-cdn
Imperva
etag
W/"3c29f40cae554dd8c7276ac63187dec1"
content-type
image/svg+xml
x-iinfo
7-8278659-0 0CNN RT(1695239830256 462) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=462226, public
x-incap-sess-cookie-hdr
uS6FdzX7ARSiQSPKTMIPcpZOC2UAAAAAotu5jC/N2FZR/jDgbn2RYw==
content-length
10066
expires
Tue, 26 Sep 2023 04:20:56 GMT
STAR-Level-1-badge%201.png
info.varonis.com/hubfs/ 		935 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/STAR-Level-1-badge%201.png
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
400dc3467b8576fe7c0e6a6a949fd314e560f0afb688050d0ee517a2cd4f3cf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 31 Mar 2023 14:59:17 GMT
x-cdn
Imperva
etag
"21b42231b455b1ad08b6ac53b5081df7"
content-type
image/png
x-iinfo
7-8278659-0 0CNN RT(1695239830256 463) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=456732, public
x-incap-sess-cookie-hdr
Mv2MdmdG2j2iQSPKTMIPcpZOC2UAAAAAAFZ1SWA4oW7dnKhmKijVAw==
content-length
935
expires
Tue, 26 Sep 2023 02:49:22 GMT
AICPA_SOC_250x250%201.png
info.varonis.com/hubfs/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/AICPA_SOC_250x250%201.png
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
a7767e7460b2f781aa2775298df1d1a2691fbd6e83b7a4a00c1f77776c012f4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 07 Apr 2023 16:34:52 GMT
x-cdn
Imperva
etag
"3086eb0e182b996b1bd0e515cb8d5ddb"
content-type
image/png
x-iinfo
7-8278659-0 0CNN RT(1695239830256 465) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=456732, public
x-incap-sess-cookie-hdr
L45oc8jSZAuiQSPKTMIPcpZOC2UAAAAAMTMYACHSFvbp/8Y7UqYjaw==
content-length
2732
expires
Tue, 26 Sep 2023 02:49:22 GMT
niap_logo%202.svg
info.varonis.com/hubfs/ 		11 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/niap_logo%202.svg
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
b2c5c92cd55477571c7e757c4105315c813e710586cf1f334f809e8c93d845c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 31 Mar 2023 01:17:14 GMT
x-cdn
Imperva
etag
W/"f7049a9fa4c9ccda9202bfdca55095ba"
content-type
image/svg+xml
x-iinfo
7-8278659-0 0CNN RT(1695239830256 473) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=462226, public
x-incap-sess-cookie-hdr
lTmad0FxlFKiQSPKTMIPcpZOC2UAAAAABe1ZOsNCpK6Udu8zpdB/aA==
content-length
8194
expires
Tue, 26 Sep 2023 04:20:56 GMT
embed.js
static.hsappstatic.net/content-cwv-embed/static-1.388/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hsappstatic.net/content-cwv-embed/static-1.388/embed.js
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:4ffd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34942d531ecf961a2a6777526aef0c7d17f28a4ce9afcac868eb132c700bfe5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
x-amz-version-id
GNgANes_HpxlXMl5IDFfVeYnBgfaeeYN
via
1.1 6eb77e673c2aa566dbadbc817458b976.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
DUS51-P2
age
625421
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 15 Aug 2023 19:48:57 GMT
server
cloudflare
etag
W/"8741985292d64b839be39c64b14f3783"
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IbOTPuQAS7bQnpasxhw%2Fy%2FUzNtKp9%2F0Kt4eHX23%2FLaW6IclVhD1dkI4iHeuoJQQnPlqllnV2Amw4Ph6kiGhGMuzIaXiW9zPHUiAFfRHtkkuW22S7kfw2UgY7LTOXp02WG%2F5bBtsAXPP58gHbp7LRpur23Q8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
809ca2d03d443819-FRA
x-amz-cf-id
zyGw6y9R4F_Btq5twvQgZGPw0RwXeoxB44LWYw_-uv1h6O6zaAGW3w==
expires
Thu, 19 Sep 2024 19:57:11 GMT
announcement-banner.min.js
cdn2.hubspot.net/hub/142972/hub_generated/template_assets/108364953711/1680550379557/hook-www-varonis/js/ 		304 B
656 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/142972/hub_generated/template_assets/108364953711/1680550379557/hook-www-varonis/js/announcement-banner.min.js
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5ec6b8d820581f2d04713d3bea37883b0e5c2881f7bb108e13a3d63249c4867

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
143772
x-amz-cf-pop
IAD89-P1
x-amz-server-side-encryption
AES256
x-hs-alternate-content-type
text/plain
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-replication-status
PENDING
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 03 Apr 2023 19:33:00 GMT
server
cloudflare
etag
W/"ed246e714d8f7084f9613208eb724cf5"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1680550379808
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7z0vuSnN0dyO36XxL3XoMXdN1OgWJOPz7ds3%2F%2FHTdyIMVI8Gsh3zNejRcnqrHLQkHMWnTsNGS%2F3ZXugbWppAI5zAqjhlZBRF%2BCIli7w%2F20wgJtsKOwOy6tJDkzAJaWC7%2FpxpA6Z%2BdL5vCw552qo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
809ca2cfb88c1daa-FRA
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
cse.js
cse.google.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse.js?cx=d594e21cf961c2c72
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
99dccb6c44cc18bc3d92e4813fdf34d16c66c0ef87db910c45c2461640c18c9a
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-Woedzm9z4jiadVNuE6Y_sw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-Woedzm9z4jiadVNuE6Y_sw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding
br
date
Wed, 20 Sep 2023 19:57:11 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2989
x-xss-protection
0
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
server
gws
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires
Wed, 20 Sep 2023 19:57:11 GMT
module_71662020467_Announcement_Banner.min.js
cdn2.hubspot.net/hub/142972/hub_generated/module_assets/71662020467/1675114923395/ 		865 B
847 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/142972/hub_generated/module_assets/71662020467/1675114923395/module_71662020467_Announcement_Banner.min.js
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6cc38542df851f8b331cdd5ac0dbe9929c7968d347c62d93c22b91ef560a931

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
941136
x-amz-cf-pop
IAD89-P1
x-amz-server-side-encryption
AES256
x-hs-alternate-content-type
text/plain
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 30 Jan 2023 21:42:04 GMT
server
cloudflare
etag
W/"6eb6d7132999731493bad4b8e9e19c88"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1675114923395
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UqIn2uK5SyHDukmEz4YNj908DQrYVGdhjxdMfDD0IYSCLkKZs4qLCyDHoAA9xFHQG5fI9IzR9wOmL8gB8pqeZmADnU0psvbsmr7cxIk3aLAWeLSpOQWD1shUa6IFN7vl%2FoVodwxTkm961KQ88p0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
809ca2cfb8911daa-FRA
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
module_97266453797_Remediation_Announcement_Banner.min.js
cdn2.hubspot.net/hub/142972/hub_generated/module_assets/97266453797/1680550132881/ 		860 B
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/142972/hub_generated/module_assets/97266453797/1680550132881/module_97266453797_Remediation_Announcement_Banner.min.js
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c81c42ac5e8263234baf4b6815a77d43db3d7b73ccb9d83d6c70947f9cc58e72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
135845
x-amz-cf-pop
IAD89-P1
x-amz-server-side-encryption
AES256
x-hs-alternate-content-type
text/plain
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 03 Apr 2023 19:28:53 GMT
server
cloudflare
etag
W/"a25c4019cb8b6fc47eb8ed83cf1076d4"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1680550132881
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98NWz%2F3hwLkxtdK520lrTZLatv51XYNL%2BQ5fsN526HvUavC15RwXYrtP74QD0Ou4fy5MQX3JKsefpTmfYtmD%2FXxcFNF0Fjx3JiKAk%2FAv15VgkO4bIgN0aAdKm8qs4zgM9RaDEOxj4qu2CDufO00%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
809ca2cfb8921daa-FRA
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
main.min.js
cdn2.hubspot.net/hub/142972/hub_generated/template_assets/60281972084/1648813456487/hook-www-varonis/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/142972/hub_generated/template_assets/60281972084/1648813456487/hook-www-varonis/js/main.min.js
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a38c79765c38d4a14119e917bdfba2e764f2f4ee05ac1df4faada581e4399cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
476401
x-amz-cf-pop
IAD89-P1
x-amz-server-side-encryption
AES256
x-hs-alternate-content-type
text/plain
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 01 Apr 2022 11:44:17 GMT
server
cloudflare
etag
W/"c4d1fac2b0b677aeaa2c2ade72813888"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1648813456943
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vRuZV2ihPXaK70TlDbKyTDBPFNVY2OJNoqNV0ZUnCyqPduBVrLH9QAFUlvGXudMYepvXidvoO7vYRUb4QQomkFyjsCaFSC%2BRgxggeNEL9a7sSQrYQmn8%2BAPf2HJNBOGKIH8DMzg8EIhXjTMRyWI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
809ca2cfb8931daa-FRA
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
module_96126751858_Site_Navigation.min.js
cdn2.hubspot.net/hub/142972/hub_generated/module_assets/96126751858/1691030599466/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/142972/hub_generated/module_assets/96126751858/1691030599466/module_96126751858_Site_Navigation.min.js
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50888059b627a1e32ceb04646cc5a617e4747e3d9003e1cc051d33e3bcc14589

