urlscan.io logo urlscan.io
SecurityTrails logo

www.avanan.com Open in urlscan Pro
2606:4700::6811:7db4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.avanan.com/e2t/c/*W8v8XSX1sXwwNW7VP-vn8xtHpJ0/*N3J9QGbKH7FlW8xqj3T9g6Z-f0/5/f18dQhb0S8329dsQXzW6bPrSs8q5B_3...
Effective URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_sour...
Submission: On March 19 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 43 IPs in 5 countries across 33 domains to perform 145 HTTP transactions. The main IP is 2606:4700::6811:7db4, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.avanan.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on October 18th 2018. Valid for: a year.
This is the only time www.avanan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 68 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 51.140.49.131 8075 (MICROSOFT...)
3 23.111.9.35 33438 (HIGHWINDS2)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
8 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 172.217.22.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 23.111.9.38 33438 (HIGHWINDS2)
7 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 104.244.46.80 13414 (TWITTER)
1 2a02:26f0:f1:... 20940 (AKAMAI-ASN1)
1 147.75.32.173 54825 (PACKET)
5 2a03:2880:f00... 32934 (FACEBOOK)
1 143.204.208.20 16509 (AMAZON-02)
1 151.101.1.2 54113 (FASTLY)
2 45.60.13.212 19551 (INCAPSULA)
1 147.75.81.98 54825 (PACKET)
1 34.233.218.142 14618 (AMAZON-AES)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.197 13414 (TWITTER)
4 2a03:2880:f10... 32934 (FACEBOOK)
3 93.184.220.42 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:2800:234... 15133 (EDGECAST)
2 3 2620:109:c007... 197612 (LINKEDIN-1)
1 1 2620:109:c002... 14413 (LINKEDIN)
1 104.244.42.131 13414 (TWITTER)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 143.204.208.150 16509 (AMAZON-02)
1 147.75.83.82 54825 (PACKET)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 52.216.85.77 16509 (AMAZON-02)
1 2 52.213.182.186 16509 (AMAZON-02)
1 143.204.208.165 16509 (AMAZON-02)
2 143.204.208.54 16509 (AMAZON-02)
1 104.244.42.72 13414 (TWITTER)
145 43
68    2606:4700::6811:7db4 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.avanan.com
1    2606:4700::6813:c397 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
1    51.140.49.131 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
secure.leadforensics.com
3    23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
use.fontawesome.com
2    2a00:1450:4001:820::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
2    2a02:26f0:6c00:299::25eb (European Union)

ASN20940 (AKAMAI-ASN1, US)
platform.linkedin.com
3    2606:4700::6811:f0cc (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn2.hubspot.net
8    2606:4700::6810:fa05 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
no-cache.hubspot.com
cta-service-cms2.hubspot.com
app.hubspot.com
track.hubspot.com
1    2606:4700::6811:dfcc (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
js.hscta.net
1    172.217.22.98 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f98.1e100.net
www.googleadservices.com
1    2a00:1450:4001:808::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
2    23.111.9.38 (Phoenix, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
cdn.mouseflow.com
7    2a00:1450:4001:825::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
4    2a00:1450:4001:816::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    104.244.46.80 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
static.ads-twitter.com
1    2a02:26f0:f1:280::3adf (European Union)

ASN20940 (AKAMAI-ASN1, US)
sjs.bizographics.com
1    147.75.32.173 (Switzerland)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-27
static.hotjar.com
5    2a03:2880:f007:8:face:b00c:0:1 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
1    143.204.208.20 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-208-20.fra53.r.cloudfront.net
d10lpsik1i8c69.cloudfront.net
1    151.101.1.2 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
a.quora.com
2    45.60.13.212 (Redwood City, United States)

ASN19551 (INCAPSULA - Incapsula Inc, US)
px.spiceworks.com
1    147.75.81.98 (Switzerland)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-30
script.hotjar.com
1    34.233.218.142 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-233-218-142.compute-1.amazonaws.com
q.quora.com
1    2a00:1450:400c:c08::9c (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
2    2a00:1450:4001:824::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
2    2a00:1450:4001:820::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    104.244.42.197 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
t.co
4    2a03:2880:f107:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
3    93.184.220.42 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
static.olark.com
1    2a00:1450:4001:809::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
4    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
platform.twitter.com
3    2620:109:c007:102::5be1:f885 (United States)

ASN197612 (LINKEDIN-1, US)
px.ads.linkedin.com
1    2620:109:c002::6cae:a0a (United States)

ASN14413 (LINKEDIN - LinkedIn Corporation, US)
www.linkedin.com
1    104.244.42.131 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
analytics.twitter.com
1    2606:4700::6811:ebcc (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
js.usemessages.com
1    2606:4700::6811:e9cc (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
js.hsleadflows.net
1    2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
js.hs-analytics.net
1    143.204.208.150 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-208-150.fra53.r.cloudfront.net
d26x5ounzdjojj.cloudfront.net
1    147.75.83.82 (Switzerland)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-29
vars.hotjar.com
3    2606:4700::6810:fb05 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
api.hubspot.com
forms.hubspot.com
1    52.216.85.77 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
2    52.213.182.186 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-213-182-186.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    143.204.208.165 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-208-165.fra53.r.cloudfront.net
d26x5ounzdjojj.cloudfront.net
2    143.204.208.54 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-208-54.fra53.r.cloudfront.net
drvizd1lyevz4.cloudfront.net
1    104.244.42.72 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
syndication.twitter.com
Apex Domain
Subdomains		 Transfer
68 avanan.com
www.avanan.com
11 MB
11 hubspot.com
no-cache.hubspot.com
cta-service-cms2.hubspot.com
app.hubspot.com
api.hubspot.com
track.hubspot.com
forms.hubspot.com
9 KB
7 gstatic.com
fonts.gstatic.com
63 KB
6 twitter.com
platform.twitter.com
analytics.twitter.com
syndication.twitter.com
31 KB
6 linkedin.com
platform.linkedin.com
px.ads.linkedin.com
www.linkedin.com
58 KB
5 facebook.com
www.facebook.com
staticxx.facebook.com
698 B
5 cloudfront.net
d10lpsik1i8c69.cloudfront.net
d26x5ounzdjojj.cloudfront.net
drvizd1lyevz4.cloudfront.net
39 KB
4 facebook.net
connect.facebook.net
117 KB
4 google-analytics.com
www.google-analytics.com
55 KB
3 olark.com
static.olark.com
25 KB
3 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
86 KB
3 hubspot.net
cdn2.hubspot.net
3 KB
3 fontawesome.com
use.fontawesome.com
136 KB
2 bidr.io
match.prod.bidr.io
714 B
2 google.de
www.google.de
218 B
2 google.com
www.google.com
310 B
2 doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
1 KB
2 spiceworks.com
px.spiceworks.com
7 KB
2 quora.com
a.quora.com
q.quora.com
6 KB
2 mouseflow.com
cdn.mouseflow.com
810 B
2 googleapis.com
fonts.googleapis.com
2 KB
1 amazonaws.com
s3.amazonaws.com
8 KB
1 hs-analytics.net
js.hs-analytics.net
25 KB
1 hsleadflows.net
js.hsleadflows.net
60 KB
1 usemessages.com
js.usemessages.com
13 KB
1 t.co
t.co
171 B
1 bizographics.com
sjs.bizographics.com
5 KB
1 ads-twitter.com
static.ads-twitter.com
2 KB
1 googletagmanager.com
www.googletagmanager.com
27 KB
1 googleadservices.com
www.googleadservices.com
10 KB
1 hscta.net
js.hscta.net
4 KB
1 leadforensics.com
secure.leadforensics.com
331 B
1 cloudflare.com
cdnjs.cloudflare.com
972 B
145 33
Domain Requested by
68 www.avanan.com 1 redirects www.avanan.com
7 fonts.gstatic.com www.avanan.com
4 track.hubspot.com
4 platform.twitter.com www.avanan.com
platform.twitter.com
4 www.facebook.com www.avanan.com
connect.facebook.net
4 connect.facebook.net www.avanan.com
connect.facebook.net
4 www.google-analytics.com 1 redirects www.googletagmanager.com
www.google-analytics.com
3 px.ads.linkedin.com 2 redirects www.avanan.com
3 static.olark.com www.avanan.com
static.olark.com
3 cdn2.hubspot.net 1 redirects www.avanan.com
3 use.fontawesome.com www.avanan.com
2 drvizd1lyevz4.cloudfront.net www.avanan.com
2 match.prod.bidr.io 1 redirects www.avanan.com
2 api.hubspot.com js.usemessages.com
www.avanan.com
2 d26x5ounzdjojj.cloudfront.net www.avanan.com
d26x5ounzdjojj.cloudfront.net
2 cta-service-cms2.hubspot.com js.hscta.net
2 www.google.de www.avanan.com
2 www.google.com 1 redirects www.avanan.com
2 px.spiceworks.com www.googletagmanager.com
www.avanan.com
2 cdn.mouseflow.com 1 redirects www.avanan.com
2 platform.linkedin.com 1 redirects www.avanan.com
2 fonts.googleapis.com www.avanan.com
1 syndication.twitter.com
1 forms.hubspot.com js.hsleadflows.net
1 staticxx.facebook.com connect.facebook.net
1 s3.amazonaws.com www.avanan.com
1 vars.hotjar.com static.hotjar.com
1 js.hs-analytics.net www.avanan.com
1 js.hsleadflows.net www.avanan.com
1 js.usemessages.com www.avanan.com
1 analytics.twitter.com static.ads-twitter.com
1 www.linkedin.com 1 redirects
1 app.hubspot.com www.avanan.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 t.co www.avanan.com
1 stats.g.doubleclick.net 1 redirects
1 q.quora.com www.avanan.com
1 script.hotjar.com static.hotjar.com
1 a.quora.com www.avanan.com
1 d10lpsik1i8c69.cloudfront.net www.avanan.com
1 static.hotjar.com www.googletagmanager.com
1 sjs.bizographics.com www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 www.googletagmanager.com www.avanan.com
1 www.googleadservices.com www.avanan.com
1 js.hscta.net www.avanan.com
1 no-cache.hubspot.com www.avanan.com
1 secure.leadforensics.com www.avanan.com
1 cdnjs.cloudflare.com www.avanan.com
145 49
Subject Issuer Validity Valid
www.avanan.com
CloudFlare Inc ECC CA-2		 2018-10-18 -
2019-10-18		 a year crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-03-02 -
2019-09-08		 6 months crt.sh
*.leadforensics.com
Go Daddy Secure Certificate Authority - G2		 2018-12-19 -
2020-01-14		 a year crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA		 2018-09-17 -
2019-11-21		 a year crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
platform.linkedin.com
DigiCert SHA2 Secure Server CA		 2018-07-11 -
2020-07-15		 2 years crt.sh
ssl817700.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-03-05 -
2019-09-11		 6 months crt.sh
hubspot.com
CloudFlare Inc ECC CA-2		 2019-01-04 -
2020-01-04		 a year crt.sh
ssl817712.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-03-05 -
2019-09-11		 6 months crt.sh
www.googleadservices.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.mouseflow.com
COMODO RSA Domain Validation Secure Server CA		 2017-04-25 -
2020-05-09		 3 years crt.sh
*.google.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA		 2018-06-28 -
2019-07-03		 a year crt.sh
js.bizographics.com
DigiCert SHA2 Secure Server CA		 2018-04-13 -
2020-04-17		 2 years crt.sh
static.hotjar.com
Let's Encrypt Authority X3		 2019-02-08 -
2019-05-09		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-01-21 -
2019-04-21		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2018-10-08 -
2019-10-09		 a year crt.sh
*.quora.com
DigiCert SHA2 Secure Server CA		 2018-08-15 -
2019-11-26		 a year crt.sh
incapsula.com
GlobalSign CloudSSL CA - SHA256 - G3		 2018-06-11 -
2019-06-12		 a year crt.sh
script.hotjar.com
Let's Encrypt Authority X3		 2019-02-08 -
2019-05-09		 3 months crt.sh
www.google.de
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
t.co
DigiCert SHA2 High Assurance Server CA		 2019-03-07 -
2020-03-07		 a year crt.sh
s2.wac.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2018-11-05 -
2020-11-18		 2 years crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA		 2018-11-19 -
2019-11-27		 a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2017-06-06 -
2019-06-11		 2 years crt.sh
*.twitter.com
DigiCert SHA2 High Assurance Server CA		 2019-01-28 -
2020-01-28		 a year crt.sh
ssl817703.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-03-05 -
2019-09-11		 6 months crt.sh
ssl817706.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-03-05 -
2019-09-11		 6 months crt.sh
ssl803670.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-12-19 -
2019-06-27		 6 months crt.sh
vars.hotjar.com
Let's Encrypt Authority X3		 2019-02-08 -
2019-05-09		 3 months crt.sh
www.google.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2018-12-03 -
2019-10-25		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2018-05-22 -
2019-06-22		 a year crt.sh
syndication.twitter.com
DigiCert SHA2 High Assurance Server CA		 2019-01-24 -
2020-01-24		 a year crt.sh