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-encoding
br
age
51
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-hs-cf-lambda
us-east-1.EnforceAclForReads 2
x-evy-trace-listener
listener_https
etag
W/"066f9d11e54f30bcda41cc81ace646da"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1691030599466
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 2
date
Wed, 20 Sep 2023 19:57:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
0f818410-8b78-4bc1-91d8-fbf201702256
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
153
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
0f818410-8b78-4bc1-91d8-fbf201702256
last-modified
Thu, 03 Aug 2023 02:43:20 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GH9wB4axr6OvmKlNn3kkHOcEgnLzcRSWgYlXRdI1vHoCvpv3DWJsIv7zMZw%2FoKBMUCx8M4sfv8dleDT1%2F1mUlmZ4zKU7i%2F%2BGk2PlT9HIVQFhEmJ0IlEBvARPOKLz%2F29DP4hc5LRZHxxVJPyeRUM%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-cdn2-td/envoy-proxy-8dfbb9f7c-8ktx6
cf-ray
809ca2cfb8951daa-FRA
module_125777074029_Navigation_Submenu.min.js
cdn2.hubspot.net/hub/142972/hub_generated/module_assets/125777074029/1692210032469/ 		1 KB
830 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/142972/hub_generated/module_assets/125777074029/1692210032469/module_125777074029_Navigation_Submenu.min.js
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e9eeec668eca70ecaaabf43de47a7332a84fa9b89172479f39c57bbd1c8582a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-encoding
br
age
1213865
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-hs-cf-lambda
us-east-1.EnforceAclForReads 2
x-evy-trace-listener
listener_https
etag
W/"131209442a05e734a14e3bd00f89bee6"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1692210032469
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 2
date
Wed, 20 Sep 2023 19:57:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD55-P1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
992770b5-6e26-45a1-8ce0-a1beef15fec1
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
159
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
992770b5-6e26-45a1-8ce0-a1beef15fec1
last-modified
Wed, 16 Aug 2023 18:20:33 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VtXYa7j7L8PNUU3kw1g9Fh%2Bo416vS4E9CwZzKTlFkTeUWQ7TmFWmes7XNo5YHDSLaqOM6t%2FxVf1HDw5oaPV3AlzeZ1Eyf4BGINVcMwJsqM52mff8%2FSbJMYsZpezCTYoMVizwdeeLBKbh0i291AE%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-cdn2-td/envoy-proxy-8dfbb9f7c-q4t87
cf-ray
809ca2cfb8961daa-FRA
module_115948073023_Table_of_Contents_Sidebar_-_Global.min.js
cdn2.hubspot.net/hub/142972/hub_generated/module_assets/115948073023/1691779299533/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/142972/hub_generated/module_assets/115948073023/1691779299533/module_115948073023_Table_of_Contents_Sidebar_-_Global.min.js
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f5e45ba0c943167a203ccff2d9b3065c7767b1c32c33e6b21af38da1738b8a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-encoding
br
age
1644704
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 2
x-evy-trace-listener
listener_https
etag
W/"f95490701022c4b61b9aae62631a9ad7"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1691779299533
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 2
date
Wed, 20 Sep 2023 19:57:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
edb15a77-9060-4181-a508-3ccf45d119b7
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
133
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
edb15a77-9060-4181-a508-3ccf45d119b7
last-modified
Fri, 11 Aug 2023 18:41:40 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nhsFMn61AHU7nbroGEs9d%2FFOA%2Fw5Q7bcbk756WNOalaV83JwmTytSy8VS9Lwpkq%2Fwjd2oUvkRQ%2BS35znOoxMAbsIcPirlSJC7gIiqK8rMVDji3vIgX4kxhcfGr9rXTjGS7uYdBX4hGJnaHWS5YU%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-cdn2-td/envoy-proxy-8dfbb9f7c-nn77m
cf-ray
809ca2cfb89a1daa-FRA
module_60280511003_blog-form.min.js
cdn2.hubspot.net/hub/142972/hub_generated/module_assets/60280511003/1678832788379/ 		232 B
888 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/142972/hub_generated/module_assets/60280511003/1678832788379/module_60280511003_blog-form.min.js
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dc5ff8e8d54854daa72a30a2bf8345b75255597251028dad23e18510e635b98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1374051
x-amz-cf-pop
IAD89-C1
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
x-hs-alternate-content-type
text/plain
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
104
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
2694f92e-ad96-4f62-904f-fbbcd2a48dbc
last-modified
Tue, 14 Mar 2023 22:26:29 GMT
server
cloudflare
etag
W/"199d600316628445ac927b3b2b5d292b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1678832788379
x-evy-trace-virtual-host
all
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U0YfbhLTY94df33MXdT2BAsxvuN7c5o4z9SNLKFrvQ%2FhHgE%2BHxGN%2BRGL%2BCKou4sXIvt9C1va4dXLKZ3DceqDfAmyY5N%2BJEJ5J5ljUL%2FVTrFfw7tII67FfsFgsKAqobViC7WSpcUghcY708m7bKw%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-cdn2-td/envoy-proxy-6db9d854cb-9nxbr
cf-ray
809ca2cfb89b1daa-FRA
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
blog.min.js
cdn2.hubspot.net/hub/142972/hub_generated/template_assets/73655310759/1685000791420/hook-www-varonis/js/templates/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/142972/hub_generated/template_assets/73655310759/1685000791420/hook-www-varonis/js/templates/blog.min.js
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f6b8b612b0090fdd0032dfd7071745a0b99149bc01a55cd24b40086ede2b8d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1163184
x-amz-cf-pop
IAD55-P1
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
x-hs-alternate-content-type
text/plain
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
125
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
af41164f-4ef9-448b-abab-cd967b910772
last-modified
Thu, 25 May 2023 07:46:32 GMT
server
cloudflare
etag
W/"577f12ced843bbb8382cdbe78669b3ba"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1685000791604
x-evy-trace-virtual-host
all
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=biG61xuZP4B%2FjMpLF%2Flup6QBROkCOtIA1uv1PRCHjmjxsDRpqPRZqhmTJ8s0zvfTz57Qf1f0Mylger96JqM9Io%2FIIq2GQUXiA%2FzZT%2Bd27VO20m15jkOqzWohEbFDAOk0rnanh2pBxq3Xj7VVSYk%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-cdn2-td/envoy-proxy-8dfbb9f7c-mgw6m
cf-ray
809ca2cfb89d1daa-FRA
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
jquery.toc.min.js
cdn2.hubspot.net/hub/142972/hub_generated/template_assets/106410557973/1678780073283/hook-www-varonis/js/templates/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/142972/hub_generated/template_assets/106410557973/1678780073283/hook-www-varonis/js/templates/jquery.toc.min.js
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
376e1b5d343786c1978dbad9ea7a0e23088947732993a91dcbad995883c96ceb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1644704
x-amz-cf-pop
IAD89-P1
x-amz-server-side-encryption
AES256
x-hs-alternate-content-type
text/plain
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 14 Mar 2023 07:47:54 GMT
server
cloudflare
etag
W/"39e23085840845568c2de46aea67930a"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1678780073283
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HvzNmSaq%2BzNSzudWqXxojI2SrDqiC9IVGJyrBjskVHJQ17bp5gzUHgqeSOkvg%2Fwwl4DMd8%2FnKjNexI%2Bs97dLTFG0cVYa1BbupgPE2B81FkBGkwtqB1pNN%2F5WOSRa39kWtVzlGJEkf0NdZRiuzZg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
809ca2cfb89f1daa-FRA
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
module_87397221683_Footer_Site_Directory.min.js
cdn2.hubspot.net/hub/142972/hub_generated/module_assets/87397221683/1690924310222/ 		577 B
947 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/142972/hub_generated/module_assets/87397221683/1690924310222/module_87397221683_Footer_Site_Directory.min.js
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c91333bb881074a7d4a82886d21fb690ff3fc57394327d5ed12c9d9af05dcc0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-encoding
br
age
683270
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-hs-cf-lambda
us-east-1.EnforceAclForReads 2
x-evy-trace-listener
listener_https
etag
W/"b7e1d67d9b7a486bb634ad966519a8bc"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1690924310222
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 2
date
Wed, 20 Sep 2023 19:57:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
faaaac8f-f4cc-4bcd-b675-e49a1718c49c
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
162
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
faaaac8f-f4cc-4bcd-b675-e49a1718c49c
last-modified
Tue, 01 Aug 2023 21:11:51 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FF5zb%2BCVeG5RZFyiUc1fR9rbqqCTqcp0DkRFyrSC5zEOyy4fnZCss5HiI9Fc17R%2BE1JA85puSP2RSEYaWMc2bRdRmtQWZum3zhqWMRnUo4e%2FMiqEFb6B3N1WtJle2LckLtHGC4G8XXtwyvH%2FFws%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-cdn2-td/envoy-proxy-8dfbb9f7c-hml5r
cf-ray
809ca2cfb8a01daa-FRA
142972.js
www.varonis.com/hs/scriptloader/ 		1 KB
778 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.varonis.com/hs/scriptloader/142972.js
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
abca0c8e91e908e74ac96c3c17fc8660071b76bfa7a8452600153e8e762b6058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 20 Sep 2023 19:49:20 GMT
x-cdn
Imperva
etag
"354ea463"
content-type
application/javascript;charset=utf-8
x-iinfo
7-8278659-8277633 2CNN RT(1695239830256 328) q(0 0 0 -1) r(0 0)
cache-control
max-age=36, public
content-length
569
expires
Wed, 20 Sep 2023 19:57:46 GMT
_Incapsula_Resource
www.varonis.com/ 		144 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.varonis.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=693528764
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
0cb6f39d8a05f82f410ad115fc0399272fcc6ab561a45e3cb1db333fd9a6af91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store
content-encoding
gzip
x-robots-tag
noindex
content-length
20928
content-type
application/javascript
gtm.js
www.googletagmanager.com/ 		331 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KMGCX7V
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2fae5a60297629eee00794c0bf440eebf610c4d222875df575572889e6ba4cfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112788
x-xss-protection
0
last-modified
Wed, 20 Sep 2023 19:01:36 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Sep 2023 19:57:11 GMT
electric-blue-bullet.svg
info.varonis.com/hubfs/List%20Bullets/ 		207 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/List%20Bullets/electric-blue-bullet.svg
Requested by
Host: cdn2.hubspot.net
URL: https://cdn2.hubspot.net/hub/142972/hub_generated/template_assets/115634408573/1691779171899/hook-www-varonis/css/templates/blog-no-code-styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
579b9f734819f583199cd70b03c4e919430a74dd7698921ef16465b41d934769
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn2.hubspot.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 14 Jun 2023 18:26:23 GMT
x-cdn
Imperva
etag
W/"11a69afb5c346ee7879933cb8018fb16"
content-type
image/svg+xml
x-iinfo
7-8278659-0 0CNN RT(1695239830256 423) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=462227, public
x-incap-sess-cookie-hdr
bOeoDs2lB1WiQSPKTMIPcpZOC2UAAAAAfDQ8fzAVJ66D5P2Ktj6g0A==
content-length
168
expires
Tue, 26 Sep 2023 04:20:57 GMT
left-dots.svg
info.varonis.com/hubfs/Blog%20Assets/ 		2 KB
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hubfs/Blog%20Assets/left-dots.svg
Requested by
Host: cdn2.hubspot.net
URL: https://cdn2.hubspot.net/hub/142972/hub_generated/template_assets/115634408573/1691779171899/hook-www-varonis/css/templates/blog-no-code-styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
842abfe134599c5d48d4ddd88bde8d24bd36b32b22bea540837311364b7ce2c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn2.hubspot.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 22 Jun 2023 18:20:28 GMT
x-cdn
Imperva
etag
W/"254492fd49488a86ceb0dec13de43a23"
content-type
image/svg+xml
x-iinfo
7-8278659-0 0CNN RT(1695239830256 489) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=463909, public
x-incap-sess-cookie-hdr
MOztPJjYPl6iQSPKTMIPcpZOC2UAAAAAN1GLxx2KAKqfyTTRb74qnA==
content-length
462
expires
Tue, 26 Sep 2023 04:48:59 GMT
Graphik-Medium-Cy-Web.woff2
142972.fs1.hubspotusercontent-na1.net/hubfs/142972/Fonts/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://142972.fs1.hubspotusercontent-na1.net/hubfs/142972/Fonts/Graphik-Medium-Cy-Web.woff2
Requested by
Host: cdn2.hubspot.net
URL: https://cdn2.hubspot.net/hub/142972/hub_generated/template_assets/60281971998/1695166897927/hook-www-varonis/css/main.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3626b8beaa5cf7df6877a12a65f320097ac8bde38f80fdb82fb060420783736

Request headers

Referer
https://cdn2.hubspot.net/
Origin
https://www.varonis.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-110524008828,FD-110532947091,P-142972,FLS-ALL
age
1350808
x-amz-request-id
FWDQ483VED7FB1HW
x-amz-server-side-encryption
AES256
edge-cache-tag
F-110524008828,FD-110532947091,P-142972,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
etag
"b1508d27f0878f1a2c67e3104acc6f04"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1681244839921
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Wed, 20 Sep 2023 19:57:11 GMT
via
1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-version-id
qsBQrK0UutXz6JHO9XDG7lT0R2bZ_P1t
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-110524008828,FD-110532947091,P-142972,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
content-length
47393
x-amz-id-2
AHTmX7aDM8S20OU8hZ14YbjTHolwySB8FfUnxkHpWxOIrAmD2h542yTo56oVcTPW+JyBmAxbtY4=
last-modified
Tue, 11 Apr 2023 20:27:20 GMT
server
cloudflare
accept-ranges
bytes
cf-ray
809ca2d03c331e56-FRA
x-amz-cf-id
S9P-Oz3I1VXGpU_nhCC_Gg_tDq-UwvjNF6P4JZklzR_GJROWRZTjtw==
Graphik-Semibold-Cy-Web.woff2
142972.fs1.hubspotusercontent-na1.net/hubfs/142972/Fonts/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://142972.fs1.hubspotusercontent-na1.net/hubfs/142972/Fonts/Graphik-Semibold-Cy-Web.woff2
Requested by
Host: cdn2.hubspot.net
URL: https://cdn2.hubspot.net/hub/142972/hub_generated/template_assets/60281971998/1695166897927/hook-www-varonis/css/main.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1591a0e465e82e1b7788da1638637a73094e7b1c80b6ca499b0080629b901390

Request headers

Referer
https://cdn2.hubspot.net/
Origin
https://www.varonis.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-110524053596,FD-110532947091,P-142972,FLS-ALL
age
1172606
x-amz-request-id
5CC8K1WNH1RHE4NC
x-amz-server-side-encryption
AES256
edge-cache-tag
F-110524053596,FD-110532947091,P-142972,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
etag
"912a296360c873da4d505fecc03d44a5"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1681244839881
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Wed, 20 Sep 2023 19:57:11 GMT
via
1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-version-id
mxuwX8fqRvNjrtNo8SAnedwxdNDRhr6l
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-110524053596,FD-110532947091,P-142972,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
content-length
48237
x-amz-id-2
7RFnlOsg06DJbIxEh0x5ihQAzLzfouuOvaxWO0DDYodJhZdNvLq8d234lA3OAPNc4vpHuXlmRDg=
last-modified
Tue, 11 Apr 2023 20:27:20 GMT
server
cloudflare
accept-ranges
bytes
cf-ray
809ca2d03c361e56-FRA
x-amz-cf-id
Wto0AqnbxvcGvMcKQqeNyuiGevA6wilvFVnC_g-Kv1HQInnNF7thxg==
Graphik-Regular-Cy-Web.woff2
142972.fs1.hubspotusercontent-na1.net/hubfs/142972/Fonts/ 		42 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://142972.fs1.hubspotusercontent-na1.net/hubfs/142972/Fonts/Graphik-Regular-Cy-Web.woff2
Requested by
Host: cdn2.hubspot.net
URL: https://cdn2.hubspot.net/hub/142972/hub_generated/template_assets/60281971998/1695166897927/hook-www-varonis/css/main.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53226c274959b617e4cb0dacbb16ec1da2448a0c94bc09a89063ee549342df70

Request headers

Referer
https://cdn2.hubspot.net/
Origin
https://www.varonis.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-110525099618,FD-110532947091,P-142972,FLS-ALL
age
1259891
x-amz-request-id
5CC3818F61G38HJ5
x-amz-server-side-encryption
AES256
edge-cache-tag
F-110525099618,FD-110532947091,P-142972,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
etag
"3c6b915f90783765fd47bc0e05b46078"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1681244839928
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
date
Wed, 20 Sep 2023 19:57:11 GMT
via
1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-version-id
dC1ZTBx86DO9UlmT3zytQkvsH.OIjcRF
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-110525099618,FD-110532947091,P-142972,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
content-length
43329
x-amz-id-2
RUSjfk2gGJuCBgRTHEcO7MTWQreRLrGje8gfEIFWR5JcFilfZRF0/ZUbUZtmhDcmKdflcRwZF41rpHuzJoUVXg==
last-modified
Tue, 11 Apr 2023 20:27:20 GMT
server
cloudflare
accept-ranges
bytes
cf-ray
809ca2d03c391e56-FRA
x-amz-cf-id
RAg5xBLmNpXb-9b8bFXmeljfXAkPnKKv97GKw42OEuMSPkd4GAsLpw==
Graphik-Bold-Cy-Web.woff2
142972.fs1.hubspotusercontent-na1.net/hubfs/142972/Fonts/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://142972.fs1.hubspotusercontent-na1.net/hubfs/142972/Fonts/Graphik-Bold-Cy-Web.woff2
Requested by
Host: cdn2.hubspot.net
URL: https://cdn2.hubspot.net/hub/142972/hub_generated/template_assets/60281971998/1695166897927/hook-www-varonis/css/main.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e78c8571835c19bd1a941799d68bc14b99413f2679d3410c41d1d4d3a00f50f4

Request headers

Referer
https://cdn2.hubspot.net/
Origin
https://www.varonis.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-110524009070,FD-110532947091,P-142972,FLS-ALL
age
464156
x-amz-request-id
3A39QGSBS194FWQX
x-amz-server-side-encryption
AES256
edge-cache-tag
F-110524009070,FD-110532947091,P-142972,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 2
etag
"188f3225882f51f9eff1c090718bee01"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1681245085855
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 2
date
Wed, 20 Sep 2023 19:57:11 GMT
via
1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-version-id
SDMVhfZD04lWwW2k3U7RNnMB0Ks0y88s
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-110524009070,FD-110532947091,P-142972,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
content-length
48457
x-amz-id-2
I/bkJto1TEo1w1nop71ae9gnzwzFOx8HKCpM67ztQ6Q+lAJd9ATT89myDUJBO50WwkpuXRHu23I=
last-modified
Tue, 11 Apr 2023 20:31:26 GMT
server
cloudflare
accept-ranges
bytes
cf-ray
809ca2d03c3a1e56-FRA
x-amz-cf-id
PopgObRugOSqjnuyAtaVxncq0APYGMVptEDkk8ecJlm-k-bU7Hm0hw==
Graphik-RegularItalic-Cy-Web.woff2
info.varonis.com/hubfs/raw_assets/public/hook-www-varonis/fonts/ 		0
0
okta-1.png
info.varonis.com/hs-fs/hubfs/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hs-fs/hubfs/okta-1.png?quality=high&width=239&height=513&name=okta-1.png
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
4e2851e2522f264a3db956562801731ccb3c5cc6f58197724c59243e0ee0fd47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 31 Mar 2023 01:25:36 GMT
x-cdn
Imperva
etag
"cfaAZCpblMH4UXLQk-zJzWFrR3sjL7YpLWOptfHHE1DQ:1b0786026b8a0292f5dbd0024b959a3d"
content-type
image/png
x-iinfo
7-8278659-0 0CNN RT(1695239830256 491) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=1419959, public
x-incap-sess-cookie-hdr
raO6TDT16SGiQSPKTMIPcpZOC2UAAAAAlDdv9P+HmPLvmt2mObOtOw==
content-length
60941
expires
Sat, 07 Oct 2023 06:23:09 GMT
Blog_VTLOkta_Diagram_CrossTalkAttackFlow_V2-png.png
info.varonis.com/hs-fs/hubfs/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hs-fs/hubfs/Blog_VTLOkta_Diagram_CrossTalkAttackFlow_V2-png.png?width=333&height=619&name=Blog_VTLOkta_Diagram_CrossTalkAttackFlow_V2-png.png
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
7308087907ae6818bb539a80b99374a148b6e270ba20105511906942cc2259eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 11 Apr 2023 21:16:08 GMT
x-cdn
Imperva
etag
"cf_0FNdX7muH20jefSbMP2_ZxBMuE0gsqS1_hZI2GwDQ:b3cd39d257a495b32863d26acc27d0e0"
content-type
image/png
x-iinfo
7-8278659-0 0CNN RT(1695239830256 494) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=1419948, public
x-incap-sess-cookie-hdr
qO2kFKex2nyiQSPKTMIPcpZOC2UAAAAAbV2Eh7aQP3YW3pra8xwVWg==
content-length
60873
expires
Sat, 07 Oct 2023 06:22:58 GMT
okta-2.png
info.varonis.com/hs-fs/hubfs/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://info.varonis.com/hs-fs/hubfs/okta-2.png?width=1778&height=1174&name=okta-2.png
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
63bd6910a6c5c7ea1a2fe140012e6fdeab1620ea376b37181c4fe254d77e037a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 31 Mar 2023 01:25:38 GMT
x-cdn
Imperva
etag
"cf-OG-SU7acXawBnJkiAMNgtNKH58XgOIgHHcqO-b3DQ:a7ac3a5fb3e5370d011a6ae9622f20b9"
content-type
image/webp
x-iinfo
7-8278659-8277997 2CNN RT(1695239830256 496) q(0 0 0 -1) r(0 0) U18
cache-control
max-age=1401030, public
x-incap-sess-cookie-hdr
o75yKJjX/QOiQSPKTMIPcpZOC2UAAAAA0XOV0cBtBdxTiJI3+zoeuA==
content-length
66742
expires
Sat, 07 Oct 2023 01:07:40 GMT
Graphik-RegularItalic-Cy-Web.woff
info.varonis.com/hubfs/raw_assets/public/hook-www-varonis/fonts/ 		0
0
cse_element__en.js
www.google.com/cse/static/element/e992cd4de3c7044f/ 		309 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/e992cd4de3c7044f/cse_element__en.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=d594e21cf961c2c72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07d241ae62c2c40e9c20c169b35cf9bda9b3e99cba1e5ad4f86351364156c290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105313
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 17:25:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
private, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Wed, 20 Sep 2023 19:57:11 GMT
default+en.css
www.google.com/cse/static/element/e992cd4de3c7044f/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/e992cd4de3c7044f/default+en.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=d594e21cf961c2c72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9102
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 17:25:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
private, max-age=31536000
accept-ranges
bytes
link
<https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Wed, 20 Sep 2023 19:57:11 GMT
minimalist.css
www.google.com/cse/static/style/look/v4/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/minimalist.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=d594e21cf961c2c72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5867ad740bc719bf1309b5f65537b7ba69f2cba5e9a193679859542d1bc7f95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:17:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2354
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1452
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Wed, 20 Sep 2023 20:07:57 GMT
all.js
connect.facebook.net/en_GB/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/all.js
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
028818b7a4c0ee9257fa3d60459258678fcd8fd2975d5a8c3613bcdb7390cee3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 20 Sep 2023 19:57:11 GMT
content-md5
z0R7Ph2Eom0z5LArM9exsQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-debug
4rqUazAKD+bDkfVuKpEjjmJoRzc3v6NHPxGoKBwtXO3WH4s+/9SRlvformzS6eeBlYemojj1KbnXn9YgVBwnqg==
x-fb-content-md5
da49c7913fe12086a1bebea33e0954ad
cross-origin-opener-policy
same-origin-allow-popups
etag
"5b076cc961ccaa3c7d798d1b986ac98c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Wed, 20 Sep 2023 19:59:55 GMT
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BE) /
Resource Hash
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 19:57:11 GMT
Content-Encoding
gzip
Age
140
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27630
Last-Modified
Tue, 24 Jan 2023 21:41:51 GMT
Server
ECS (frb/67BE)
Etag
"9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f477a278930d1e26d63ab78d76d9809da84f1ff12adc6611d77d55c54f17238