This page contains 7 frames:

Primary Page: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Frame ID: 833B662AAAD60970288CD254EC35569E
Requests: 138 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-d831eecf6f5411af024c3acd759add17.html
Frame ID: BC83CCB0A8D41F112792F8CAE1710DE1
Requests: 1 HTTP requests in this frame

Frame: https://static.olark.com/jsclient/app.js
Frame ID: 41DBAB3CC96BAFD4578D6F2087378BB0
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html?origin=https%3A%2F%2Fwww.avanan.com&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Frame ID: C05D32DAFDF7BDBE635B13BA6FAF966B
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2e9f365dae390394eb8d923cba8c5b11.en.html
Frame ID: A83BC5EBD6F0E485A17A852AABE51E21
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Frame ID: 1121C2440540AE485120C6E4375E029D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df28bd37629bcef8%26domain%3Dwww.avanan.com%26origin%3Dhttps%253A%252F%252Fwww.avanan.com%252Fffeb8d670512%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&width=120
Frame ID: DD335BDF4E490B47042145539D8E7230
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.avanan.com/e2t/c/*W8v8XSX1sXwwNW7VP-vn8xtHpJ0/*N3J9QGbKH7FlW8xqj3T9g6Z-f0/5/f18dQhb0S83... Page URL
  2. https://www.avanan.com/events/public/v1/track/c/*W8v8XSX1sXwwNW7VP-vn8xtHpJ0/*N3J9QGbKH7FlW8xqj3T9g... HTTP 307
    https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%2... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • script /^\/\/static\.hotjar\.com\/c\/hotjar-/i
Overall confidence: 100%
Detected patterns
  • env /^(?:_hsq|hubspot)$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.linkedin\.com\/in\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i
Overall confidence: 100%
Detected patterns
  • env /^_paq$/i

Page Statistics

145
Requests

100 %
HTTPS

53 %
IPv6

33
Domains

49
Subdomains

43
IPs

5
Countries

12229 kB
Transfer

14829 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.avanan.com/e2t/c/*W8v8XSX1sXwwNW7VP-vn8xtHpJ0/*N3J9QGbKH7FlW8xqj3T9g6Z-f0/5/f18dQhb0S8329dsQXzW6bPrSs8q5B_3VxwwWr4cv5BSW1T-CDf13QwVrW1m2Dkx99c0JBW8nP6fB51frthW4vgKM197QBwBW96zRPS6b-LD7W3S_kbD6bW3N-W64-kXB1xlbrLW51vDGn2z3LPJW6Qk4-W4l2q4PW2xFVtR3MjZnJW2HVTVM3CcrhnW3MbN9Z3vgcQ3W2TKT0D3Wgy8yW4LG27L62WP1ZW6nzlwj2FJ71DW5r17Qj47XqvRW1tBHvJ83KHrFW7J39pB2przrYN6W3RDgHd1JGW17Tx3v7wzDllW1VJryk5lX8fqW13bD4h6dkdCwW5nn6Z92LBYSVVKQF785lBF-_W84pxMQ7t50TXW337_-B9dPKncW55cWm26wSPPkW1GXB8T2fzJdKW9gRm1N1yNX06W59BNSt4P71DjW54NLlQ75GGdqW759bJ_2L51HLW3mF3Pv750pssV7qr8k5NkW_nW2PTlBY59GQCsW6Vgrtk6X_LvtV_Z-Tr3fWXWKW4CHsW245Ly2MVkwRN48sXjGlW1BqPcn1vXsnJW47Nysp4DdNY3W49Jc2g3JVKzHW8DHFV28mhg5wW7z2vr68DwjfNW4B1zkV1K8nMxW4DwXwh3FZ5DNVB2BJL32rNqXW4R1rFX4HzlYGf2NbN_J11 Page URL
  2. https://www.avanan.com/events/public/v1/track/c/*W8v8XSX1sXwwNW7VP-vn8xtHpJ0/*N3J9QGbKH7FlW8xqj3T9g6Z-f0/5/f18dQhb0S8329dsQXzW6bPrSs8q5B_3VxwwWr4cv5BSW1T-CDf13QwVrW1m2Dkx99c0JBW8nP6fB51frthW4vgKM197QBwBW96zRPS6b-LD7W3S_kbD6bW3N-W64-kXB1xlbrLW51vDGn2z3LPJW6Qk4-W4l2q4PW2xFVtR3MjZnJW2HVTVM3CcrhnW3MbN9Z3vgcQ3W2TKT0D3Wgy8yW4LG27L62WP1ZW6nzlwj2FJ71DW5r17Qj47XqvRW1tBHvJ83KHrFW7J39pB2przrYN6W3RDgHd1JGW17Tx3v7wzDllW1VJryk5lX8fqW13bD4h6dkdCwW5nn6Z92LBYSVVKQF785lBF-_W84pxMQ7t50TXW337_-B9dPKncW55cWm26wSPPkW1GXB8T2fzJdKW9gRm1N1yNX06W59BNSt4P71DjW54NLlQ75GGdqW759bJ_2L51HLW3mF3Pv750pssV7qr8k5NkW_nW2PTlBY59GQCsW6Vgrtk6X_LvtV_Z-Tr3fWXWKW4CHsW245Ly2MVkwRN48sXjGlW1BqPcn1vXsnJW47Nysp4DdNY3W49Jc2g3JVKzHW8DHFV28mhg5wW7z2vr68DwjfNW4B1zkV1K8nMxW4DwXwh3FZ5DNVB2BJL32rNqXW4R1rFX4HzlYGf2NbN_J11?_ud=34a104ed-a5b5-4700-868c-7a8861d06730&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
    https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://platform.linkedin.com/in.js HTTP 302
  • https://platform.linkedin.com/xdoor/scripts/in.js
Request Chain 62
  • https://cdn.mouseflow.com/projects/27de06ce-a997-42ad-9adc-ff709a5afb3e.js HTTP 301
  • https://cdn.mouseflow.com/projects/27de06ce-a997-42ad-9adc-ff709a5afb3e_eu.js
Request Chain 63
  • https://cdn2.hubspot.net/hubfs/1835778/jacob_redesign/page_icons/close.svg HTTP 301
  • https://cdn2.hubspot.net/hubfs/1835778/marketing/website/jacob_redesign/page_icons/close.svg
Request Chain 85
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=166423513&t=pageview&_s=1&dl=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit%3Futm_campaign%3DNewsletter%25202019-03-19%26utm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D70874762%26_hsenc%3Dp2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M%26_hsmi%3D70879296&ul=en-us&de=UTF-8&dt=Widespread%20Office%20365%20and%20Gmail%20Misconfiguration%20Allows%20Hackers%20to%20Bypass%20Email%20Gateways&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEADQ~&jid=1919180912&gjid=790950569&cid=675451659.1553006921&tid=UA-59393664-1&_gid=1298818519.1553006921&_r=1&gtm=2wg3b2MQZBTTX&z=3588515 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-59393664-1&cid=675451659.1553006921&jid=1919180912&_gid=1298818519.1553006921&gjid=790950569&_v=j73&z=3588515 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-59393664-1&cid=675451659.1553006921&jid=1919180912&_v=j73&z=3588515 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-59393664-1&cid=675451659.1553006921&jid=1919180912&_v=j73&z=3588515&slf_rd=1&random=1519748161
Request Chain 100
  • https://px.ads.linkedin.com/collect/?time=1553006922160&pid=110528&url=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit%3Futm_campaign%3DNewsletter%25202019-03-19%26utm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D70874762%26_hsenc%3Dp2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M%26_hsmi%3D70879296&fmt=js&s=1 HTTP 302
  • https://px.ads.linkedin.com/collect/?time=1553006922160&pid=110528&url=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit%3Futm_campaign%3DNewsletter%25202019-03-19%26utm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D70874762%26_hsenc%3Dp2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M%26_hsmi%3D70879296&fmt=js&s=1&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1553006922160%26pid%3D110528%26url%3Dhttps%253A%252F%252Fwww.avanan.com%252Fresources%252Foffice-365-and-gmail-root-domain-exploit%253Futm_campaign%253DNewsletter%2525202019-03-19%2526utm_source%253Dhs_email%2526utm_medium%253Demail%2526utm_content%253D70874762%2526_hsenc%253Dp2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M%2526_hsmi%253D70879296%26fmt%3Djs%26s%3D1%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect/?time=1553006922160&pid=110528&url=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit%3Futm_campaign%3DNewsletter%25202019-03-19%26utm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D70874762%26_hsenc%3Dp2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M%26_hsmi%3D70879296&fmt=js&s=1&cookiesTest=true&liSync=true
Request Chain 127
  • https://match.prod.bidr.io/cookie-sync/tbw HTTP 303
  • https://match.prod.bidr.io/cookie-sync/tbw?_bee_ppp=1

145 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
f18dQhb0S8329dsQXzW6bPrSs8q5B_3VxwwWr4cv5BSW1T-CDf13QwVrW1m2Dkx99c0JBW8nP6fB51frthW4vgKM197QBwBW96zRPS6b-LD7W3S_kbD6bW3N-W64-kXB1xlbrLW51vDGn2z3LPJW6Qk4-W4l2q4PW2xFVtR3MjZnJW2HVTVM3CcrhnW3MbN9Z3vgc...
www.avanan.com/e2t/c/*W8v8XSX1sXwwNW7VP-vn8xtHpJ0/*N3J9QGbKH7FlW8xqj3T9g6Z-f0/5/ 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/e2t/c/*W8v8XSX1sXwwNW7VP-vn8xtHpJ0/*N3J9QGbKH7FlW8xqj3T9g6Z-f0/5/f18dQhb0S8329dsQXzW6bPrSs8q5B_3VxwwWr4cv5BSW1T-CDf13QwVrW1m2Dkx99c0JBW8nP6fB51frthW4vgKM197QBwBW96zRPS6b-LD7W3S_kbD6bW3N-W64-kXB1xlbrLW51vDGn2z3LPJW6Qk4-W4l2q4PW2xFVtR3MjZnJW2HVTVM3CcrhnW3MbN9Z3vgcQ3W2TKT0D3Wgy8yW4LG27L62WP1ZW6nzlwj2FJ71DW5r17Qj47XqvRW1tBHvJ83KHrFW7J39pB2przrYN6W3RDgHd1JGW17Tx3v7wzDllW1VJryk5lX8fqW13bD4h6dkdCwW5nn6Z92LBYSVVKQF785lBF-_W84pxMQ7t50TXW337_-B9dPKncW55cWm26wSPPkW1GXB8T2fzJdKW9gRm1N1yNX06W59BNSt4P71DjW54NLlQ75GGdqW759bJ_2L51HLW3mF3Pv750pssV7qr8k5NkW_nW2PTlBY59GQCsW6Vgrtk6X_LvtV_Z-Tr3fWXWKW4CHsW245Ly2MVkwRN48sXjGlW1BqPcn1vXsnJW47Nysp4DdNY3W49Jc2g3JVKzHW8DHFV28mhg5wW7z2vr68DwjfNW4B1zkV1K8nMxW4DwXwh3FZ5DNVB2BJL32rNqXW4R1rFX4HzlYGf2NbN_J11
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
www.avanan.com
:scheme
https
:path
/e2t/c/*W8v8XSX1sXwwNW7VP-vn8xtHpJ0/*N3J9QGbKH7FlW8xqj3T9g6Z-f0/5/f18dQhb0S8329dsQXzW6bPrSs8q5B_3VxwwWr4cv5BSW1T-CDf13QwVrW1m2Dkx99c0JBW8nP6fB51frthW4vgKM197QBwBW96zRPS6b-LD7W3S_kbD6bW3N-W64-kXB1xlbrLW51vDGn2z3LPJW6Qk4-W4l2q4PW2xFVtR3MjZnJW2HVTVM3CcrhnW3MbN9Z3vgcQ3W2TKT0D3Wgy8yW4LG27L62WP1ZW6nzlwj2FJ71DW5r17Qj47XqvRW1tBHvJ83KHrFW7J39pB2przrYN6W3RDgHd1JGW17Tx3v7wzDllW1VJryk5lX8fqW13bD4h6dkdCwW5nn6Z92LBYSVVKQF785lBF-_W84pxMQ7t50TXW337_-B9dPKncW55cWm26wSPPkW1GXB8T2fzJdKW9gRm1N1yNX06W59BNSt4P71DjW54NLlQ75GGdqW759bJ_2L51HLW3mF3Pv750pssV7qr8k5NkW_nW2PTlBY59GQCsW6Vgrtk6X_LvtV_Z-Tr3fWXWKW4CHsW245Ly2MVkwRN48sXjGlW1BqPcn1vXsnJW47Nysp4DdNY3W49Jc2g3JVKzHW8DHFV28mhg5wW7z2vr68DwjfNW4B1zkV1K8nMxW4DwXwh3FZ5DNVB2BJL32rNqXW4R1rFX4HzlYGf2NbN_J11
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Tue, 19 Mar 2019 14:48:36 GMT
content-type
text/html;charset=utf-8
set-cookie
__cfduid=d26203219ebe4ea12238df070497857b01553006916; expires=Wed, 18-Mar-20 14:48:36 GMT; path=/; domain=.www.avanan.com; HttpOnly __cfruid=fe03af8cd39f4731ca3434908b5e09eff6d5aecb-1553006916; path=/; domain=.www.avanan.com; HttpOnly
cf-cache-status
MISS
cf-ray
4ba03f8a091663e5-FRA
access-control-allow-credentials
false
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
vary
Accept-Encoding
x-trace
2B045BAF1AB4C9927F801A5B3141E382D24154F902000000000000000000
server
cloudflare
content-encoding
br
Primary Request office-365-and-gmail-root-domain-exploit
www.avanan.com/resources/
Redirect Chain
  • https://www.avanan.com/events/public/v1/track/c/*W8v8XSX1sXwwNW7VP-vn8xtHpJ0/*N3J9QGbKH7FlW8xqj3T9g6Z-f0/5/f18dQhb0S8329dsQXzW6bPrSs8q5B_3VxwwWr4cv5BSW1T-CDf13QwVrW1m2Dkx99c0JBW8nP6fB51frthW4vgKM19...
  • https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azh...
79 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/e2t/c/*W8v8XSX1sXwwNW7VP-vn8xtHpJ0/*N3J9QGbKH7FlW8xqj3T9g6Z-f0/5/f18dQhb0S8329dsQXzW6bPrSs8q5B_3VxwwWr4cv5BSW1T-CDf13QwVrW1m2Dkx99c0JBW8nP6fB51frthW4vgKM197QBwBW96zRPS6b-LD7W3S_kbD6bW3N-W64-kXB1xlbrLW51vDGn2z3LPJW6Qk4-W4l2q4PW2xFVtR3MjZnJW2HVTVM3CcrhnW3MbN9Z3vgcQ3W2TKT0D3Wgy8yW4LG27L62WP1ZW6nzlwj2FJ71DW5r17Qj47XqvRW1tBHvJ83KHrFW7J39pB2przrYN6W3RDgHd1JGW17Tx3v7wzDllW1VJryk5lX8fqW13bD4h6dkdCwW5nn6Z92LBYSVVKQF785lBF-_W84pxMQ7t50TXW337_-B9dPKncW55cWm26wSPPkW1GXB8T2fzJdKW9gRm1N1yNX06W59BNSt4P71DjW54NLlQ75GGdqW759bJ_2L51HLW3mF3Pv750pssV7qr8k5NkW_nW2PTlBY59GQCsW6Vgrtk6X_LvtV_Z-Tr3fWXWKW4CHsW245Ly2MVkwRN48sXjGlW1BqPcn1vXsnJW47Nysp4DdNY3W49Jc2g3JVKzHW8DHFV28mhg5wW7z2vr68DwjfNW4B1zkV1K8nMxW4DwXwh3FZ5DNVB2BJL32rNqXW4R1rFX4HzlYGf2NbN_J11
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
635715663a728b7a28302c032c26dda63ec1f4cb2a616874d862710426513fa9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=0