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/png
module_125777074029_Navigation_Submenu.min.js
cdn2.hubspot.net/hub/142972/hub_generated/module_assets/125777074029/1692210032469/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/142972/hub_generated/module_assets/125777074029/1692210032469/module_125777074029_Navigation_Submenu.min.js
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e9eeec668eca70ecaaabf43de47a7332a84fa9b89172479f39c57bbd1c8582a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-encoding
br
age
1214433
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
PENDING
x-hs-cf-lambda
us-east-1.EnforceAclForReads 2
x-evy-trace-listener
listener_https
etag
W/"131209442a05e734a14e3bd00f89bee6"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1692210032469
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 2
date
Wed, 20 Sep 2023 19:57:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD55-P1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
992770b5-6e26-45a1-8ce0-a1beef15fec1
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
159
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
992770b5-6e26-45a1-8ce0-a1beef15fec1
last-modified
Wed, 16 Aug 2023 18:20:33 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUAwJrVZ6IF7ugOg%2BD9hjO0augDoVLu8C4xj2dZSWbne12pa1e13zW5Jj0ha%2FEaNoocTnlwq8qpJDCZwq4Rmp4hgsRD4O5nXolNUQw5PPSQYnnTEBBJJul7%2BSOn6FyZTSdlHv9gekbOWbLK8ejk%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-cdn2-td/envoy-proxy-8dfbb9f7c-q4t87
cf-ray
809ca2d228573611-FRA
module_115948073023_Table_of_Contents_Sidebar_-_Global.min.js
cdn2.hubspot.net/hub/142972/hub_generated/module_assets/115948073023/1691779299533/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/142972/hub_generated/module_assets/115948073023/1691779299533/module_115948073023_Table_of_Contents_Sidebar_-_Global.min.js
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f5e45ba0c943167a203ccff2d9b3065c7767b1c32c33e6b21af38da1738b8a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-encoding
br
age
1645991
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.EnforceAclForReads 2
x-evy-trace-listener
listener_https
etag
W/"f95490701022c4b61b9aae62631a9ad7"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1691779299533
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 2
date
Wed, 20 Sep 2023 19:57:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
x-hubspot-correlation-id
edb15a77-9060-4181-a508-3ccf45d119b7
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
133
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
edb15a77-9060-4181-a508-3ccf45d119b7
last-modified
Fri, 11 Aug 2023 18:41:40 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EhmiISGAv%2B5COa%2BaQR5hXUdCA%2BTZEF%2FdqXZx1g5io3nhPy8Cz9wyi%2FTIjPnhfBE7hlD5xV29VpetoMo%2B14JnoIj%2Fi8ogjbRvwe%2FqVDnPHebDMq0uADDamZx%2Fq0ZVeAwSs8%2FkoJT8HYVq2AtzLLk%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-cdn2-td/envoy-proxy-8dfbb9f7c-nn77m
cf-ray
809ca2d2285c3611-FRA
module_60280511003_blog-form.min.js
cdn2.hubspot.net/hub/142972/hub_generated/module_assets/60280511003/1678832788379/ 		232 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/142972/hub_generated/module_assets/60280511003/1678832788379/module_60280511003_blog-form.min.js
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dc5ff8e8d54854daa72a30a2bf8345b75255597251028dad23e18510e635b98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
44885
x-amz-cf-pop
IAD89-C1
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
x-hs-alternate-content-type
text/plain
x-amz-storage-class
INTELLIGENT_TIERING
x-envoy-upstream-service-time
153
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
b084ca71-89b6-4889-82d4-9f829d68c04e
last-modified
Tue, 14 Mar 2023 22:26:29 GMT
server
cloudflare
etag
W/"199d600316628445ac927b3b2b5d292b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1678832788379
x-evy-trace-virtual-host
all
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fiwa7wquUmD9Sj0pQRd6GeQ1zdInDgBbk%2Bq211vsUaWu6SJqFHnM5AeJKMuHh0%2BUPdWK38tfNdGrEZQrgsFUC7ixXMddaBRiPUbHaH4gn5YaH5zU2jBNwc8MRVKLYlViI45Kgqu6gNXNzPPc8gc%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/cms-cdn2-td/envoy-proxy-8497bd8f5f-krwdx
cf-ray
809ca2d2285e3611-FRA
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
jquery.toc.min.js
cdn2.hubspot.net/hub/142972/hub_generated/template_assets/106410557973/1678780073283/hook-www-varonis/js/templates/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/142972/hub_generated/template_assets/106410557973/1678780073283/hook-www-varonis/js/templates/jquery.toc.min.js
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:6fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
376e1b5d343786c1978dbad9ea7a0e23088947732993a91dcbad995883c96ceb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1645991
x-amz-cf-pop
IAD89-P1
x-amz-server-side-encryption
AES256
x-hs-alternate-content-type
text/plain
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 20
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 14 Mar 2023 07:47:54 GMT
server
cloudflare
etag
W/"39e23085840845568c2de46aea67930a"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1678780073283
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jexm1nSBohHts%2Full0dKwH3F8ZbKKIZnvUkkGntxDzc0qS8SXK36xMlgdUS3pOeGB1%2BPQvqE%2FLxMIW5d20PBgLmKFZlSXG%2BOFkUl5WiYtFAAaTrtjJX7pi2F0a4FWWbBU7ZuZjNCxp4TvmEetrk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
809ca2d2488b3611-FRA
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 20
142972.js
js.hs-analytics.net/analytics/1695239700000/ 		67 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1695239700000/142972.js
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/hs/scriptloader/142972.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4dba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89a699a152461e445320bea3f3d031de51ddb19a946183f1a439a644173e8f99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
01KWTA5H1T1PMHQC
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
0b222138-36a4-47e2-920f-421fd0687b3a
x-envoy-upstream-service-time
19
x-amz-id-2
9y7qUgptkwASuJ+62S1h85zR7ar6T2WeeZMuv0ZBzplYbaaSy0gOIjBwxD3yPtL+C0Ko0oMvVlQ=
x-evy-trace-listener
listener_https
x-request-id
0b222138-36a4-47e2-920f-421fd0687b3a
x-evy-trace-route-configuration
listener_https/all
last-modified
Wed, 20 Sep 2023 19:05:10 GMT
server
cloudflare
etag
W/"d5d1d0d29c2707bc86fd60d405946c3f"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-ww4tr
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
809ca2d2c9c33838-FRA
expires
Wed, 20 Sep 2023 20:02:11 GMT
conversations-embed.js
js.usemessages.com/ 		76 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/hs/scriptloader/142972.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:fba8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0ce413afdfd25dfc3dd8543a57e61d54a3b01c4167bcd523f9fcaac52c4dc18
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
x-amz-version-id
WTwmxuSAV0I7yIrQ29752XOmGthaSTGM
via
1.1 f01dafb3bec9893b47152910d47900a4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-cf-pop
IAD12-P3
age
558
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.14146/bundles/project.js&cfRay=809c9530a8abbb67-FRA
x-cache
Hit from cloudfront
x-hubspot-correlation-id
becf7991-d284-4c24-98e4-0e5579f09371
cache-tag
staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-encoding
br
x-envoy-upstream-service-time
1
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
becf7991-d284-4c24-98e4-0e5579f09371
last-modified
Thu, 14 Sep 2023 05:51:51 UTC
server
cloudflare
etag
W/"f91e50658245529774241b829675b5c7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-57ff77fcd-vvkfx
cf-ray
809ca2d28a9a9208-FRA
x-amz-cf-id
rdDIUZoG7sfjjQPINwrC3ofFB9daHWr0jmlJA2H1F0AjmIhJxjp9mg==
x-hs-target-asset
conversations-embed/static-1.14146/bundles/project.js
banner.js
js.hs-banner.com/v2/142972/ 		72 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/142972/banner.js
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/hs/scriptloader/142972.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50207c840106d4e089acf9c86aac0b2553ebdff72f1ef5f56f6797ff22973214