Request headers

:method
GET
:authority
www.avanan.com
:scheme
https
:path
/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
cookie
__cfduid=d26203219ebe4ea12238df070497857b01553006916; __cfruid=fe03af8cd39f4731ca3434908b5e09eff6d5aecb-1553006916
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Tue, 19 Mar 2019 14:48:37 GMT
content-type
text/html;charset=utf-8
cf-cache-status
MISS
cache-control
s-maxage=7200,max-age=5
cf-ray
4ba03f8f4dc463e5-FRA
access-control-allow-credentials
false
content-security-policy
upgrade-insecure-requests
edge-cache-tag
CT-7826958295,P-1835778,L-6416153737,CW-6077790217,CW-6416159786,CW-6523337095,CW-6742213589,E-5097885803,E-5097885811,E-6067151804,E-6073351973,E-6354401580,PGS-ALL,SW-2,SD-28
edge-control
!no-store,max-age=7200s
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link
</hs/hsstatic/content_shared_assets/static-1.4089/js/public_common.js>; rel=preload; as=script </hs/hsstatic/AsyncSupport/static-1.43/js/post_listing_asset.js>; rel=preload; as=script </hs/hsstatic/cos-i18n/static-1.10/bundles/project.js>; rel=preload; as=script
strict-transport-security
max-age=0
vary
Accept-Encoding
x-hs-cache-config
BrowserCache-5s-EdgeCache-7200s
x-hs-combine-css
Retry
x-hs-content-campaign-id
bc57dbe6-8d61-4ae8-8c99-9af26ad49d20
x-hs-content-id
7826958295
x-hs-hub-id
1835778
x-trace
2BF00FE9C55176F3496A135CFAAD60B921A9BC06A6000000000000000000
server
cloudflare
content-encoding
br
cf-h2-pushed
</hs/hsstatic/content_shared_assets/static-1.4089/js/public_common.js>,</hs/hsstatic/AsyncSupport/static-1.43/js/post_listing_asset.js>,</hs/hsstatic/cos-i18n/static-1.10/bundles/project.js>

Redirect headers

status
307
date
Tue, 19 Mar 2019 14:48:36 GMT
content-length
0
location
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
cf-cache-status
MISS
cf-ray
4ba03f8d3c3b63e5-FRA
access-control-allow-credentials
false
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link
<https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296>; rel="canonical"
referrer-policy
no-referrer
vary
Accept-Encoding
x-robots-tag
none
x-trace
2B6CCCA52348D3EF5A35EC84E135A3CCB54C5AAD04000000000000000000
server
cloudflare
public_common.js
www.avanan.com/hs/hsstatic/content_shared_assets/static-1.4089/js/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs/hsstatic/content_shared_assets/static-1.4089/js/public_common.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ace356aa4ac55ca8d7caeda783f4643a7255d20eaf94c4e884d87e9ea14f31ef

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:37 GMT
via
1.1 c37f72766931ae9c3f146ffa54018d1c.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-encoding
br
content-type
application/javascript; charset=utf-8
last-modified
Tue, 19 Feb 2019 19:32:48 GMT
server
cloudflare
etag
W/"bb60502956d1a5942817f2a8b839d889"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
zlQt5F1ZIAgfQjJMpvRZSO7x_4EjmL7v
cache-control
s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
set-cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; expires=Wed, 18-Mar-20 14:48:37 GMT; path=/; domain=.www.avanan.com; HttpOnly __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917; path=/; domain=.www.avanan.com; HttpOnly
cf-ray
4ba03f92c89963e5-FRA
x-amz-cf-id
zQqz1hXT-EI8qducYrU2jV8BC-3THACizhAymIpDJqgoH91l97AXvQ==
post_listing_asset.js
www.avanan.com/hs/hsstatic/AsyncSupport/static-1.43/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs/hsstatic/AsyncSupport/static-1.43/js/post_listing_asset.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a304e5dee828957418ea25d99e585acb6f874f043d23b09bd0050a50e180683

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:37 GMT
via
1.1 e06a155936c216d176543a7a25710ed0.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-encoding
br
content-type
application/javascript; charset=utf-8
last-modified
Tue, 25 Sep 2018 15:50:25 GMT
server
cloudflare
etag
W/"2a7c694a1c6e3bbfae1fbf6d35a5b97d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
oNHe2LVSF2sThwlNcj2uPrK7c5aH.XxG
cache-control
s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
set-cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; expires=Wed, 18-Mar-20 14:48:37 GMT; path=/; domain=.www.avanan.com; HttpOnly __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917; path=/; domain=.www.avanan.com; HttpOnly
cf-ray
4ba03f92c89e63e5-FRA
x-amz-cf-id
IPdfBREwXU6agVxVf93k10fS9r_lEplTMS_sn-MPaeQVM4nDJho9Fw==
project.js
www.avanan.com/hs/hsstatic/cos-i18n/static-1.10/bundles/ 		1 KB
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs/hsstatic/cos-i18n/static-1.10/bundles/project.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab449241b50123673e76dbcd70f869ae11d26920f0ce1670fdfd266308058179

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:37 GMT
via
1.1 9c6523da7343c5a4b25543811c29c4aa.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-encoding
br
content-type
application/javascript; charset=utf-8
last-modified
Wed, 13 Sep 2017 02:51:30 GMT
server
cloudflare
etag
W/"0011aaf4067b097bcbfd9dc99a4b94c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
p6iak7Gl9Xyg7crK_8XyTwctOBvKD1DL
cache-control
s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
set-cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; expires=Wed, 18-Mar-20 14:48:37 GMT; path=/; domain=.www.avanan.com; HttpOnly __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917; path=/; domain=.www.avanan.com; HttpOnly
cf-ray
4ba03f92c8a063e5-FRA
x-amz-cf-id
dQNmpciN2n0W8YlLM9wLGfHsirncEVNYfS9ppchtzb_ieRJmNorZYA==
jquery-1.11.2.js
www.avanan.com/hs/hsstatic/jquery-libs/static-1.4/jquery/ 		94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Request headers

:path
/hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js
pragma
no-cache
cookie
__cfduid=d26203219ebe4ea12238df070497857b01553006916; __cfruid=fe03af8cd39f4731ca3434908b5e09eff6d5aecb-1553006916
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:37 GMT
via
1.1 ade18dc841d2e1cc8ef49611c5d4c93e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-cache
Hit from cloudfront
status
200
content-encoding
br
content-type
application/javascript; charset=utf-8
last-modified
Thu, 08 Jan 2015 18:08:00 GMT
server
cloudflare
etag
W/"5790ead7ad3ba27397aedfa3d263b867"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
cf-ray
4ba03f93390863e5-FRA
x-amz-cf-id
c7n68Vxh0mfdVK8Vce7KIXZ_nJdqwofpzrexEycOmsCNtakD2iHI7A==
public_common.css
www.avanan.com/hs/hsstatic/content_shared_assets/static-1.4089/css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs/hsstatic/content_shared_assets/static-1.4089/css/public_common.css
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
61cd0511f1f46f8cc5c5163ea59d8d207742bc87dcca2fd79538c37b932dbbaa