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
x-amz-version-id
FTsDgkM2c4QHY3p38ZjjdOhAZdGk6Pb_
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
9K2R0X56AHRGGQ6B
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
03b751c4-f80d-4996-b2a3-06781a40cfca
x-envoy-upstream-service-time
35
x-amz-id-2
BBKZ9xKlqyOD23x4Od1qXZzVQ/ERtFt+XXlMmYfND5lEXIc5ergzlVD2LI8BOwUOIoh7tyzpAEM=
x-evy-trace-listener
listener_https
x-request-id
03b751c4-f80d-4996-b2a3-06781a40cfca
x-evy-trace-route-configuration
listener_https/all
last-modified
Wed, 20 Sep 2023 17:23:37 GMT
server
cloudflare
etag
W/"bba36586fbbf7e2e55fab309eac878d5"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.varonis.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-wrchw
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
809ca2d28c7a3a5e-FRA
expires
Wed, 20 Sep 2023 20:02:11 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6436621be2b65e2d3d5edba4f50a3b6d85aa87c26f5e7bdf6e1a40783d3e562e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Content-Type
image/png
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMGCX7V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 20 Sep 2023 18:43:55 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4396
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 20 Sep 2023 20:43:55 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1015553108/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1015553108/?random=1695239831407&cv=11&fst=1695239831407&bg=ffffff&guid=ON&async=1&gtm=45He39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.varonis.com%2Fblog%2Fokta-attack-vectors%3Futm_medium%3Demail%26amp%3B_hsmi%3D274892453%26amp%3B_hsenc%3Dp2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA%26amp%3Butm_content%3D274892453%26amp%3Butm_source%3Dhs_email&hn=www.googleadservices.com&frm=0&tiba=CrossTalk%20and%20Secret%20Agent%3A%20Two%20Attack%20Vectors%20on%20Okta%27s%20Identity%20Suite&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMGCX7V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
374c910a3d0a66cb9980f8322a6e4456bc556325dcfd5c61dea0eff0210e62b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 19:57:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1525
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.js
www.redditstatic.com/ads/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMGCX7V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 15 Jun 2023 20:49:59 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
7409
bizible.js
cdn.bizible.com/scripts/ 		67 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bizible.com/scripts/bizible.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMGCX7V
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D4) /
Resource Hash
bdcfbf573b21ee8061b68699f6f84df3f83eff756c6087e2cf268bfa17359a2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
content-encoding
gzip
last-modified
Fri, 15 Sep 2023 20:02:20 GMT
server
ECS (frb/67D4)
age
56800
etag
"772f4e89fe8d91:0"
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
25480
fbevents.js
connect.facebook.net/en_US/ 		197 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
66e58d37cc4b8168a1bd6678e085b43e939eb138fe608b7faffe3b1ba76b0c7b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 20 Sep 2023 19:57:11 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53155
x-xss-protection
0
pragma
public
x-fb-debug
1Bb47WVdSbkdiJQANAzbn9E8DGDg4vTQfVeuv74C6Tyfx0ImJK5X7MZ3DFIuT6+2jwzcYrc2InBjFkZTy+rbVw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
142972.js
js.hs-scripts.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/142972.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMGCX7V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:bd59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5be4ce2c2076e98efabbe5f1cec7b540d8751fb0d73aa9bcc71d4961985b06f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
a51c42c4-1a58-4484-a171-7c590960b7a9
x-envoy-upstream-service-time
4
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
a51c42c4-1a58-4484-a171-7c590960b7a9
last-modified
Wed, 20 Sep 2023 19:26:59 GMT
server
cloudflare
x-trace
2B791908F2B00C5FCC4247741EE9F259B05A3AD5DD000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.varonis.com
x-evy-trace-virtual-host
all
cache-control
public, max-age=60
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-6c94986c56-c8995
cf-ray
809ca2d29aa11961-FRA
expires
Wed, 20 Sep 2023 19:58:11 GMT
sl.js
scout-cdn.salesloft.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scout-cdn.salesloft.com/sl.js
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4341 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
x-amz-version-id
6anzvBQcvmaBDc8BSO9zI6Th.IIiwArc
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-request-id
ZBK9GVWNHMM615HE
age
3642
alt-svc
h3=":443"; ma=86400
x-amz-id-2
QApJjUMe6dPSmzYXiYFc6dOGGKZMkdZ0kUVJbzRIgTVpYxPQx33CSERxtLdkqDuVapIv8BDSyiw=
last-modified
Mon, 13 Dec 2021 16:28:37 GMT
server
cloudflare
etag
W/"d74cc4825c8e333b2116da3fcc649db1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
809ca2d33bed3a72-FRA
expires
Wed, 20 Sep 2023 23:57:11 GMT
events.js
tags.srv.stackadapt.com/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.57.3.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-3-170.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e07ee6ba4c8e6a8f1e3c3e4719e5214959f0564d17d4e7a1e09282be97b767e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 20 Sep 2023 19:57:11 GMT
cache-control
max-age=5
content-encoding
gzip
content-type
text/javascript
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230057-FRA
6si.min.js
j.6sc.co/ 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.6sc.co/6si.min.js
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.251.7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-7.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
3ac0c589d242920586289eabdd93bf71f3d85bb1c6c8333d3e2deb4e173b61a4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 19:57:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 24 Aug 2023 22:29:49 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"64e7d9dd-cc38"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, proxy-revalidate
accept-ranges
bytes
content-length
14993
expires
Wed, 20 Sep 2023 19:57:11 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMGCX7V
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 05 Sep 2023 13:41:52 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=20276
accept-ranges
bytes
content-length
3822
bat.js
bat.bing.com/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMGCX7V
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Wed, 20 Sep 2023 19:57:11 GMT
last-modified
Wed, 06 Sep 2023 22:41:28 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 62CCA46697E140AA99A91F485A9E3A15 Ref B: FRAEDGE1718 Ref C: 2023-09-20T19:57:11Z
etag
"09cc4613e1d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12981
cse.js
cse.google.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse.js?cx=013425730632158569092:arjc2usbxyq
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
4b7eb960a7be507e390088d7f00bed76b42b85a3303867d7da04457a51dd501d
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-4bd6LG_Cmy6n8HDy1qhVWQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-4bd6LG_Cmy6n8HDy1qhVWQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding
br
date
Wed, 20 Sep 2023 19:57:11 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2982
x-xss-protection
0
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
server
gws
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires
Wed, 20 Sep 2023 19:57:11 GMT
ktxevents.v1.js
trackit.ktxlytics.io/ 		98 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trackit.ktxlytics.io/ktxevents.v1.js
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-4.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5669edd3b221f82c626766804db887678c78c575a973d38b098753ec73a42b49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
8nobErucU.TGbL_HVc3JJOzAiDrdj9pU
Date
Wed, 20 Sep 2023 03:17:32 GMT
Via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
Last-Modified
Wed, 23 Oct 2019 19:11:31 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P4
Age
59985
ETag
"5350ce54b7969cfe1e9a0314b25964b6"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
99889
X-Amz-Cf-Id
YsCZ2_OTQVVxC1VinNzk4dB3XKFKsvPtcGa6WvEa0naJRkTxt3Js_g==
js
www.googletagmanager.com/gtag/ 		288 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PCF2HBX32M&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMGCX7V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1844dfcf2e53bd09d8ed5aef050afc3f097924494e34ea74eb5878ea261a57c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95160
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 20 Sep 2023 19:57:11 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1629798&seg=31639437&t=2&gtmcb=129093072
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1629798%26seg%3D31639437%26t%3D2%26gtmcb%3D129093072
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1629798%26seg%3D31639437%26t%3D2%26gtmcb%3D129093072
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 19:57:11 GMT
an-x-request-uuid
0f5723d9-8fcc-4d5d-a63a-51b7c7fba4a7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.213.155.131; 185.213.155.131; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Sep 2023 19:57:11 GMT
an-x-request-uuid
1d93a43a-fa7b-4123-a721-76261a6258c8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1629798%26seg%3D31639437%26t%3D2%26gtmcb%3D129093072
cache-control
no-store, no-cache, private
x-proxy-origin
185.213.155.131; 185.213.155.131; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
insight.adsrvr.org/track/pxl/ 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/pxl/?adv=71679u3&ct=0:ms2x9ot&fmt=3&gtmcb=454722004
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
server
Kestrel
content-length
70
content-type
image/gif
_Incapsula_Resource
www.varonis.com/ 		1 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.varonis.com/_Incapsula_Resource?SWKMTFSR=1&e=0.9989711972486299
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
event
plausible.io/api/ 		2 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://plausible.io/api/event
Requested by
Host: plausible.io
URL: https://plausible.io/js/plausible.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
cdn-edgestorageid
1081
cdn-cachedat
09/20/2023 19:57:11
cdn-pullzone
682664
application
10.0.1.5
alt-svc
h3=":443"; ma=2592000
content-length
2
x-request-id
F4azpR7tEpM7sFH6HUUC
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
202
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cache-control
must-revalidate, max-age=0, private
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
cdn-requestid
28d47612084b9709ed34bf4d4b96b0ba
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
has-permission
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 		0
978 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=142972&callback=jsonpHandler
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options no-sniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
no-sniff
cf-cache-status
DYNAMIC
x-hs-worker-debug-mode
false
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
be42d855-1991-4059-9326-8041da8169ca
x-envoy-upstream-service-time
2
x-evy-trace-route-configuration
listener_https/all
reporting-endpoints
default="https://send.hsbrowserreports.com/csp/reports?cfRay=809ca2d3adb8383b&resource=unknown"
x-evy-trace-listener
listener_https
x-request-id
be42d855-1991-4059-9326-8041da8169ca
server
cloudflare
x-trace
2BE6BA5F3786392C9E395E0A218E6A9D9864BC4964000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
GET
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-57ff77fcd-4zxj4
x-evy-trace-virtual-host
all
cache-control
max-age=0
access-control-allow-credentials
true
cf-ray
809ca2d3adb8383b-FRA
all.js
connect.facebook.net/en_GB/ 		306 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/all.js?hash=1f7e797f74bdd79ffd133afb9877cc38
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7a84b0c6cc0f01814f9906e8abfc54e56a9287c171628a2b67bdc29c56e2253c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Origin
https://www.varonis.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 20 Sep 2023 19:57:11 GMT
content-md5
OcgYJuCzeOAypGM1aIlP+g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87643
x-fb-debug
eTXwzPDRHzSCzyWAnIV5/PFWhtvCVyeDev4/hH5XHZ9AFM3ZiZksXfttSl6aUFe5GNqe5FMZxMhPGs+uEdqNTQ==
x-fb-content-md5
1f661c0bfe3cb8b75584808abb93bee6
cross-origin-opener-policy
same-origin-allow-popups
etag
"31b680607a7c27c540562b6583fcf8ab"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Thu, 19 Sep 2024 19:15:00 GMT
widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html
platform.twitter.com/widgets/ Frame DBFC 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.varonis.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/675D) /
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
2991769
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105435
Content-Type
text/html; charset=utf-8
Date
Wed, 20 Sep 2023 19:57:11 GMT
Etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:13 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/675D)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:28:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
1737
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 20 Sep 2023 20:28:14 GMT
widget
www.varonis.com/_hcms/livechat/ 		480 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.varonis.com/_hcms/livechat/widget?portalId=142972&conversations-embed=static-1.14146&mobile=false&messagesUtk=c589acbec3e444339942dc30912f21cb&traceId=c589acbec3e444339942dc30912f21cb
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.154.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a63251e32f276eb07ccc1dd09e2007fbb313d9391a42cff91968221b08615a07
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
accept-language
de-DE,de;q=0.9
X-HubSpot-Messages-Uri
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-cdn
Imperva
content-security-policy
upgrade-insecure-requests
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
875752b4-03f3-4373-8686-c468edb104c7
content-encoding
gzip
x-iinfo
7-8278659-8278661 PNYN RT(1695239830256 985) q(0 0 0 -1) r(2 2) U2
x-envoy-upstream-service-time
11
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
875752b4-03f3-4373-8686-c468edb104c7
server
cloudflare
x-trace
2B07A264C0CF6A7B13469A57FA47109ECD43578840000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-6c94986c56-w8jrp
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNnmcUG%2BjL%2B5puG1B5cO%2Ba4sKQTlEgkX93yI9IqOmM9vXkKeumAuZj0Lc3nYJ7szQ9NE9hcskb0xag%2FNT9b0vkoIe7h86iyznQGI9HWg%2FEU2e18nVh0S0TFdT1ZvJwpg9A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
809ca2d3e8c8b3b0-MUC
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
ipv
cdn.bizible.com/m/ 		43 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bizible.com/m/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=2092d1ea98e944728433b9d533702b3e&_biz_s=6d5e11&_biz_l=https%3A%2F%2Fwww.varonis.com%2Fblog%2Fokta-attack-vectors%3Futm_medium%3Demail%26amp%3B_hsmi%3D274892453%26amp%3B_hsenc%3Dp2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA%26amp%3Butm_content%3D274892453%26amp%3Butm_source%3Dhs_email&_biz_t=1695239831652&_biz_i=CrossTalk%20and%20Secret%20Agent%3A%20Two%20Attack%20Vectors%20on%20Okta%27s%20Identity%20Suite&_biz_n=0&rnd=59187&cdn_o=a&_biz_z=1695239831657
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6760) /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 19:57:11 GMT
last-modified
Wed, 20 Sep 2023 04:10:18 GMT
server
ECS (frb/6760)
age
56813
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/gif
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
43
expires
-1
u
cdn.bizibly.com/ 		43 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bizibly.com/u?_biz_u=2092d1ea98e944728433b9d533702b3e&_biz_s=6d5e11&_biz_l=https%3A%2F%2Fwww.varonis.com%2Fblog%2Fokta-attack-vectors%3Futm_medium%3Demail%26amp%3B_hsmi%3D274892453%26amp%3B_hsenc%3Dp2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA%26amp%3Butm_content%3D274892453%26amp%3Butm_source%3Dhs_email&_biz_t=1695239831661&_biz_i=CrossTalk%20and%20Secret%20Agent%3A%20Two%20Attack%20Vectors%20on%20Okta%27s%20Identity%20Suite&rnd=470679&cdn_o=a&_biz_z=1695239831661
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6752) /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 19:57:11 GMT
last-modified
Sat, 16 Sep 2023 01:06:58 GMT
server
ECS (frb/6752)
age
413413
x-cache
HIT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/gif
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
43
expires
-1
async-ads.js
cse.google.com/adsense/search/ 		144 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/adsense/search/async-ads.js
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/e992cd4de3c7044f/cse_element__en.js?usqp=CAI%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
385e449b5e1299f69e3757064989c19902c326c891a94e91176ca261a8c0f27b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"11748054523190797132"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
link
<https://afs.googlesyndication.com>; rel="preconnect"
expires
Wed, 20 Sep 2023 19:57:11 GMT
generate_204
clients1.google.com/ 		0
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clients1.google.com/generate_204
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1695239831702&id=t2_4ofecxl5&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=044b3253-afc4-4698-87c4-ddec5516c8fb&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
default.css
www.google.com/cse/static/style/look/v4/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/default.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=013425730632158569092:arjc2usbxyq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:47:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
574
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1345
x-xss-protection
0
last-modified
Wed, 17 Jun 2020 00:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Wed, 20 Sep 2023 20:37:37 GMT
adsct
t.co/1/i/ 		43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=a45f0c60-043b-4620-9caf-de1d68e8190a&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9201174b-3bc0-4032-b4d2-34cc6bc5d694&tw_document_href=https%3A%2F%2Fwww.varonis.com%2Fblog%2Fokta-attack-vectors%3Futm_medium%3Demail%26amp%3B_hsmi%3D274892453%26amp%3B_hsenc%3Dp2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA%26amp%3Butm_content%3D274892453%26amp%3Butm_source%3Dhs_email&tw_iframe_status=0&txn_id=o7owr&type=javascript&version=2.3.29
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-response-time
104
date
Wed, 20 Sep 2023 19:57:11 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
833e0a0a4a2cf2f7
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
42243208eb4978b46349784b91332ae48ce91c05cc511e1f1111df536c10d80f
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=a45f0c60-043b-4620-9caf-de1d68e8190a&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9201174b-3bc0-4032-b4d2-34cc6bc5d694&tw_document_href=https%3A%2F%2Fwww.varonis.com%2Fblog%2Fokta-attack-vectors%3Futm_medium%3Demail%26amp%3B_hsmi%3D274892453%26amp%3B_hsenc%3Dp2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA%26amp%3Butm_content%3D274892453%26amp%3Butm_source%3Dhs_email&tw_iframe_status=0&txn_id=o7owr&type=javascript&version=2.3.29
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-response-time
172
date
Wed, 20 Sep 2023 19:57:10 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
91a2e7af1f02340d
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
1bd83b8e2da78887ffffac9b1ef466237274887419c9d14f618f4bc02b276492
content-length
43
insight.beta.min.js
snap.licdn.com/li.lms-analytics/ 		40 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3ac17d461ee8b27503b79e7141b02cffef51873f0f27d5c18b4454ee16a0d97a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Sep 2023 05:14:46 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
content-type
application/javascript;charset=utf-8
cache-control
max-age=64958
accept-ranges
bytes
content-length
40568
/
c.6sc.co/ 		7 B
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.6sc.co/
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.251.7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/html
access-control-allow-origin
https://www.varonis.com
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
7
/
ipv6.6sc.co/ 		20 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipv6.6sc.co/
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::210:172 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
dd98357d2bb2982eb4e0d6ad52bdd1467161e32990a70c4f0d6a28b2a8095141

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 19:57:11 GMT
vary
Origin
content-type
text/html
access-control-allow-origin
https://www.varonis.com
cache-control
max-age=0, no-cache, no-store
6si-ipv6
2a03:1b20:6:f011::1e
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1695239831846_34603374_1137463857_21_1147_5_27_219";dur=1
content-length
20
expires
Wed, 20 Sep 2023 19:57:11 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=08f833d2e9af1f124e201163df927e7c&svisitor=null&visitor=ee2b578a-1f47-438b-8da8-3d994f9bcf54&session=3c274f60-aea0-4250-8038-339840866b58&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Wed%2C%2020%20Sep%202023%2019%3A57%3A11%20GMT%22%2C%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2020%20Sep%202023%2019%3A57%3A11%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%2208f833d2e9af1f124e201163df927e7c%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2020%20Sep%202023%2019%3A57%3A11%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2020%20Sep%202023%2019%3A57%3A11%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%22c1b0175dc2b2ae319cf32b1dec3db9836bdaea3e%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2020%20Sep%202023%2019%3A57%3A11%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2020%20Sep%202023%2019%3A57%3A11%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Varonis%20Threat%20Labs%20discovered%20and%20disclosed%20two%20attack%20vectors%20on%20Okta%27s%20identity%20suite%3A%20CrossTalk%20and%20Secret%20Agent.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CrossTalk%20and%20Secret%20Agent%3A%20Two%20Attack%20Vectors%20on%20Okta%27s%20Identity%20Suite%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.varonis.com%2Fblog%2Fokta-attack-vectors%3Futm_medium%3Demail%26amp%3B_hsmi%3D274892453%26amp%3B_hsenc%3Dp2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA%26amp%3Butm_content%3D274892453%26amp%3Butm_source%3Dhs_email&pageViewId=8abb157c-8345-445b-8573-5446d8ccfed6&v=1.1.6
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.251.7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-7.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:12 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 18 Feb 2023 00:49:36 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f020a0-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
collect
region1.google-analytics.com/g/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PCF2HBX32M&gtm=45je39i0&_p=217637217&cid=1853629191.1695239832&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695239831&sct=1&seg=0&dl=https%3A%2F%2Fwww.varonis.com%2Fblog%2Fokta-attack-vectors%3Futm_medium%3Demail%26amp%3B_hsmi%3D274892453%26amp%3B_hsenc%3Dp2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA%26amp%3Butm_content%3D274892453%26amp%3Butm_source%3Dhs_email&dt=CrossTalk%20and%20Secret%20Agent%3A%20Two%20Attack%20Vectors%20on%20Okta%27s%20Identity%20Suite&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PCF2HBX32M&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 19:57:11 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.varonis.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
179650485736885
connect.facebook.net/signals/config/ 		490 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/179650485736885?v=2.9.127&r=stable&domain=www.varonis.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
41808a08e68ef9a7de2dd52bfdf6d589bcdc7f52e2ecfdbf8b1f671adce16f7f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 20 Sep 2023 19:57:12 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
Obk3QM1XMp8gHZHNk7HV3grZw8rocRqywal/rXtNpuBkzfIE1KkvvodFdxNav0WZGe2OmG6pCCTEJWSCGMaTAA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
settings
syndication.twitter.com/ Frame DBFC 		869 B
658 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=9f85284dbc3399d8f625c9218160ea1d0307b38e
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.varonis.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-response-time
104
date
Wed, 20 Sep 2023 19:57:12 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Wed, 20 Sep 2023 19:57:12 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
8287f2e2794eecce
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
26e74bee514cb4f0f05773349147f639a032abcf836d74d6b903ac98919b0606
content-length
337
xdc.js
cdn.bizible.com/ 		116 B
324 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bizible.com/xdc.js?_biz_u=2092d1ea98e944728433b9d533702b3e&_biz_h=-1906410348&cdn_o=a&jsVer=4.23.09.14
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.58 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6711) /
Resource Hash
9fc940aebd2aa04935349e5d5da7b80c3b6eda00023c2585dc15ef785aef36cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
content-encoding
gzip
server
ECS (frb/6711)
etag
2BEBB71C
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
content-length
218
r
scout.salesloft.com/ 		41 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMTQ3NX0.iI-HhwOQ2R9nR36t6D2kwo7l09ByrLMU2A7_XHc4Ar0
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.202.224.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-224-54.compute-1.amazonaws.com
Software
/
Resource Hash
e05ae076790852a21a47535d8a06e4ebdfc3079536d9c3f9f91d9f5b29303f0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.varonis.com
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
41
x-request-id
ff4b10217a290210b91ac721129cebf1
/
www.google.com/pagead/1p-user-list/1015553108/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1015553108/?random=1695239831407&cv=11&fst=1695236400000&bg=ffffff&guid=ON&async=1&gtm=45He39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.varonis.com%2Fblog%2Fokta-attack-vectors%3Futm_medium%3Demail%26amp%3B_hsmi%3D274892453%26amp%3B_hsenc%3Dp2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA%26amp%3Butm_content%3D274892453%26amp%3Butm_source%3Dhs_email&frm=0&tiba=CrossTalk%20and%20Secret%20Agent%3A%20Two%20Attack%20Vectors%20on%20Okta%27s%20Identity%20Suite&fmt=3&is_vtc=1&random=1574254308&rmt_tld=0&ipr=y
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 19:57:12 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1015553108/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1015553108/?random=1695239831407&cv=11&fst=1695236400000&bg=ffffff&guid=ON&async=1&gtm=45He39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.varonis.com%2Fblog%2Fokta-attack-vectors%3Futm_medium%3Demail%26amp%3B_hsmi%3D274892453%26amp%3B_hsenc%3Dp2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA%26amp%3Butm_content%3D274892453%26amp%3Butm_source%3Dhs_email&frm=0&tiba=CrossTalk%20and%20Secret%20Agent%3A%20Two%20Attack%20Vectors%20on%20Okta%27s%20Identity%20Suite&fmt=3&is_vtc=1&random=1574254308&rmt_tld=1&ipr=y
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 19:57:12 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
details
epsilon.6sense.com/v3/company/ 		1 KB
844 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://epsilon.6sense.com/v3/company/details
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.80.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-80-35.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3fcc764176498837ff6623068beac324f15402c865497ccfb3021dea9e29c544

Request headers

Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
accept-language
de-DE,de;q=0.9
Authorization
Token c1b0175dc2b2ae319cf32b1dec3db9836bdaea3e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
X-6s-CustomID
WebTag1.0 08f833d2e9af1f124e201163df927e7c

Response headers

date
Wed, 20 Sep 2023 19:57:12 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.varonis.com
access-control-allow-credentials
true
content-length
659
details
epsilon.6sense.com/v3/company/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://epsilon.6sense.com/v3/company/details
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.80.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-80-35.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-6s-customid
Access-Control-Request-Method
GET
Origin
https://www.varonis.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,x-6s-customid
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
https://www.varonis.com
access-control-max-age
1800
date
Wed, 20 Sep 2023 19:57:12 GMT
server
nginx
collect
www.google-analytics.com/j/ 		16 B
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=217637217&t=pageview&_s=1&dl=https%3A%2F%2Fwww.varonis.com%2Fblog%2Fokta-attack-vectors%3Futm_medium%3Demail%26amp%3B_hsmi%3D274892453%26amp%3B_hsenc%3Dp2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA%26amp%3Butm_content%3D274892453%26amp%3Butm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=CrossTalk%20and%20Secret%20Agent%3A%20Two%20Attack%20Vectors%20on%20Okta%27s%20Identity%20Suite&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEAjAAAAACAAI~&jid=1682653919&gjid=1181466257&cid=1853629191.1695239832&tid=UA-2019109-1&_gid=1390116326.1695239832&_r=1&_slc=1&gtm=45He39i0n81KMGCX7V&z=979368982
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a04f7efa05c1f9212a79b715568b9976977a4d8e8f0c7ee571ab4f71bf32ccc3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 19:57:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.varonis.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
sa.css
tags.srv.stackadapt.com/ 		65 B
203 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.57.3.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-3-170.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
f5e4c924ddecf4d71a62054f35ddb28bfad061ee1e7535c8a7e893724f390942

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 20 Sep 2023 19:57:12 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
65
content-type
text/css
sa.jpeg
tags.srv.stackadapt.com/ 		0
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.57.3.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-3-170.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 20 Sep 2023 19:57:12 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
651
content-type
image/jpeg
sa.jpeg
tags.srv.stackadapt.com/ 		0
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.57.3.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-3-170.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 20 Sep 2023 19:57:12 GMT
cache-control
only-if-cached, no-transform, private, max-age=7776000
content-length
651
content-type
image/jpeg
img.gif
b.6sc.co/v1/beacon/ 		43 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=08f833d2e9af1f124e201163df927e7c&svisitor=null&visitor=ee2b578a-1f47-438b-8da8-3d994f9bcf54&session=3c274f60-aea0-4250-8038-339840866b58&event=ipv6&q=%7B%22address%22%3A%222a03%3A1b20%3A6%3Af011%3A%3A1e%22%7D&isIframe=false&m=%7B%22description%22%3A%22Varonis%20Threat%20Labs%20discovered%20and%20disclosed%20two%20attack%20vectors%20on%20Okta%27s%20identity%20suite%3A%20CrossTalk%20and%20Secret%20Agent.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CrossTalk%20and%20Secret%20Agent%3A%20Two%20Attack%20Vectors%20on%20Okta%27s%20Identity%20Suite%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.varonis.com%2Fblog%2Fokta-attack-vectors%3Futm_medium%3Demail%26amp%3B_hsmi%3D274892453%26amp%3B_hsenc%3Dp2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA%26amp%3Butm_content%3D274892453%26amp%3Butm_source%3Dhs_email&pageViewId=8abb157c-8345-445b-8573-5446d8ccfed6&v=1.1.6
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.251.7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-7.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:12 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 18 Feb 2023 00:49:36 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f020a0-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
tp2
c2.ktxlytics.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2.ktxlytics.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.188.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-188-169.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.varonis.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.varonis.com
access-control-max-age
600
content-length
0
date
Wed, 20 Sep 2023 19:57:12 GMT
server
nginx
tp2
c2.ktxlytics.io/com.snowplowanalytics.snowplow/ 		2 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2.ktxlytics.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.188.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-188-169.compute-1.amazonaws.com
Software
nginx /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
https://www.varonis.com
date
Wed, 20 Sep 2023 19:57:12 GMT
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
server
nginx
content-length
2
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
v1
c2.ktxlytics.io/com.snowplowanalytics.iglu/
Redirect Chain
  • https://ib.adnxs.com/getuid?https://c2.ktxlytics.io/com.snowplowanalytics.iglu/v1?schema=iglu:io.kortx/dsp_sync/jsonschema/1-0-0&aid=6621358&dsp_type=adnxs&p=web&dsp_uid=$UID
  • https://c2.ktxlytics.io/com.snowplowanalytics.iglu/v1?schema=iglu:io.kortx/dsp_sync/jsonschema/1-0-0&aid=6621358&dsp_type=adnxs&p=web&dsp_uid=4828842153841139391
  • https://c2.ktxlytics.io/com.snowplowanalytics.iglu/v1?dsp_uid=4828842153841139391&aid=6621358&n3pc=true&schema=iglu:io.kortx/dsp_sync/jsonschema/1-0-0&p=web&dsp_type=adnxs
43 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c2.ktxlytics.io/com.snowplowanalytics.iglu/v1?dsp_uid=4828842153841139391&aid=6621358&n3pc=true&schema=iglu:io.kortx/dsp_sync/jsonschema/1-0-0&p=web&dsp_type=adnxs
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Server
184.73.188.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-188-169.compute-1.amazonaws.com
Software
nginx /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:12 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
43

Redirect headers

date
Wed, 20 Sep 2023 19:57:12 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
location
https://c2.ktxlytics.io/com.snowplowanalytics.iglu/v1?dsp_uid=4828842153841139391&aid=6621358&n3pc=true&schema=iglu:io.kortx/dsp_sync/jsonschema/1-0-0&p=web&dsp_type=adnxs
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
0
/
px.ads.linkedin.com/wa/ 		0
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 20 Sep 2023 19:57:11 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 808A588C75F149B891F547F50661AD8A Ref B: FRAEDGE1416 Ref C: 2023-09-20T19:57:12Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
access-control-allow-origin
https://www.varonis.com
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYFz8gBbEVSltMPD4hatA==
148008183.js
bat.bing.com/p/action/ 		0
116 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/148008183.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Wed, 20 Sep 2023 19:57:11 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F3FF1E144B9E4D00B26FB261BBA85417 Ref B: FRAEDGE1718 Ref C: 2023-09-20T19:57:12Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=148008183&tm=gtm002&Ver=2&mid=a1c11faa-9669-458a-815b-f328031b0e9a&sid=e381ddf057ef11eeb64323785c511e8c&vid=e382157057ef11eea5e5e74afc80b1bf&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=CrossTalk%20and%20Secret%20Agent%3A%20Two%20Attack%20Vectors%20on%20Okta%27s%20Identity%20Suite&p=https%3A%2F%2Fwww.varonis.com%2Fblog%2Fokta-attack-vectors%3Futm_medium%3Demail%26amp%3B_hsmi%3D274892453%26amp%3B_hsenc%3Dp2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA%26amp%3Butm_content%3D274892453%26amp%3Butm_source%3Dhs_email&r=&lt=884&evt=pageLoad&sv=1&rn=150293
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 20 Sep 2023 19:57:11 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C36AC646EB464CF1A2F17974909BBD61 Ref B: FRAEDGE1718 Ref C: 2023-09-20T19:57:12Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=23300%2C4766249&time=1695239832091&url=https%3A%2F%2Fwww.varonis.com%2Fblog%2Fokta-attack-vectors%3Futm_medium%3Demail%26amp%3B_hsmi%3D274892453%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=23300%2C4766249&time=1695239832091&url=https%3A%2F%2Fwww.varonis.com%2Fblog%2Fokta-attack-vectors%3Futm_medium%3Demail%26amp%3B_hsmi%3D274892453%2...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=23300%2C4766249&time=1695239832091&url=https%3A%2F%2Fwww.varonis.com%2Fblog%2Fokta-attack-vectors%3Futm_medium%3Demail%26amp%3B_hsmi%3D274892453%...
0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=23300%2C4766249&time=1695239832091&url=https%3A%2F%2Fwww.varonis.com%2Fblog%2Fokta-attack-vectors%3Futm_medium%3Demail%26amp%3B_hsmi%3D274892453%26amp%3B_hsenc%3Dp2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA%26amp%3Butm_content%3D274892453%26amp%3Butm_source%3Dhs_email&tm=gtmv2&cookiesTest=true&e_ipv6=AQIKd_ASLfHMCgAAAYq0KwMLwI4SHPhwQ6-ZNGxW0WPf7psJm4phukg61-OKz_mInexTAyeO
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:12 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 18DD2788E59C4C2BADD8E70D5C3920D6 Ref B: FRAEDGE1117 Ref C: 2023-09-20T19:57:12Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYFz8gKYIkO7CkKk5Jryg==

Redirect headers

date
Wed, 20 Sep 2023 19:57:12 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: E2E87B495FF84F76AA05848E00024F89 Ref B: FRAEDGE1416 Ref C: 2023-09-20T19:57:12Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=23300%2C4766249&time=1695239832091&url=https%3A%2F%2Fwww.varonis.com%2Fblog%2Fokta-attack-vectors%3Futm_medium%3Demail%26amp%3B_hsmi%3D274892453%26amp%3B_hsenc%3Dp2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA%26amp%3Butm_content%3D274892453%26amp%3Butm_source%3Dhs_email&tm=gtmv2&cookiesTest=true&e_ipv6=AQIKd_ASLfHMCgAAAYq0KwMLwI4SHPhwQ6-ZNGxW0WPf7psJm4phukg61-OKz_mInexTAyeO
x-li-proto
http/2
content-length
0
x-li-uuid
AAYFz8gDwp0aeKybOPXoow==
view
js.hs-banner.com/v2/activity/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/activity/view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.varonis.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://www.varonis.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age
604800
cf-cache-status
DYNAMIC
cf-ray
809ca2d6ea3935f0-FRA
content-length
0
content-type
application/octet-stream
date
Wed, 20 Sep 2023 19:57:12 GMT
server
cloudflare
timing-allow-origin
*
vary
origin
x-envoy-upstream-service-time
5
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-qh8zw
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
2143b8f5-a8d8-43b7-ba87-fd2c3d37b0b3
x-request-id
2143b8f5-a8d8-43b7-ba87-fd2c3d37b0b3
view
js.hs-banner.com/v2/activity/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/activity/view
Requested by
Host: js.hs-banner.com
URL: https://js.hs-banner.com/v2/142972/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Sep 2023 19:57:12 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator, envoyset-translator
x-hubspot-correlation-id
44a25a26-5b8c-4f88-801a-4e261b6b5eaa
x-envoy-upstream-service-time
25
x-evy-trace-route-configuration
listener_http/all, listener_https/all
x-evy-trace-listener
listener_http, listener_https
x-request-id
44a25a26-5b8c-4f88-801a-4e261b6b5eaa
server
cloudflare
x-trace
2BA029340AE9B12BA16F69CF94666A4178FFDF07F0000000000000000000
vary
origin
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-evy-trace-virtual-host
all, all
x-evy-trace-served-by-pod
iad02/private-hubapi-td/envoy-proxy-f7f6cdc9d-p48jn, iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-ww4tr
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-origin
https://www.varonis.com
access-control-allow-credentials
true
access-control-max-age
604800
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
809ca2d9bf7535f0-FRA
Lato-Bold.woff2
js.hs-banner.com/v2/fonts/Lato/ 		181 KB
182 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/fonts/Lato/Lato-Bold.woff2
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae88fc0d7a961832f809527d30bd3983a6866d42f66a56ade23f543681594db6