Request headers

:path
/hs/hsstatic/content_shared_assets/static-1.4089/css/public_common.css
pragma
no-cache
cookie
__cfduid=d26203219ebe4ea12238df070497857b01553006916; __cfruid=fe03af8cd39f4731ca3434908b5e09eff6d5aecb-1553006916
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:37 GMT
via
1.1 6bc1c280aeef9bbdeb102c7f4e4f773e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-encoding
br
content-type
text/css
last-modified
Tue, 19 Feb 2019 19:32:48 GMT
server
cloudflare
etag
W/"fcd65e4e4f20cedc23644d5dbfda1c13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
fbbbscSpQywUsm_W_xQzcrr7_L2dlhD.
cache-control
s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
cf-ray
4ba03f9338fe63e5-FRA
x-amz-cf-id
Sm2188vrj5C97gjQ49MkB8BcOojr6do707TZIYGhNA894QDA0TZMzw==
reset.min.css
www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/1552403915774/Custom/jacob_redesign/css/ 		760 B
718 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/1552403915774/Custom/jacob_redesign/css/reset.min.css
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
97152508df33871d78e6d8595480ac6c5cf8f2feb1fc1ef7fd2ef7a0517810c7

Request headers

:path
/hs-fs/hub/1835778/hub_generated/template_assets/1552403915774/Custom/jacob_redesign/css/reset.min.css
pragma
no-cache
cookie
__cfduid=d26203219ebe4ea12238df070497857b01553006916; __cfruid=fe03af8cd39f4731ca3434908b5e09eff6d5aecb-1553006916
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:37 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
626CEBA5F8F15180
cf-ray
4ba03f9338ff63e5-FRA
status
200
x-amz-id-2
ZtHm/3zOT17i1cj58Cm02ltLzoTd8nFSgFWqxt/EgtJi7f5KKhPmfGMlNBtplYu3iQDBCR/wlls=
last-modified
Tue, 12 Mar 2019 15:18:36 GMT
server
cloudflare
etag
W/"dd216fc74c067413933b3c64bb975273"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
YIB5iu_fc1yJ4d2wHYQeZaGnu_5Tx5Fg
cache-control
s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
content-type
text/css
gradient.min.css
www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/1548271636981/Custom/system/default/ 		121 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/1548271636981/Custom/system/default/gradient.min.css
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0e292af323e79789da01c3a3a8d8b78af24cfc1742786cebf8c489d0a686e03

Request headers

:path
/hs-fs/hub/1835778/hub_generated/template_assets/1548271636981/Custom/system/default/gradient.min.css
pragma
no-cache
cookie
__cfduid=d26203219ebe4ea12238df070497857b01553006916; __cfruid=fe03af8cd39f4731ca3434908b5e09eff6d5aecb-1553006916
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:37 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
EF6616FE41460C12
cf-ray
4ba03f93390063e5-FRA
status
200
x-amz-id-2
lC0zmx15Gf09Lmuov6LSO0YKnqT2445lxgCFwk/uUeqFkrsBCwux5DAVPZHhMwcpm79Q7+VeHxQ=
last-modified
Wed, 23 Jan 2019 19:27:17 GMT
server
cloudflare
etag
W/"28aaf7eb8a7652ac4842c931c250405f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
wsCcvwGYmmZkAVklx7NCouF1XH.X2I8m
cache-control
s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
content-type
text/css
template.min.css
www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/1551809090548/Custom/jacob_redesign/css/ 		206 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/1551809090548/Custom/jacob_redesign/css/template.min.css
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa4134392661d801f47af7cdb562ba63be61d2b78510bd00e1a3cdf7447794f

Request headers

:path
/hs-fs/hub/1835778/hub_generated/template_assets/1551809090548/Custom/jacob_redesign/css/template.min.css
pragma
no-cache
cookie
__cfduid=d26203219ebe4ea12238df070497857b01553006916; __cfruid=fe03af8cd39f4731ca3434908b5e09eff6d5aecb-1553006916
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:37 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
223206A37E343B53
cf-ray
4ba03f93390163e5-FRA
status
200
x-amz-id-2
8u5laYG3oQcSAx0E0lfzYnlaqGb+NifTkENhr7mw24PKpEmKmZBn4ztUTzic8Ulh7JbaX2XtgbY=
last-modified
Tue, 05 Mar 2019 18:04:51 GMT
server
cloudflare
etag
W/"58b1a30d4878c5aa388595d82a2ca62c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
_ppjeaPSQWWfhfuU3MkgK82fDe4uDKNX
cache-control
s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
content-type
text/css
module_6523337095.min.css
www.avanan.com/hs-fs/hub/1835778/hub_generated/module_assets/1551212888739/ 		4 KB
914 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs-fs/hub/1835778/hub_generated/module_assets/1551212888739/module_6523337095.min.css
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dba5521edf2485cb2c6c3c21f98bccefab16f765e37feea70272f420e1da8fa8

Request headers

:path
/hs-fs/hub/1835778/hub_generated/module_assets/1551212888739/module_6523337095.min.css
pragma
no-cache
cookie
__cfduid=d26203219ebe4ea12238df070497857b01553006916; __cfruid=fe03af8cd39f4731ca3434908b5e09eff6d5aecb-1553006916
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:37 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
B9DDC7B787F564F4
cf-ray
4ba03f93390263e5-FRA
status
200
x-amz-id-2
lNgdXHP6eNw7W1O5hcUBImgC32uVzosCz9ipotiNeFuCQ1wFJN6KHW83db+wNoMBdRryr3thryA=
last-modified
Tue, 26 Feb 2019 20:28:09 GMT
server
cloudflare
etag
W/"93912143241f5552d3ea604c05387aab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
2ZbqmTKvvDSb9fHb52e4_r0GqQp1w6pB
cache-control
s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
content-type
text/css
module_6416159786_Custom_jacob_redesign_modules_blog_new_body.min.css
www.avanan.com/hs-fs/hub/1835778/hub_generated/module_assets/1552920083125/ 		779 B
478 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs-fs/hub/1835778/hub_generated/module_assets/1552920083125/module_6416159786_Custom_jacob_redesign_modules_blog_new_body.min.css
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
537e74bd5e1dfb7837d0764bb40a7d5f6680802674e1e95b0d71495a57976ef8

Request headers

:path
/hs-fs/hub/1835778/hub_generated/module_assets/1552920083125/module_6416159786_Custom_jacob_redesign_modules_blog_new_body.min.css
pragma
no-cache
cookie
__cfduid=d26203219ebe4ea12238df070497857b01553006916; __cfruid=fe03af8cd39f4731ca3434908b5e09eff6d5aecb-1553006916
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:37 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
6B8CAD3A3C59460B
cf-ray
4ba03f93390363e5-FRA
status
200
x-amz-id-2
Y/CK6KZYClD9NEznNQNxpKO+pBWG0rgKedRM4R0u1eD5ZDwEfusz7dSN5AE6EjrBZM16D0N9xrA=
last-modified
Mon, 18 Mar 2019 14:41:24 GMT
server
cloudflare
etag
W/"578c8434bda49fe4ebab7e17865f7360"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
XEt6inpTisMAuJ8914gK9xnYcur1LW5d
cache-control
s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
content-type
text/css
module_6742213589_Custom_jacob_redesign_modules_site_trialctabanner.min.css
www.avanan.com/hs-fs/hub/1835778/hub_generated/module_assets/1552059840104/ 		717 B
442 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs-fs/hub/1835778/hub_generated/module_assets/1552059840104/module_6742213589_Custom_jacob_redesign_modules_site_trialctabanner.min.css
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f18f5bd3f7f715bb570620c65f9affa1a902b99747171d051e12c47b20f08af0

Request headers

:path
/hs-fs/hub/1835778/hub_generated/module_assets/1552059840104/module_6742213589_Custom_jacob_redesign_modules_site_trialctabanner.min.css
pragma
no-cache
cookie
__cfduid=d26203219ebe4ea12238df070497857b01553006916; __cfruid=fe03af8cd39f4731ca3434908b5e09eff6d5aecb-1553006916
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:37 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
1310297DD3DD7236
cf-ray
4ba03f93390463e5-FRA
status
200
x-amz-id-2
CsjKkfycaIxZ2nTI2nKuthoqTPF+Q3zPW4JKecSxe1z5mpUozblT63GjaL/va7+GBpehG4U+v+8=
last-modified
Fri, 08 Mar 2019 15:44:01 GMT
server
cloudflare
etag
W/"d465664c98d04e2129a8a382bb188a6d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
99i.jwWyDUCoK0SxA3nHbs6Zg4PPVwM4
cache-control
s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
content-type
text/css
module_6077790217.min.css
www.avanan.com/hs-fs/hub/1835778/hub_generated/module_assets/1551725101160/ 		133 B
361 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs-fs/hub/1835778/hub_generated/module_assets/1551725101160/module_6077790217.min.css
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
202a9198b5ff23a3703ba65ba465f23794d1e583d7fe78b4cddd7920c90e62c4

Request headers

:path
/hs-fs/hub/1835778/hub_generated/module_assets/1551725101160/module_6077790217.min.css
pragma
no-cache
cookie
__cfduid=d26203219ebe4ea12238df070497857b01553006916; __cfruid=fe03af8cd39f4731ca3434908b5e09eff6d5aecb-1553006916
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:37 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
C491240CCCAC72FF
cf-ray
4ba03f93390563e5-FRA
status
200
x-amz-id-2
gi9XxYtoZlFZlXyCKkYMixiDnYpp+wmkWxbyGHIpA3QdJLI3aMJSBjwpiUcgu/QQ7gRFRRiYgvY=
last-modified
Mon, 04 Mar 2019 18:45:02 GMT
server
cloudflare
etag
W/"88b2a4f514dfb6e984ab2f1103414a1c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
pAZLXBZTiPvc4PgjI8hsDlZ3Ai8djgn2
cache-control
s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
content-type
text/css
js.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.1.4/ 		2 KB
972 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.1.4/js.cookie.min.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3636e8810aa8b16828af450174251147977372f0201e77d464c719f110b0924f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:37 GMT
content-encoding
br
cf-cache-status
HIT
status
200
strict-transport-security
max-age=15780000; includeSubDomains
last-modified
Thu, 17 May 2018 09:21:01 GMT
server
cloudflare
etag
W/"5afd497d-6c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
expires
Sun, 08 Mar 2020 14:48:37 GMT
cache-control
public, max-age=30672000
cf-ray
4ba03f93380cc292-FRA
served-in-seconds
0.001
110471.js
secure.leadforensics.com/js/ 		16 B
331 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.leadforensics.com/js/110471.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.140.49.131 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Kestrel /
Resource Hash
6c3e8c7aec7590b452bfd3dee1d364b75ce1d457b86ffad35b1e99d3587f289d

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 19 Mar 2019 14:48:37 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
Kestrel
Vary
Accept-Encoding
Content-Type
text/javascript
all.css
use.fontawesome.com/releases/v5.2.0/css/ 		46 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.2.0/css/all.css
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Origin
https://www.avanan.com

Response headers

date
Tue, 19 Mar 2019 14:48:38 GMT
content-encoding
gzip
last-modified
Mon, 23 Jul 2018 17:06:58 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"20a9ce516eaea76da29a23adc43e8998"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
status
200
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
css
fonts.googleapis.com/ 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
443e57ad165f52206a632043077e5f155dd2a09afb883a79ec3070394e70cd14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 19 Mar 2019 14:48:37 GMT
server
ESF
access-control-allow-origin
*
date
Tue, 19 Mar 2019 14:48:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Tue, 19 Mar 2019 14:48:37 GMT
in.js
platform.linkedin.com/xdoor/scripts/
Redirect Chain
  • https://platform.linkedin.com/in.js
  • https://platform.linkedin.com/xdoor/scripts/in.js
181 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.linkedin.com/xdoor/scripts/in.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:299::25eb , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Play /
Resource Hash
716e923952d922da8287eef6ce8647cedda95148861e0a38e31caf065551764c

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 19 Mar 2019 14:48:37 GMT
Content-Encoding
gzip
Server
Play
X-CDN
AKAM
Vary
Accept-Encoding
Connection
keep-alive
X-Li-Fabric
prod-lsg1
X-LI-Proto
http/1.1
X-Li-Pop
prod-ela1
Content-Type
text/javascript; charset=UTF-8
Content-Length
55949
X-LI-UUID
PIn3Tmy/fxXgqSgpwSoAAA==

Redirect headers

Date
Tue, 19 Mar 2019 14:48:37 GMT
Content-Encoding
gzip
Server
Apache-Coyote/1.1
X-CDN
AKAM
Vary
Accept-Encoding
Connection
keep-alive
P3P
CP="CAO CUR ADM DEV PSA PSD OUR"
Location
https://platform.linkedin.com/xdoor/scripts/in.js
X-LI-Proto
http/1.1
X-Li-Pop
PROD-IDB2
Content-Length
20
X-LI-UUID
HBfKRZBjjRWgKS4WQSsAAA==
X-Li-Fabric
prod-ltx1
layout.min.css
cdn2.hubspot.net/hub/-1/hub_generated/template_assets/1495141902003/hubspot_default/shared/responsive/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/-1/hub_generated/template_assets/1495141902003/hubspot_default/shared/responsive/layout.min.css
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:f0cc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
341a4d40ad1b2560db940f906716d0e9539d4c0785399d7e0348fd0d3af00170

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:37 GMT
content-encoding
gzip
cf-cache-status
HIT
status
200
x-amz-meta-md5-hash
0b0c633d59ab0af9553a98c0e7d97349
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
1295
last-modified
Thu, 18 May 2017 21:11:43 GMT
server
cloudflare
etag
W/"0b0c633d59ab0af9553a98c0e7d97349"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
cf-ray
4ba03f9378fc96b2-FRA
reset.min.css
www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/1530320726776/Custom/system/default/ 		2 KB
973 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/1530320726776/Custom/system/default/reset.min.css
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcef96bd3d8479bd51214ea2308b44862e719474c22c78361e02e6546156c96f

Request headers

:path
/hs-fs/hub/1835778/hub_generated/template_assets/1530320726776/Custom/system/default/reset.min.css
pragma
no-cache
cookie
__cfduid=d26203219ebe4ea12238df070497857b01553006916; __cfruid=fe03af8cd39f4731ca3434908b5e09eff6d5aecb-1553006916
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:37 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
7DEF440A6D2BC288
cf-ray
4ba03f93390663e5-FRA
status
200
x-amz-id-2
1InyQ/ggfyoesvqWlNkRI/JzH0f04MxjAxLoX8fkP3PNmOlTui+/2PaRVjRBQFNb40VSVrEN2Z8=
last-modified
Sat, 30 Jun 2018 01:05:27 GMT
server
cloudflare
etag
W/"350564e02a1f081bb16171bf2c9a10a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
j1iuQjqlIsC110yeTOGfEQ5Yyqk68opo
cache-control
s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
content-type
text/css
standard.min.css
www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/1540830215585/Custom/jacob_redesign/css/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/1540830215585/Custom/jacob_redesign/css/standard.min.css
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cee395287975be607deb7a11ebc5cf2451e3c3b2dde29618f6612d134768509b

Request headers

:path
/hs-fs/hub/1835778/hub_generated/template_assets/1540830215585/Custom/jacob_redesign/css/standard.min.css
pragma
no-cache
cookie
__cfduid=d26203219ebe4ea12238df070497857b01553006916; __cfruid=fe03af8cd39f4731ca3434908b5e09eff6d5aecb-1553006916
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:37 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
786DDFA40EBD9663
cf-ray
4ba03f93390763e5-FRA
status
200
x-amz-id-2
OomQ3tNHrrQHo/3V0XYx+oiFX1G+U9q18v1wOYQW0pq+om7YZ69jnmcR55Y1j0djoYNzvsRd8kc=
last-modified
Mon, 29 Oct 2018 16:23:36 GMT
server
cloudflare
etag
W/"df6f35e820af32c43b83f8dbc59e9adb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
8ftl.wx1bvcmnaJRd2itdp2O1GlNlNcc
cache-control
s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
content-type
text/css
avanan-logo-small.png
www.avanan.com/hubfs/marketing/website/jacob_redesign/logos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/marketing/website/jacob_redesign/logos/avanan-logo-small.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2deaf5b3607cda1a83543ca7909211dc7a0cc442e2de321acaae5004ee1c2b85

Request headers

:path
/hubfs/marketing/website/jacob_redesign/logos/avanan-logo-small.png
pragma
no-cache
cookie
__cfduid=d26203219ebe4ea12238df070497857b01553006916; __cfruid=fe03af8cd39f4731ca3434908b5e09eff6d5aecb-1553006916
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:37 GMT
via
1.1 e98abde3c6a5bc27d4bdd4168baa587d.cloudfront.net (CloudFront)
x-amz-meta-cache-tag
F-7455819439,FD-6104530235,P-1835778,FLS-ALL
x-amz-request-id
60B4B6905C5F1D96
cf-ray
4ba03f93390963e5-FRA
edge-cache-tag
F-7455819439,FD-6104530235,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
2606
x-amz-id-2
bD+eUlfOAmyc2aTRCiwGtYCfxikE/eFX+U3FhH0vEVnek9f1MCfMunk/4j4M7vDmJx0wL5z8nPU=
last-modified
Wed, 06 Feb 2019 18:38:24 GMT
server
cloudflare
etag
"722ceba50e519fcf436b2408be08b21d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
kT_rlncg5fKOh8puxco4QQV0fdvvplXk
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
ozEJkBpvc7o3Gcp1k0DNIk9gREmZgf3dbk7z5fYBGC3rAzi5h0eL0g==
office-365-tiny.png
www.avanan.com/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/ 		879 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/office-365-tiny.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c859145d850ec2c98e2855e06bfaf2573010bb29e98bc568d68932aa0297ea59