Request headers

Referer
https://www.varonis.com/
Origin
https://www.varonis.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:12 GMT
x-amz-version-id
sfEPVBYCXt80T0z5ul_KVf4SJIaFn86j
cf-cache-status
HIT
x-amz-request-id
WNBHMRSKTHFGJCR5
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
b08d16a2-63b3-436a-b52d-94c8a03aee4b
age
1795354
x-envoy-upstream-service-time
53
content-length
184912
x-amz-id-2
ZbE/ZKnLBtIROVcTkjhRePSHvZYkbQyOa574qQCukJwQIK0THfXqSCXPsbzXX+03uVNF1rrdzKk65LPKy8LIROjm0gdPHr3K
x-evy-trace-listener
listener_https
x-request-id
b08d16a2-63b3-436a-b52d-94c8a03aee4b
x-evy-trace-route-configuration
listener_https/all
last-modified
Mon, 12 Sep 2022 19:35:53 GMT
server
cloudflare
etag
"cccb897485813c7c256901dbca54ecf2"
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
binary/octet-stream
access-control-allow-origin
https://www.varonis.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age
604800
access-control-allow-credentials
true
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
809ca2d6ea3435f0-FRA
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-ns2gd
collect
stats.g.doubleclick.net/j/ 		4 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2019109-1&cid=1853629191.1695239832&jid=1682653919&gjid=1181466257&_gid=1390116326.1695239832&_u=aGBAAEAiAAAAACAAI~&z=287606118
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 20 Sep 2023 19:57:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.varonis.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		259 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-36XYNTY1LS&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
397b705ce0e8c1bcf346cb266343c8471a8586efd39a6a24af585df21980e16c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87025
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 20 Sep 2023 19:57:12 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=179650485736885&ev=PageView&dl=https%3A%2F%2Fwww.varonis.com%2Fblog%2Fokta-attack-vectors%3Futm_medium%3Demail%26amp%3B_hsmi%3D274892453%26amp%3B_hsenc%3Dp2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA%26amp%3Butm_content%3D274892453%26amp%3Butm_source%3Dhs_email&rl=&if=false&ts=1695239832273&sw=1600&sh=1200&v=2.9.127&r=stable&ec=0&o=30&fbp=fb.1.1695239832267.1260114620&cs_est=true&it=1695239831904&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 20 Sep 2023 19:57:12 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2019109-1&cid=1853629191.1695239832&jid=1682653919&_u=aGBAAEAiAAAAACAAI~&z=1612767342
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 19:57:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2019109-1&cid=1853629191.1695239832&jid=1682653919&_u=aGBAAEAiAAAAACAAI~&z=1612767342
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 19:57:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
saq_pxl
tags.srv.stackadapt.com/ 		138 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=7DZRzfkZdpma72wkdfbzjA&is_js=true&landing_url=https%3A%2F%2Fwww.varonis.com%2Fblog%2Fokta-attack-vectors%3Futm_medium%3Demail%26amp%3B_hsmi%3D274892453%26amp%3B_hsenc%3Dp2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA%26amp%3Butm_content%3D274892453%26amp%3Butm_source%3Dhs_email&t=CrossTalk%20and%20Secret%20Agent%3A%20Two%20Attack%20Vectors%20on%20Okta%27s%20Identity%20Suite&tip=qyKA9Fu7315rKBrbMxkjtjDUarPEPO9YEc7siYZRPXE&host=https://www.varonis.com&sa_conv_data_css_value=&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd98ea29eeb02b859524576b50dfd0b29f7b9d59b83&sa-user-id-v3=s%253AAQAKIFAHwTA_guBL6flNYxVxRr7KyB_dUIB-Ayk2vYYrM8h3EHwYBCCXna2oBjABOgSEo62DQgRzROsG.BJeTYYBcTvSNbAE6bvE0iyLlyYkYHX%252BzryQPZ7AYWHQ&sa-user-id-v2=s%253AjqKe6wK4WVJFdrUN_Qsp97nVm4M.BwGyLXTO8RycSO9DxE7oKEwM6RsCUn4Ttzomd%252FlEKDo&sa-user-id=s%253A0-8ea29eeb-02b8-5952-4576-b50dfd0b29f7.qIgg9Cp0VxKg%252FHjARNkC3328wW58djl7UzaDL1Xesfw
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.57.3.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-3-170.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4c44f2530c3ac21026f573063037fb4c549666d7ac9887ece6671852cfcd8f67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-origin
https://www.varonis.com
date
Wed, 20 Sep 2023 19:57:12 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
138
access-control-allow-methods
GET
content-type
text/plain; charset=utf-8
collect
region1.analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-36XYNTY1LS&_ono=1&gtm=45je39i0&_p=217637217&_gaz=1&ul=en-us&sr=1600x1200&cid=1853629191.1695239832&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.varonis.com%2Fblog%2Fokta-attack-vectors%3Futm_medium%3Demail%26amp%3B_hsmi%3D274892453%26amp%3B_hsenc%3Dp2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA%26amp%3Butm_content%3D274892453%26amp%3Butm_source%3Dhs_email&dt=CrossTalk%20and%20Secret%20Agent%3A%20Two%20Attack%20Vectors%20on%20Okta%27s%20Identity%20Suite&sid=1695239832&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-36XYNTY1LS&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 19:57:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.varonis.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-36XYNTY1LS&cid=1853629191.1695239832&gtm=45je39i0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-36XYNTY1LS&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 19:57:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.varonis.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-36XYNTY1LS&cid=1853629191.1695239832&gtm=45je39i0&aip=1&z=1628203322
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Sep 2023 19:57:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
saq_pxl
tags.srv.stackadapt.com/ 		116 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=_9vH_OIoGoaDi4-zdBz9Vg&is_js=true&landing_url=https%3A%2F%2Fwww.varonis.com%2Fblog%2Fokta-attack-vectors%3Futm_medium%3Demail%26amp%3B_hsmi%3D274892453%26amp%3B_hsenc%3Dp2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA%26amp%3Butm_content%3D274892453%26amp%3Butm_source%3Dhs_email&t=CrossTalk%20and%20Secret%20Agent%3A%20Two%20Attack%20Vectors%20on%20Okta%27s%20Identity%20Suite&tip=qyKA9Fu7315rKBrbMxkjtjDUarPEPO9YEc7siYZRPXE&host=https://www.varonis.com&sa_conv_data_css_value=%270-8ea29eeb-02b8-5952-4576-b50dfd0b29f7%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd98ea29eeb02b859524576b50dfd0b29f7b9d59b83&sa-user-id-v3=s%253AAQAKIFAHwTA_guBL6flNYxVxRr7KyB_dUIB-Ayk2vYYrM8h3EHwYBCCXna2oBjABOgSEo62DQgRzROsG.BJeTYYBcTvSNbAE6bvE0iyLlyYkYHX%252BzryQPZ7AYWHQ&sa-user-id-v2=s%253AjqKe6wK4WVJFdrUN_Qsp97nVm4M.BwGyLXTO8RycSO9DxE7oKEwM6RsCUn4Ttzomd%252FlEKDo&sa-user-id=s%253A0-8ea29eeb-02b8-5952-4576-b50dfd0b29f7.qIgg9Cp0VxKg%252FHjARNkC3328wW58djl7UzaDL1Xesfw
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.57.3.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-3-170.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
8a39c9a54d501af3dd7c8f12245da41406f0f6a1843fd660b5dce5e6d10971da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-origin
https://www.varonis.com
date
Wed, 20 Sep 2023 19:57:12 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
116
access-control-allow-methods
GET
content-type
text/plain; charset=utf-8
i
scout.salesloft.com/ 		48 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://scout.salesloft.com/i
Requested by
Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.202.224.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-224-54.compute-1.amazonaws.com
Software
/
Resource Hash
c84a522adc594fa078bc3d94c2d3890f35d66ebc4245aca1d6d505cb8f097c41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.varonis.com
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
48
x-request-id
d14b0b275a1679e36570cf97f92bd91c
/
www.facebook.com/tr/ Frame 3657 		0
49 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.varonis.com
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.varonis.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 20 Sep 2023 19:57:12 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
img.gif
b.6sc.co/v1/beacon/ 		43 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=08f833d2e9af1f124e201163df927e7c&svisitor=null&visitor=ee2b578a-1f47-438b-8da8-3d994f9bcf54&session=3c274f60-aea0-4250-8038-339840866b58&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2020%20Sep%202023%2019%3A57%3A12%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2020%20Sep%202023%2019%3A57%3A11%20GMT%22%2C%22timeSpent%22%3A%221009%22%2C%22totalTimeSpent%22%3A%221009%22%7D&isIframe=false&m=%7B%22description%22%3A%22Varonis%20Threat%20Labs%20discovered%20and%20disclosed%20two%20attack%20vectors%20on%20Okta%27s%20identity%20suite%3A%20CrossTalk%20and%20Secret%20Agent.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CrossTalk%20and%20Secret%20Agent%3A%20Two%20Attack%20Vectors%20on%20Okta%27s%20Identity%20Suite%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.varonis.com%2Fblog%2Fokta-attack-vectors%3Futm_medium%3Demail%26amp%3B_hsmi%3D274892453%26amp%3B_hsenc%3Dp2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA%26amp%3Butm_content%3D274892453%26amp%3Butm_source%3Dhs_email&pageViewId=8abb157c-8345-445b-8573-5446d8ccfed6&v=1.1.6
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.251.7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-7.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:13 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Fri, 21 Feb 2020 18:57:20 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e502810-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
zi-tag.js
js.zi-scripts.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.zi-scripts.com/zi-tag.js
Requested by
Host: www.varonis.com
URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.140.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-140-103.hel51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c365a59132dd34b492cb3a77d534078dd35cbbf75dbb2eabbe328642b74a291b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id
Rt6XPSKiJ8UdHSAhNzDbvtFnl_cNNgVn
content-encoding
gzip
via
1.1 06ef4e5ae64b0b7defaeafbb170bba26.cloudfront.net (CloudFront)
date
Wed, 20 Sep 2023 03:16:32 GMT
last-modified
Mon, 24 Jul 2023 07:50:42 GMT
server
AmazonS3
x-amz-cf-pop
HEL51-P3
age
60042
etag
W/"4eb0c668e820abe414d19a11b92dd0fa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
BOTdhj0xiLAZEDT9ejc6tWwye2uYWJtmLxJyV1CLKs0YvBPP2rY66g==
__ptq.gif
track.hubspot.com/ 		45 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3298999280&v=1.1&a=142972&pi=98243756052&ct=blog-post&ccu=https%3A%2F%2Fwww.varonis.com%2Fblog%2Fokta-attack-vectors&cpi=98243756052&cgi=740355147&lpi=98243756052&lvi=98243756052&lvc=en&pu=https%3A%2F%2Fwww.varonis.com%2Fblog%2Fokta-attack-vectors%3Futm_medium%3Demail%26amp%3B_hsmi%3D274892453%26amp%3B_hsenc%3Dp2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA%26amp%3Butm_content%3D274892453%26amp%3Butm_source%3Dhs_email&t=CrossTalk+and+Secret+Agent%3A+Two+Attack+Vectors+on+Okta%27s+Identity+Suite&cts=1695239833055&rv=1&vi=95757993e94de35de03d2e6a71ba4cd8&nc=true&ce=false&cc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
0d7dca22-e317-44f4-ae59-1c36cbad4203
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
11
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
0d7dca22-e317-44f4-ae59-1c36cbad4203
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u216wBuRNVObg230mI5pQTUor4P4gBsDYo2GK0rxEj5dC61y%2FPb%2FiACQxiG3tbQXgiihmfGz8k%2BERwBuf87%2FUKpRJmSPylU6ZbIzTEOEuWVXubzZem3wjMYKV5jqiYcw8GkmclZpLV6SK6zL9nC0"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-8555d4b97d-78r47
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
809ca2dcae98383b-FRA
x-robots-tag
none
getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.140.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-140-103.hel51.r.cloudfront.net
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,visited_url
Access-Control-Request-Method
GET
Origin
https://www.varonis.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
0
apigw-requestid
Lkk4AiksvHcET6A=
date
Wed, 20 Sep 2023 19:57:13 GMT
vary
Access-Control-Request-Headers
via
1.1 5ddfda8d976a2fe129eb3dd155175cb0.cloudfront.net (CloudFront)
x-amz-cf-id
aOHpuQSBDwbCko0H24Bu5XmH1AxPU2ZHnxUEnKwUdWH-L1SCWR6ovQ==
x-amz-cf-pop
HEL51-P3
x-cache
Miss from cloudfront
x-powered-by
Express
getSubscriptions
js.zi-scripts.com/unified/v1/master/ 		146 B
510 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by
Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.140.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-140-103.hel51.r.cloudfront.net
Software
/ Express
Resource Hash
bf86bcb893f6ec7873501de43e42570245fb8eb2c48f52c848d036aefc867554

Request headers

Content-Type
application/json
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
accept-language
de-DE,de;q=0.9
Authorization
Bearer f17f1ae9341679920418
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
visited_url
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email

Response headers

date
Wed, 20 Sep 2023 19:57:13 GMT
via
1.1 5ddfda8d976a2fe129eb3dd155175cb0.cloudfront.net (CloudFront)
x-amz-cf-pop
HEL51-P3
x-powered-by
Express
etag
W/"92-4ArHsus6MpeqAUFW4eFNylke1Vw"
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
content-length
146
apigw-requestid
Lkk4FhnrPHcESFQ=
x-amz-cf-id
YkIbE0kAaylKNc3v2BS3MIy9scVCIBkSUNrTyiKksqrc1_oQE6KldA==
img.gif
b.6sc.co/v1/beacon/ 		43 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=08f833d2e9af1f124e201163df927e7c&svisitor=null&visitor=ee2b578a-1f47-438b-8da8-3d994f9bcf54&session=3c274f60-aea0-4250-8038-339840866b58&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2020%20Sep%202023%2019%3A57%3A13%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2020%20Sep%202023%2019%3A57%3A12%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222010%22%7D&isIframe=false&m=%7B%22description%22%3A%22Varonis%20Threat%20Labs%20discovered%20and%20disclosed%20two%20attack%20vectors%20on%20Okta%27s%20identity%20suite%3A%20CrossTalk%20and%20Secret%20Agent.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CrossTalk%20and%20Secret%20Agent%3A%20Two%20Attack%20Vectors%20on%20Okta%27s%20Identity%20Suite%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.varonis.com%2Fblog%2Fokta-attack-vectors%3Futm_medium%3Demail%26amp%3B_hsmi%3D274892453%26amp%3B_hsenc%3Dp2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA%26amp%3Butm_content%3D274892453%26amp%3Butm_source%3Dhs_email&pageViewId=8abb157c-8345-445b-8573-5446d8ccfed6&v=1.1.6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.251.7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-7.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:14 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 18 Feb 2023 02:04:22 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f03226-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
/
ws.zoominfo.com/pixel/DNPOKtRYpkAfQBCiqMLF/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/pixel/DNPOKtRYpkAfQBCiqMLF/?iszitag=true
Requested by
Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
80b8c7a9e987e96ecebef2132a06900032203e4dfdaebcc3947206b239527570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
_vtok
MTg1LjIxMy4xNTUuMTMx
_zitok
0f7f3af6c571447900281695239833
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/javascript

Response headers

date
Wed, 20 Sep 2023 19:57:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://www.varonis.com
access-control-allow-credentials
true
cf-ray
809ca2e38e0e3a43-FRA
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok
alt-svc
h3=":443"; ma=86400
/
ws.zoominfo.com/pixel/DNPOKtRYpkAfQBCiqMLF/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/pixel/DNPOKtRYpkAfQBCiqMLF/?iszitag=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
_vtok,_zitok,content-type
Access-Control-Request-Method
GET
Origin
https://www.varonis.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok
access-control-allow-origin
https://www.varonis.com
allow
GET,HEAD
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
809ca2e2a881bbf5-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 20 Sep 2023 19:57:14 GMT
server
cloudflare
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Express
img.gif
b.6sc.co/v1/beacon/ 		43 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=08f833d2e9af1f124e201163df927e7c&svisitor=null&visitor=ee2b578a-1f47-438b-8da8-3d994f9bcf54&session=3c274f60-aea0-4250-8038-339840866b58&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2020%20Sep%202023%2019%3A57%3A14%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2020%20Sep%202023%2019%3A57%3A13%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223011%22%7D&isIframe=false&m=%7B%22description%22%3A%22Varonis%20Threat%20Labs%20discovered%20and%20disclosed%20two%20attack%20vectors%20on%20Okta%27s%20identity%20suite%3A%20CrossTalk%20and%20Secret%20Agent.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CrossTalk%20and%20Secret%20Agent%3A%20Two%20Attack%20Vectors%20on%20Okta%27s%20Identity%20Suite%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.varonis.com%2Fblog%2Fokta-attack-vectors%3Futm_medium%3Demail%26amp%3B_hsmi%3D274892453%26amp%3B_hsenc%3Dp2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA%26amp%3Butm_content%3D274892453%26amp%3Butm_source%3Dhs_email&pageViewId=8abb157c-8345-445b-8573-5446d8ccfed6&v=1.1.6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.251.7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-7.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:15 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Tue, 05 Oct 2021 22:17:52 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"615ccf10-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=08f833d2e9af1f124e201163df927e7c&svisitor=null&visitor=ee2b578a-1f47-438b-8da8-3d994f9bcf54&session=3c274f60-aea0-4250-8038-339840866b58&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2020%20Sep%202023%2019%3A57%3A15%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2020%20Sep%202023%2019%3A57%3A14%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224012%22%7D&isIframe=false&m=%7B%22description%22%3A%22Varonis%20Threat%20Labs%20discovered%20and%20disclosed%20two%20attack%20vectors%20on%20Okta%27s%20identity%20suite%3A%20CrossTalk%20and%20Secret%20Agent.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CrossTalk%20and%20Secret%20Agent%3A%20Two%20Attack%20Vectors%20on%20Okta%27s%20Identity%20Suite%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.varonis.com%2Fblog%2Fokta-attack-vectors%3Futm_medium%3Demail%26amp%3B_hsmi%3D274892453%26amp%3B_hsenc%3Dp2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA%26amp%3Butm_content%3D274892453%26amp%3Butm_source%3Dhs_email&pageViewId=8abb157c-8345-445b-8573-5446d8ccfed6&v=1.1.6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.251.7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-7.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:16 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Fri, 21 Feb 2020 18:57:20 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e502810-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=08f833d2e9af1f124e201163df927e7c&svisitor=null&visitor=ee2b578a-1f47-438b-8da8-3d994f9bcf54&session=3c274f60-aea0-4250-8038-339840866b58&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2020%20Sep%202023%2019%3A57%3A16%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2020%20Sep%202023%2019%3A57%3A15%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%225012%22%7D&isIframe=false&m=%7B%22description%22%3A%22Varonis%20Threat%20Labs%20discovered%20and%20disclosed%20two%20attack%20vectors%20on%20Okta%27s%20identity%20suite%3A%20CrossTalk%20and%20Secret%20Agent.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22CrossTalk%20and%20Secret%20Agent%3A%20Two%20Attack%20Vectors%20on%20Okta%27s%20Identity%20Suite%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.varonis.com%2Fblog%2Fokta-attack-vectors%3Futm_medium%3Demail%26amp%3B_hsmi%3D274892453%26amp%3B_hsenc%3Dp2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA%26amp%3Butm_content%3D274892453%26amp%3Butm_source%3Dhs_email&pageViewId=8abb157c-8345-445b-8573-5446d8ccfed6&v=1.1.6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.86.251.7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-7.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 19:57:17 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Fri, 21 Feb 2020 18:57:20 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e502810-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
info.varonis.com
URL
https://info.varonis.com/hubfs/raw_assets/public/hook-www-varonis/fonts/Graphik-RegularItalic-Cy-Web.woff2
Domain
info.varonis.com
URL
https://info.varonis.com/hubfs/raw_assets/public/hook-www-varonis/fonts/Graphik-RegularItalic-Cy-Web.woff

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture function| $ function| jQuery function| hsjQuery object| dataLayer object| _hsp object| __core-js_shared__ object| Sslac object| IN object| _self object| Prism object| __gcse object| hsVars function| hs_i18n_log function| hs_i18n_substituteStrings function| hs_i18n_insertPlaceholders function| hs_i18n_getMessage undefined| module_71662020467 function| i18n_getmessage function| i18n_getlanguage undefined| module_97266453797 undefined| module_96126751858 undefined| module_125777074029 undefined| module_115948073023 undefined| module_60280511003 undefined| module_87397221683 object| _hsq function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| GooglebQhCsO function| rdt function| fbq function| _fbq string| SLScoutObject function| slscout object| vidDefer function| saq function| _saq function| twq function| processEpsilonData string| epsilonName boolean| enabled function| callback number| version object| _6si string| _linkedin_data_partner_id object| _linkedin_data_partner_ids boolean| _already_called_lintrk object| GlobalKORTXNamespace function| kortx object| zi string| ZIProjectKey function| plausible function| jsonpHandler object| element undefined| textContent object| FB object| __twttrll object| twttr object| __twttr object| gaplugins object| gaGlobal object| gaData boolean| hubspot_live_messages_running object| HubSpotConversations object| Bizible object| BizTrackingA object| BizA object| _vis_opt_queue object| LC_API object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol function| _googCsa number| nextSearchboxId object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels object| regeneratorRuntime object| process function| onYouTubeIframeAPIReady object| __buffer boolean| _storagePopulated function| UET function| UET_init function| UET_push object| _paq function| sanitizeKey boolean| _hstc_loaded function| _typeof object| Snowplow function| lintrk object| ORIBILI object| ueto_ed15e19732 object| uetq number| googleNDT_ number| googleAltLoader boolean| _hspb_loaded boolean| _hspb_ran string| res object| saCookies string| current_window_url_param boolean| _hstc_ran string| __hsUserToken number| expireDateTime object| zitag object| ziws

57 Cookies

Domain/Path Name / Value
.www.varonis.com/ Name: __cf_bm
Value: WdIOEeD9Y5K0P43gorDHM3vFSLc96bHvxFx_4bOuFU0-1695239830-0-AQ9Is9b7QdEHzknjRy6ti5uMyZCSYktUUnj3c2chGSQP5xBbW+GtRftn57qHoAdT8Toy0YrWnwplAqmG+/dr6Uk=
.www.varonis.com/ Name: __cfruid
Value: 3b8ead3995b7a35548eb6eb677357e381928a8c9-1695239830
.varonis.com/ Name: visid_incap_2074238
Value: lU8Sngx1ThaBBdMHGFxwP5ZOC2UAAAAAQUIPAAAAAAD4iZBZa/gbK6gl4aZICKDo
.varonis.com/ Name: nlbi_2074238
Value: TnBbRmN02mKORjSbV8um7wAAAACaZnYY23qxS5SJVuzdf+1o
.varonis.com/ Name: incap_ses_8219_2074238
Value: NhcuUXygK3uiQSPKTMIPcpZOC2UAAAAAvqwnisN/ysjsUfSezAe7sw==
.varonis.com/ Name: _gcl_au
Value: 1.1.1994974298.1695239831
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.adnxs.com/ Name: uuid2
Value: 4828842153841139391
.varonis.com/ Name: _gid
Value: GA1.2.1390116326.1695239832
tags.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-8ea29eeb-02b8-5952-4576-b50dfd0b29f7.qIgg9Cp0VxKg%2FHjARNkC3328wW58djl7UzaDL1Xesfw
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-8ea29eeb-02b8-5952-4576-b50dfd0b29f7.qIgg9Cp0VxKg%2FHjARNkC3328wW58djl7UzaDL1Xesfw
tags.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AjqKe6wK4WVJFdrUN_Qsp97nVm4M.BwGyLXTO8RycSO9DxE7oKEwM6RsCUn4Ttzomd%2FlEKDo
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AjqKe6wK4WVJFdrUN_Qsp97nVm4M.BwGyLXTO8RycSO9DxE7oKEwM6RsCUn4Ttzomd%2FlEKDo
tags.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIFAHwTA_guBL6flNYxVxRr7KyB_dUIB-Ayk2vYYrM8h3EHwYBCCXna2oBjABOgSEo62DQgRzROsG.BJeTYYBcTvSNbAE6bvE0iyLlyYkYHX%2BzryQPZ7AYWHQ
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIFAHwTA_guBL6flNYxVxRr7KyB_dUIB-Ayk2vYYrM8h3EHwYBCCXna2oBjABOgSEo62DQgRzROsG.BJeTYYBcTvSNbAE6bvE0iyLlyYkYHX%2BzryQPZ7AYWHQ
.varonis.com/ Name: _biz_uid
Value: 2092d1ea98e944728433b9d533702b3e
.varonis.com/ Name: _biz_sid
Value: 6d5e11
.varonis.com/ Name: _biz_nA
Value: 1
.bizible.com/ Name: _BUID
Value: 2092d1ea98e944728433b9d533702b3e
.bizibly.com/ Name: _BUID
Value: 78851e7248f9775b6d584b6687b8904a
.varonis.com/ Name: _rdt_uuid
Value: 1695239831701.044b3253-afc4-4698-87c4-ddec5516c8fb
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2GU(k@$IG!]tbP6j2F-XstGt!@DeY$odRp
www.varonis.com/ Name: _gd_visitor
Value: ee2b578a-1f47-438b-8da8-3d994f9bcf54
www.varonis.com/ Name: _gd_session
Value: 3c274f60-aea0-4250-8038-339840866b58
.t.co/ Name: muc_ads
Value: 586e2aa5-e7bf-4492-91fd-84d62c9f02ad
.hubspot.com/ Name: __cf_bm
Value: .7XE8Vyl1jSGr56krn0GochU47wwaE.Pq7gughHvHOU-1695239831-0-AaRTBVu5QFy3EQWvuj38ItTeH3rI+PgNaw149MQJmtQvcPr9I9Pnc+2Spy0PUEcpdMoCXRc/WqujHqCBBuuP4gk=
.varonis.com/ Name: _ga
Value: GA1.1.1853629191.1695239832
.twitter.com/ Name: guest_id_marketing
Value: v1%3A169523983181579196
.twitter.com/ Name: guest_id_ads
Value: v1%3A169523983181579196
.twitter.com/ Name: personalization_id
Value: "v1_MPXmynps9bkZ0AWweYZb/A=="
.twitter.com/ Name: guest_id
Value: v1%3A169523983181579196
.varonis.com/ Name: _biz_pendingA
Value: %5B%5D
.varonis.com/ Name: _gat_UA-2019109-1
Value: 1
www.varonis.com/ Name: sa-user-id
Value: s%253A0-8ea29eeb-02b8-5952-4576-b50dfd0b29f7.qIgg9Cp0VxKg%252FHjARNkC3328wW58djl7UzaDL1Xesfw
www.varonis.com/ Name: sa-user-id-v2
Value: s%253AjqKe6wK4WVJFdrUN_Qsp97nVm4M.BwGyLXTO8RycSO9DxE7oKEwM6RsCUn4Ttzomd%252FlEKDo
www.varonis.com/ Name: sa-user-id-v3
Value: s%253AAQAKIFAHwTA_guBL6flNYxVxRr7KyB_dUIB-Ayk2vYYrM8h3EHwYBCCXna2oBjABOgSEo62DQgRzROsG.BJeTYYBcTvSNbAE6bvE0iyLlyYkYHX%252BzryQPZ7AYWHQ
.varonis.com/ Name: _sp_ses.1082
Value: *
.varonis.com/ Name: _sp_id.1082
Value: 879380f9-baf2-4eca-aab9-4127a09c45de.1695239832.1.1695239832.1695239832.b34471ec-ec8e-4ab5-854e-a87cc1381e39
.varonis.com/ Name: _uetsid
Value: e381ddf057ef11eeb64323785c511e8c
.varonis.com/ Name: _uetvid
Value: e382157057ef11eea5e5e74afc80b1bf
.bing.com/ Name: MUID
Value: 13FABD66ADF065092057AEF4ACF064CB
.varonis.com/ Name: _ga_PCF2HBX32M
Value: GS1.1.1695239831.1.0.1695239832.0.0.0
.6sc.co/ Name: 6suuid
Value: 07d854b8c6ea1000984e0b65e200000041bd0000
.linkedin.com/ Name: lidc
Value: "b=VGST01:s=V:r=V:a=V:p=V:g=3001:u=1:x=1:i=1695239832:t=1695326232:v=2:sig=AQEgAz-AyokDwrdYnfYhyjAcbprrebxZ"
.linkedin.com/ Name: li_sugr
Value: 4869b8fc-5092-41fa-ab81-9c975fa188cd
.linkedin.com/ Name: bcookie
Value: "v=2&7c898291-f6d5-4f3f-8d51-bf59a5ff8ba4"
.varonis.com/ Name: _biz_flagsA
Value: %7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.varonis.com/ Name: _fbp
Value: fb.1.1695239832267.1260114620
.varonis.com/ Name: _ga_36XYNTY1LS
Value: GS1.2.1695239832.1.0.1695239832.60.0.0
www.varonis.com/ Name: slireg
Value: https://scout.us1.salesloft.com
www.varonis.com/ Name: sliguid
Value: 6727c7ec-8106-4fde-b59e-b043a14b9a2a
www.varonis.com/ Name: slirequested
Value: true
.ktxlytics.io/ Name: sp
Value: 96307a0f-c029-46bb-8bc8-d3c1ff7433f2
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTUyMzk4MzI7MjswMjG5AT1CgB5QtCrmpgYltx4FFj+6Es6rjTQGk3a5FxB2ug==
.www.varonis.com/ Name: _zitok
Value: 0f7f3af6c571447900281695239833
.zoominfo.com/ Name: __cf_bm
Value: 6MJXshjYvOBjeTn3O4YF0RtkCru99.WhFgqYKQOL.D4-1695239834-0-AStR7NWPLC938vyPR1BS3yDfIT02SdMtIeLy9Pyc+11hxJGk1OwtGUHdZRHw5Fly58+8DwGG4tToS7YGiWWl+oY=
.zoominfo.com/ Name: _cfuvid
Value: VB_bXhAlhVPvGpfxUmIhhbFIDQcPyQvLBRhnANA2bI8-1695239834512-0-604800000