Request headers

:path
/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/office-365-tiny.png
pragma
no-cache
cookie
__cfduid=d26203219ebe4ea12238df070497857b01553006916; __cfruid=fe03af8cd39f4731ca3434908b5e09eff6d5aecb-1553006916
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:37 GMT
via
1.1 cd103c18819ef0db201c8a8cb9162bd2.cloudfront.net (CloudFront)
x-amz-meta-cache-tag
F-7318316982,FD-7179267219,P-1835778,FLS-ALL
x-amz-request-id
DEF43E3694B8BD49
cf-ray
4ba03f93490e63e5-FRA
edge-cache-tag
F-7318316982,FD-7179267219,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
879
x-amz-id-2
7JDPwBDQTRLhM7v1GI5gtc6Bv7Z9KRlveJeN8IBOyeYbnTmwPnkSoHsrIF0355r5LrQ3/mYj7I0=
last-modified
Tue, 29 Jan 2019 18:55:52 GMT
server
cloudflare
etag
"7a5320334f0a08f7a99dc4855562bfd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
j872rUSi4NhDQx6In6bOk0O2RTqXpYPj
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
x4OpwH3PusP59FR1chxjxA-n-kEbXK-1zdldpLCkkreYQ3_qeJ-dCQ==
google-tiny.png
www.avanan.com/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/google-tiny.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba0c019ab7b30399a991f543405e32c78af12b9793614fd8144f3870e5dfc888

Request headers

:path
/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/google-tiny.png
pragma
no-cache
cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:38 GMT
via
1.1 e4438a14707a01f6102dc21875d75080.cloudfront.net (CloudFront)
x-amz-meta-cache-tag
F-7318018375,FD-7179267219,P-1835778,FLS-ALL
x-amz-request-id
B6FB230FAF943640
cf-ray
4ba03f959ad363e5-FRA
edge-cache-tag
F-7318018375,FD-7179267219,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
2038
x-amz-id-2
isX3mSBIo8RaNDO5jeK08W5CebWS0PjQuzcdXKE8cCAcGLocGxZW4I7VHl2heSl+0IUJN7qW0jY=
last-modified
Tue, 29 Jan 2019 19:01:43 GMT
server
cloudflare
etag
"3c497f899ca758f873f63e539a74efe2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
Ftv35KE.KeU.C4tREzQbylwr.GiUS9Ih
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
VOcz9AD4OvHtiD-Yrb_rbzQHchirRDGZ1vnE5LgQeFFu7vHk8VAQnQ==
new_slack_logo_sm.png
www.avanan.com/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/new_slack_logo_sm.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
11aa3cacb21ac879ffba3aecd3fac86d2f2ce17d965b7ba76b41b36a431f190a

Request headers

:path
/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/new_slack_logo_sm.png
pragma
no-cache
cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:38 GMT
via
1.1 fb7ff691963d3e3600808dccbe4422d2.cloudfront.net (CloudFront)
x-amz-meta-cache-tag
F-7709085499,FD-7179267219,P-1835778,FLS-ALL
x-amz-request-id
E2B00D827A9E09F7
cf-ray
4ba03f95cb0063e5-FRA
edge-cache-tag
F-7709085499,FD-7179267219,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
2324
x-amz-id-2
GPwEKCXKq0hWKT7Y7+EKGMa5/s+O9xDTQY64wkFc6YeaCY7HmTCuBaVojrreDZ4VtTfJGwQB/Vo=
last-modified
Wed, 20 Feb 2019 15:07:24 GMT
server
cloudflare
etag
"1f74c496414012c2459c0e63602ee497"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
3tljKQvzRbliy2oNyoPPGsYoyOmwZMzj
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
QphnLCeKw4P-uqdBbTvwfLjCkD2S2Werdo4G4Ks89wI2W1N43qw8QQ==
onedrive-transparent-tiny.png
www.avanan.com/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/onedrive-transparent-tiny.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
776bcb99e24f966bf698ea263ad1c62e85d13a18af162afec87d9a468dfe36db

Request headers

:path
/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/onedrive-transparent-tiny.png
pragma
no-cache
cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:38 GMT
via
1.1 7b48191d48ad0a2b3616c20acd7fbc1c.cloudfront.net (CloudFront)
x-amz-meta-cache-tag
F-7318318826,FD-7179267219,P-1835778,FLS-ALL
x-amz-request-id
2DD3962299C80D4A
cf-ray
4ba03f96abae63e5-FRA
edge-cache-tag
F-7318318826,FD-7179267219,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
1193
x-amz-id-2
usGZQOcfOWLooDeJb0vPfUwv+cGA58j4k2zpGFLsdGnrSdX1hiSH2I3kJt0xa4Nc1SEEK3fcNHU=
last-modified
Tue, 29 Jan 2019 19:17:19 GMT
server
cloudflare
etag
"7f55dabf43feb73276a8b88b993cad90"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
ZyyiBkbCr5ZJmAdzqH5OMTuCq6JNGKfN
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
Fy9SD-FUhtCSZfhA6QtqZowRQRKOsB-TLiK1n_6tX8kcHNUVcnlNMg==
google-drive-transparent-tiny.png
www.avanan.com/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/google-drive-transparent-tiny.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4b304e99b623fdb308eedee76a45099412c85dfbcb9aee1d362aa5e0fa16765

Request headers

:path
/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/google-drive-transparent-tiny.png
pragma
no-cache
cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:38 GMT
via
1.1 3abf650c7bf73e47515000bddf3f05c0.cloudfront.net (CloudFront)
x-amz-meta-cache-tag
F-7318024192,FD-7179267219,P-1835778,FLS-ALL
x-amz-request-id
F4B104A6FF38E995
cf-ray
4ba03f972c0a63e5-FRA
edge-cache-tag
F-7318024192,FD-7179267219,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
1895
x-amz-id-2
7SFVxwDGGLQHZ4YwRZlrC5qZd/+mjFE4pwwtdGaA9/znmwJExd+h9jYnTD1ijzoOpwJTu0N7y4s=
last-modified
Tue, 29 Jan 2019 19:14:51 GMT
server
cloudflare
etag
"b5c19a1c59263792103ef57de3ffd674"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
bl2I_o0PEAmr2xRacNpsGlsk_DOyXfQm
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
Kk1OA9vCBuCkQMZicjAveEn1SzXHmkkll-LjhVPfOqoiWp7FmdcoMA==
dropbox-transparent-tiny.png
www.avanan.com/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/dropbox-transparent-tiny.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3dee1f3e5910065a08f4734456d718f98ef7e70e68da10f629b5f05dba671fd

Request headers

:path
/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/dropbox-transparent-tiny.png
pragma
no-cache
cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:38 GMT
via
1.1 e98abde3c6a5bc27d4bdd4168baa587d.cloudfront.net (CloudFront)
x-amz-meta-cache-tag
F-7318024927,FD-7179267219,P-1835778,FLS-ALL
x-amz-request-id
D6CF8D3E488F30F2
cf-ray
4ba03f99bd9a63e5-FRA
edge-cache-tag
F-7318024927,FD-7179267219,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
1684
x-amz-id-2
YrKJH0KeXzc1uHeiLhM33o4z9IebRluys4qasj5hl9wPkIgvOx/6ADZBxkUhyY3gfINoRmP+Z2A=
last-modified
Tue, 29 Jan 2019 19:22:18 GMT
server
cloudflare
etag
"d3d85360722c7802f4f83831f435d593"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
lFAp8T6llv9TIhsRQ9IE4Liq5p9FcQ87
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
SduAe_YhMDlnkCvs2TIW81hyUU7UnZ5p3CaDZIo0YRiVZJemHelR7g==
box-transparent-tiny.png
www.avanan.com/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/box-transparent-tiny.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7a8d4e918c98ec9eec4b1ea4d89acc72716c0ece6277f1f88898a764e185145

Request headers

:path
/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/box-transparent-tiny.png
pragma
no-cache
cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:38 GMT
via
1.1 3abf650c7bf73e47515000bddf3f05c0.cloudfront.net (CloudFront)
x-amz-meta-cache-tag
F-7322206946,FD-7179267219,P-1835778,FLS-ALL
x-amz-request-id
75A673746EF926F3
cf-ray
4ba03f99ddb563e5-FRA
edge-cache-tag
F-7322206946,FD-7179267219,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
1463
x-amz-id-2
dBGDSUffXuob9fQknCNcF7pQgKl0hzBMdIH7+MZmHMM6Pgy8UY77wP6Dvvl7462NTkGKdjSQ38o=
last-modified
Tue, 29 Jan 2019 19:25:22 GMT
server
cloudflare
etag
"b5130a845112c4d1cfe4cc3bfd9608ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
ODMPSIWQU.snjnxSmOqkiOsAWYNRrk56
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
YU_u7voqOH5Xjy-kvcPapt_aDAUxbjNWMF6PQEOF1cEKLe-Bhqniew==
sharefile-transparent-tiny.png
www.avanan.com/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/sharefile-transparent-tiny.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
563d275ed0aa46f4601d759a75e721a53af7d2c4c5973c24be0d2bea181183c0