4 Console Messages

Source Level URL
Text
javascript error URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Message:
Access to font at 'https://info.varonis.com/hubfs/raw_assets/public/hook-www-varonis/fonts/Graphik-RegularItalic-Cy-Web.woff2' from origin 'https://www.varonis.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://info.varonis.com/hubfs/raw_assets/public/hook-www-varonis/fonts/Graphik-RegularItalic-Cy-Web.woff2
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.varonis.com/blog/okta-attack-vectors?utm_medium=email&amp;_hsmi=274892453&amp;_hsenc=p2ANqtz-8l_K5Ee340xuT9vP-Y0DX59litqMPWjFrOym5HwKDBB7kUjsAklcEoN-WYROOEtUgz_MpeYtXttrjqhRh73oFBmxo7uA&amp;utm_content=274892453&amp;utm_source=hs_email
Message:
Access to font at 'https://info.varonis.com/hubfs/raw_assets/public/hook-www-varonis/fonts/Graphik-RegularItalic-Cy-Web.woff' from origin 'https://www.varonis.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://info.varonis.com/hubfs/raw_assets/public/hook-www-varonis/fonts/Graphik-RegularItalic-Cy-Web.woff
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

142972.fs1.hubspotusercontent-na1.net
alb.reddit.com
analytics.twitter.com
app.hubspot.com
b.6sc.co
bat.bing.com
c.6sc.co
c2.ktxlytics.io
cdn.bizible.com
cdn.bizibly.com
cdn2.hubspot.net
cdnjs.cloudflare.com
clients1.google.com
connect.facebook.net
cse.google.com
epsilon.6sense.com
fonts.googleapis.com
googleads.g.doubleclick.net
ib.adnxs.com
info.varonis.com
insight.adsrvr.org
ipv6.6sc.co
j.6sc.co
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.usemessages.com
js.zi-scripts.com
platform.linkedin.com
platform.twitter.com
plausible.io
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
region1.google-analytics.com
scout-cdn.salesloft.com
scout.salesloft.com
secure.adnxs.com
snap.licdn.com
static.ads-twitter.com
static.hsappstatic.net
stats.g.doubleclick.net
syndication.twitter.com
t.co
tags.srv.stackadapt.com
track.hubspot.com
trackit.ktxlytics.io
ws.zoominfo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.redditstatic.com
www.varonis.com
info.varonis.com
104.244.42.197
104.244.42.200
104.244.42.67
13.107.42.14
146.75.116.157
15.197.193.217
151.101.1.140
152.195.15.58
18.165.140.103
184.73.188.169
184.86.251.7
2001:4860:4802:32::36
2001:4860:4802:34::178
2400:52e0:1e00::1081:1
2606:2800:233:66b5:799a:7cd3:f74d:7071
2606:2800:234:59:254c:406:2366:268c
2606:4700:4400::ac40:9284
2606:4700:4400::ac40:991b
2606:4700::6810:4dba
2606:4700::6810:6fd1
2606:4700::6810:880f
2606:4700::6810:bd59
2606:4700::6811:190e
2606:4700::6811:4341
2606:4700::6811:fba8
2606:4700::6812:4ffd
2606:4700::6813:9a53
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:811::2008
2a00:1450:4001:828::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:400c:c0c::9b
2a02:26f0:3500:16::215:149a
2a02:26f0:7100::210:172
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42::396
3.69.80.35
37.252.171.53
45.60.154.169
52.202.224.54
52.222.236.4
52.57.3.170
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
0233342795c86e2079f7406bce72c481918b9ce416aedeb6b37044abae50fc8d
028818b7a4c0ee9257fa3d60459258678fcd8fd2975d5a8c3613bcdb7390cee3
029ec8d7348de8dfb772d55ef56eda2bc6052c7b6e3fd6bea990119a29d702f8
0420b36738d9457c3f40a67c69135b170861becd9bac983563b3aeada5287aa4
07d241ae62c2c40e9c20c169b35cf9bda9b3e99cba1e5ad4f86351364156c290
0b4639302db82b725feb2fb5b7c2f16d1ef8abe70409c496fe0dc777e143f45d
0cb6f39d8a05f82f410ad115fc0399272fcc6ab561a45e3cb1db333fd9a6af91
0d514e3fc3d638136890b4a1f61d2f861af3bbd8f997ca15685efbd22554538c
10426b160a932ef2b98908d2f32aca756777f9d0a90ee2d7bc334cb1629e0ddd
11fe90edd9fc5cc3d226b4445c7e08d7da16e188388b2d4f12cbbccf28ddd3b0
12feece8311f076308c2bbd3d8de66155192ea9df9a705a486f8e4684c45c5c5
1591a0e465e82e1b7788da1638637a73094e7b1c80b6ca499b0080629b901390
1844dfcf2e53bd09d8ed5aef050afc3f097924494e34ea74eb5878ea261a57c6
1dc5ff8e8d54854daa72a30a2bf8345b75255597251028dad23e18510e635b98
1f31e1ce1202bc0ee8105deb5885a4b7b389b2cf936bff83f05032c8a2cafd0a
1f5e45ba0c943167a203ccff2d9b3065c7767b1c32c33e6b21af38da1738b8a7
25955bb316da86073e7c29a4b6c4e77fce1ab6a11b59bc303474fb1e9f4c891a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
2a38c79765c38d4a14119e917bdfba2e764f2f4ee05ac1df4faada581e4399cd
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
2ef71ca3de1b4e89664ec102fe490b2abfbc80350253421c50a31bd3b22b9722
2f24b7fa64d8f44ddd36d64d9a647d13caea3756513d97abd40e3c8754efc63b
2fae5a60297629eee00794c0bf440eebf610c4d222875df575572889e6ba4cfc
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
34942d531ecf961a2a6777526aef0c7d17f28a4ce9afcac868eb132c700bfe5a
35810de334ea35ec5659e1342db16372a812be3d97daef217d83e9ced6174392
374c910a3d0a66cb9980f8322a6e4456bc556325dcfd5c61dea0eff0210e62b7
376e1b5d343786c1978dbad9ea7a0e23088947732993a91dcbad995883c96ceb
385e449b5e1299f69e3757064989c19902c326c891a94e91176ca261a8c0f27b
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
397b705ce0e8c1bcf346cb266343c8471a8586efd39a6a24af585df21980e16c
3ac0c589d242920586289eabdd93bf71f3d85bb1c6c8333d3e2deb4e173b61a4
3ac17d461ee8b27503b79e7141b02cffef51873f0f27d5c18b4454ee16a0d97a
3daf9b6a39281fdc04a57bdabe589d9aa970719d22733e04fc1ab799b7a5db49
3e3ec33ee12a3806ccaf0e816e09f4c0ed5c0b13cf67e59d0cc2fe691778869e
3f08978088fd2635efee64efe38bdf155d6258f8b547fca43381435d0048ce46
3fcc764176498837ff6623068beac324f15402c865497ccfb3021dea9e29c544
3ffd7ab24503a28bb9eb6137b4d1e1664ed138dca5d1ced6d1a98ff841a24541
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
400dc3467b8576fe7c0e6a6a949fd314e560f0afb688050d0ee517a2cd4f3cf8
41808a08e68ef9a7de2dd52bfdf6d589bcdc7f52e2ecfdbf8b1f671adce16f7f
4528e78b77fe65b0d6c730e7bc11691455d19dcefb698ebc14931cab40b8423a
456766b19e4bca3d3e998e25a416376f2158061b925f28f32527aee2ff1e28db
45c7614c18a99d6d92d12cd7f4f06a07ce88256882a8889574d265fc32eace0b
4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b7eb960a7be507e390088d7f00bed76b42b85a3303867d7da04457a51dd501d
4b9e9037912adf4cb7724b3782cb690b0c90d8d31a5c54a6bfa3f6fc60063de8
4c44f2530c3ac21026f573063037fb4c549666d7ac9887ece6671852cfcd8f67
4e2851e2522f264a3db956562801731ccb3c5cc6f58197724c59243e0ee0fd47
4e2924c80f612bf59a0cb21d31b05f0575ed143922e412e3e061bf02f5d5960a
50207c840106d4e089acf9c86aac0b2553ebdff72f1ef5f56f6797ff22973214
50888059b627a1e32ceb04646cc5a617e4747e3d9003e1cc051d33e3bcc14589
52d3da85ce89f2d11d9b35a05f01ed813023af731829a88556f028e18f881616
53226c274959b617e4cb0dacbb16ec1da2448a0c94bc09a89063ee549342df70
556e002559cacd39c9454b1fd12f4a8f0a817f64e84fd617cda08a3e46a0f3ef
5669edd3b221f82c626766804db887678c78c575a973d38b098753ec73a42b49
579b9f734819f583199cd70b03c4e919430a74dd7698921ef16465b41d934769
5a074c8ee602a0b3416f69defbab28371abb92ce73f934afa6e58ecec72b9256
5db5a02e960dde70bbf77fb6d28c61d4f6b5c291b3dd08d76a678d17c2d96420
63bd6910a6c5c7ea1a2fe140012e6fdeab1620ea376b37181c4fe254d77e037a
6436621be2b65e2d3d5edba4f50a3b6d85aa87c26f5e7bdf6e1a40783d3e562e
66e58d37cc4b8168a1bd6678e085b43e939eb138fe608b7faffe3b1ba76b0c7b
6a1f86c63c2ee772b07a6f678e7f8cd51b3aea064d83423eb213fb1df9d6b34c
6aae8874eda232ce3c720c42409914a8935af244ed20afa347d2d1b85054dfd9
6bc3c3712e26de83ecb08d0360e70ff826b4fda86e8348a3ee2208b4ab2ebad1
6e9eeec668eca70ecaaabf43de47a7332a84fa9b89172479f39c57bbd1c8582a
7308087907ae6818bb539a80b99374a148b6e270ba20105511906942cc2259eb
7a5034e01d5b47ec7eee2b3a45a23919684146c27b715f4fd863037b11b2abff
7a84b0c6cc0f01814f9906e8abfc54e56a9287c171628a2b67bdc29c56e2253c
7c0fbbadde40aed1e86f4c46ea2fc1a26749994e48dc90a5bce7fd466712d99e
7f477a278930d1e26d63ab78d76d9809da84f1ff12adc6611d77d55c54f17238
7f6b8b612b0090fdd0032dfd7071745a0b99149bc01a55cd24b40086ede2b8d7
80b8c7a9e987e96ecebef2132a06900032203e4dfdaebcc3947206b239527570
842abfe134599c5d48d4ddd88bde8d24bd36b32b22bea540837311364b7ce2c7
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89a699a152461e445320bea3f3d031de51ddb19a946183f1a439a644173e8f99
8a39c9a54d501af3dd7c8f12245da41406f0f6a1843fd660b5dce5e6d10971da
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
8e648da8a366d494100d90e0af69a2945f34e53a2c70432ea12c0303039f2351
90af140aa23f8924d938ea062cd485d58f04b3fd7885d018f910f3e9f121f8d0
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
957a85939578fa14d2371922b58dcbf67f9b769e459f38699ceee6a84751134d
95c37cf1f09574f5dbb61a679e2039cf3fc891acb3c5d8ad40a5a8133bd6afd4
99dccb6c44cc18bc3d92e4813fdf34d16c66c0ef87db910c45c2461640c18c9a
9ed2a2edca25cc1dd846e20cab22088d9c5b7991f52ff78f8ed21930fe92ad46
9fc940aebd2aa04935349e5d5da7b80c3b6eda00023c2585dc15ef785aef36cf
a04f7efa05c1f9212a79b715568b9976977a4d8e8f0c7ee571ab4f71bf32ccc3
a1a1846f2d4d1abd1379f703e256e92f3b4b138f6dc90fdd8c99c58b7ca43457
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
a40943594d5eaaa010c66254e2dc4a83d8bc53104602afda2e3b622b8e78e2f0
a4450600125b5cdb5761654bbe725c5b4fcbc8e1a89f0a14b20f77157afc5715
a5be4ce2c2076e98efabbe5f1cec7b540d8751fb0d73aa9bcc71d4961985b06f
a63251e32f276eb07ccc1dd09e2007fbb313d9391a42cff91968221b08615a07
a6cc38542df851f8b331cdd5ac0dbe9929c7968d347c62d93c22b91ef560a931
a7767e7460b2f781aa2775298df1d1a2691fbd6e83b7a4a00c1f77776c012f4e
a8499144a67d70c01a19de99fb20ca5e7da3337e44814419b9a9c867da619b2e
abca0c8e91e908e74ac96c3c17fc8660071b76bfa7a8452600153e8e762b6058
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae88fc0d7a961832f809527d30bd3983a6866d42f66a56ade23f543681594db6
ae925eb57e9822aec57086375bcf93fe910d7c6c0d83cf10bf448c5348aaf0b0
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b2c5c92cd55477571c7e757c4105315c813e710586cf1f334f809e8c93d845c1
b40e79c5d412914e928d19e3cda375d940ed037dd6a1f6d7613b894e39898094
b5ec6b8d820581f2d04713d3bea37883b0e5c2881f7bb108e13a3d63249c4867
ba1b3f329ba47639a8586777bb19db73a9c3e37954b5e72ff97df8e0ea931062
bdcfbf573b21ee8061b68699f6f84df3f83eff756c6087e2cf268bfa17359a2e
bf86bcb893f6ec7873501de43e42570245fb8eb2c48f52c848d036aefc867554
c08ffc3f238414942b195ebfaa0516e524b4e6b6c5201c52b5174f5599282a23
c365a59132dd34b492cb3a77d534078dd35cbbf75dbb2eabbe328642b74a291b
c5dccc6e612fcc65067fab7c0e43a8d8f56da7b8604de08efa0a3e347b6e8ac7
c7d2435a17074fcf9d68f3dc278cdcdbaa0591d4dc6df866c6dd1f4b4f57d2ab
c81c42ac5e8263234baf4b6815a77d43db3d7b73ccb9d83d6c70947f9cc58e72
c84a522adc594fa078bc3d94c2d3890f35d66ebc4245aca1d6d505cb8f097c41
c91333bb881074a7d4a82886d21fb690ff3fc57394327d5ed12c9d9af05dcc0b
c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f
c97a1e92043773aff19f6a1b61dcaeb22cefb8d6ae57e5dcc0139d5b34dbc384
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ce52d3c9ed8217ae0ca3dd0479d5ced16baf2de6625e0c81166471aaa956136d
cf31d510ed313a8566d08e9b4fdbf94a0a51b35718372bc4bc75d6ff5c8282a5
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
db1e2dc64218b7044da50d01d0ffb83bcdca49a35b1ab7ffcdef6736863986cc
db26d8b29b1a327012ef634e50c1e4bc3eafdf52ef35bf9bdc281be8cc2fbbf6
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd98357d2bb2982eb4e0d6ad52bdd1467161e32990a70c4f0d6a28b2a8095141
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e05ae076790852a21a47535d8a06e4ebdfc3079536d9c3f9f91d9f5b29303f0e
e07ee6ba4c8e6a8f1e3c3e4719e5214959f0564d17d4e7a1e09282be97b767e2
e3626b8beaa5cf7df6877a12a65f320097ac8bde38f80fdb82fb060420783736
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5867ad740bc719bf1309b5f65537b7ba69f2cba5e9a193679859542d1bc7f95
e78c8571835c19bd1a941799d68bc14b99413f2679d3410c41d1d4d3a00f50f4
e7b88bddc6c757b2fc8cb113e2469801ab14a78ec1a8fada4d6391e3573f5f9f
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0adb972147098e0e4d6abbd7b83952363c8eab82429760136816142d675e321
f0ce413afdfd25dfc3dd8543a57e61d54a3b01c4167bcd523f9fcaac52c4dc18
f5e4c924ddecf4d71a62054f35ddb28bfad061ee1e7535c8a7e893724f390942
fd5e0c3a0682f03217f201588e51e77bf778d5506224074918f505423f0e25a2
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a