Request headers

:path
/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/sharefile-transparent-tiny.png
pragma
no-cache
cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:39 GMT
via
1.1 fb7ff691963d3e3600808dccbe4422d2.cloudfront.net (CloudFront)
x-amz-meta-cache-tag
F-7322270687,FD-7179267219,P-1835778,FLS-ALL
x-amz-request-id
FDFD42337E383B02
cf-ray
4ba03f9b3e9463e5-FRA
edge-cache-tag
F-7322270687,FD-7179267219,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
2943
x-amz-id-2
P6F8JV2J0vGSuXgPiMQYtUJM4l87533jgFzyw8cC2c3J6qy3nIxx7HjuRGBKmk+THWQPHwMTuq0=
last-modified
Tue, 29 Jan 2019 19:27:35 GMT
server
cloudflare
etag
"6a749f848006861e5a5dfda891de42d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
raQsUjpkI6wI8gNTz4VHst8kOPKHiIlq
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
b4CtAhcyqe7M8TN0S5p3FwyOQa7bog05qVSmVJFSSPh6owB-lxxFBw==
antiphishing.png
www.avanan.com/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/ 		667 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/antiphishing.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eec882563e44168a4ce35f9314e7d6c76c6176e7279668ad8413ebd5e17f3d85

Request headers

:path
/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/antiphishing.png
pragma
no-cache
cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:39 GMT
via
1.1 fb7ff691963d3e3600808dccbe4422d2.cloudfront.net (CloudFront)
x-amz-meta-cache-tag
F-7322281677,FD-7179267219,P-1835778,FLS-ALL
x-amz-request-id
F4B7CDDE1937B5A0
cf-ray
4ba03f9cffea63e5-FRA
edge-cache-tag
F-7322281677,FD-7179267219,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
667
x-amz-id-2
qQP9nxMyrBcyoa2BK7PhbYQWI6fSzZN20NqpUMW4r1P19sNacPmYOERVI7eEPJ2ZaK8VHzZcu+I=
last-modified
Tue, 29 Jan 2019 19:33:59 GMT
server
cloudflare
etag
"41a29b03d755738d858e11f55d44ad06"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
J5V3t2oW1PCQYobVF25.C6n4.O9KGb4z
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
oD9ZuipSUaAigGhatV_w5eKcXYM7WFw0uReNG99YmdQAIf3btJDhyg==
malware.png
www.avanan.com/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/ 		797 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/malware.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a04a47ccc7d5006b02f3f03f227ac2b624bb8b78a694b6dfa964a7c5ec0ffb4

Request headers

:path
/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/malware.png
pragma
no-cache
cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:39 GMT
via
1.1 e98abde3c6a5bc27d4bdd4168baa587d.cloudfront.net (CloudFront)
x-amz-meta-cache-tag
F-7322276439,FD-7179267219,P-1835778,FLS-ALL
x-amz-request-id
849312F512574438
cf-ray
4ba03f9cffeb63e5-FRA
edge-cache-tag
F-7322276439,FD-7179267219,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
797
x-amz-id-2
H37fztn04MEHJjyhtDE6vQSHNxS/KiCdpRWkVqFvUD678ayyp7EGw1x8FgTdDZMN6IDFIkvE6HM=
last-modified
Tue, 29 Jan 2019 19:33:59 GMT
server
cloudflare
etag
"55ef20014720c5e08e14f4e59083a3ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
a4w9mlsjdiBsKZty_wkccoeqpQ1Uq.9_
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
MvNqzFOavxm-rNbS_JollpQ6vBdwfpM52eCvsiPbHi9D8ynVM5grBw==
account-takeover.png
www.avanan.com/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/ 		712 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/account-takeover.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b441a207171b83120e97672edffa15b3a5d243fa0123740c78a21e376366481

Request headers

:path
/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/account-takeover.png
pragma
no-cache
cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:39 GMT
via
1.1 4446e317b7b7532307c7755d43835bff.cloudfront.net (CloudFront)
x-amz-meta-cache-tag
F-7322271174,FD-7179267219,P-1835778,FLS-ALL
x-amz-request-id
96341F75C1C0C42C
cf-ray
4ba03f9cffec63e5-FRA
edge-cache-tag
F-7322271174,FD-7179267219,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
712
x-amz-id-2
Frr9/kae3H+aFJYGlMgHDPM5eVgx8V0IsJajj3XgUKnTDPHC6hj8pyE/EC6Z5c1jXXphsL9yujg=
last-modified
Tue, 29 Jan 2019 19:33:59 GMT
server
cloudflare
etag
"967dd1a903ccbc516d080d02264e4141"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
6gPL0XXZ5hivruWlBq0Q6OHOmSyAmw.m
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
fSNWSnlz9743UkCSCwZaAi6HUmEHtdDJsqYmaaN8HFrrzm9NyPdhqw==
dlp.png
www.avanan.com/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/ 		640 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/dlp.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ff13d7c171e82a561b1ed7ec96c87d85d173eae3ae91d2cf5875e9f36fc3f5

Request headers

:path
/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/dlp.png
pragma
no-cache
cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:39 GMT
via
1.1 7b48191d48ad0a2b3616c20acd7fbc1c.cloudfront.net (CloudFront)
x-amz-meta-cache-tag
F-7322207562,FD-7179267219,P-1835778,FLS-ALL
x-amz-request-id
B4016A6A260E597C
cf-ray
4ba03f9cffed63e5-FRA
edge-cache-tag
F-7322207562,FD-7179267219,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
640
x-amz-id-2
Z4yO8AU7BZqLrH6vnRhyIFBA1SUsy9OmYnPXP8zbU/O44x16DLctzFWzbplPTIhg1Vy6exC1/yA=
last-modified
Tue, 29 Jan 2019 19:33:59 GMT
server
cloudflare
etag
"9805a9589506ec491e5682053af1a016"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
OjCTUgHxA1ePyMJJ3vxTegZGMXBuxqfh
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
m3uqZ8ohk9nllPGyaw4E2HShAKOJv4LsZRiniGP5M3zhI9hmF99iwg==
casb.png
www.avanan.com/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/ 		627 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/casb.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c3a5d7a3aa9e8f0d67982c5a1c27b10904d8f1d52863c3ff2e298c9b5bdcd28

Request headers

:path
/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/casb.png
pragma
no-cache
cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:39 GMT
via
1.1 e4438a14707a01f6102dc21875d75080.cloudfront.net (CloudFront)
x-amz-meta-cache-tag
F-7322276438,FD-7179267219,P-1835778,FLS-ALL
x-amz-request-id
58AEE9B1FC96D78A
cf-ray
4ba03f9cffef63e5-FRA
edge-cache-tag
F-7322276438,FD-7179267219,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
627
x-amz-id-2
TlxlZmcnXdivxXQUhkd2ef4vjq7KQXWqCqz8e28CKpK7j8DEeH00LrFsWz7FmoGFz32FwxrgM1w=
last-modified
Tue, 29 Jan 2019 19:33:59 GMT
server
cloudflare
etag
"9c434d79471baf6ed24a2a61e34b2586"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
CJTsKBbE7NpT6RogLdKX4V7njZEa.G_n
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
sn5n-0_-AnaDPEzroaHT81Im0OFvRpjWIoIX3Z4gJeBBexVGRr0Y7Q==
siem.png
www.avanan.com/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/ 		835 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/siem.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ff9e46dfda4eaa892b36d7764cfe74631f7edf07365addb143198a68735e3c2

Request headers

:path
/hubfs/marketing/website/jacob_redesign/any-saas/transparent/tiny/siem.png
pragma
no-cache
cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:39 GMT
via
1.1 a34515b3e30311d9ca27fafd4440ec95.cloudfront.net (CloudFront)
x-amz-meta-cache-tag
F-7322276440,FD-7179267219,P-1835778,FLS-ALL
x-amz-request-id
05AB5D08F10B9FCB
cf-ray
4ba03f9cfff063e5-FRA
edge-cache-tag
F-7322276440,FD-7179267219,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
835
x-amz-id-2
TP4/19RRR0wU49c1nJ51V4VB5+o30ivAiHMNTRHAfP44fXyK+Xate+FiLud+3E7jdwsgJ75EoqY=
last-modified
Tue, 29 Jan 2019 19:33:59 GMT
server
cloudflare
etag
"057215665edfbdfe8e3796f04e092001"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
TXTZ_zo1OHfCA7zcMiDGIjHuRrlyRzAQ
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
urhHO8ppND-RRSH_kDbth9affjmX8v-ovxrz8HU2ql9mil8TGFOS1g==
menu.svg
www.avanan.com/hubfs/jacob_redesign/page_icons/ 		412 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/jacob_redesign/page_icons/menu.svg
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b87e4646139278fa6e92bdb8005b52718be52263a370493eb59826d6a0b0948

Request headers

:path
/hubfs/jacob_redesign/page_icons/menu.svg
pragma
no-cache
cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:39 GMT
via
1.1 e89c67951b2bc58773e3664c08702f34.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-meta-cache-tag
F-6111493085,FD-6106722142,P-1835778,FLS-ALL
x-amz-request-id
14484EC22A983C95
cf-ray
4ba03f9cfff163e5-FRA
edge-cache-tag
F-6111493085,FD-6106722142,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-encoding
br
x-amz-id-2
gMtF1jbG6TZJ3WiGPZPGyH3h7QJcOpGims2MVPm+bF58cqgdsornELKlMvpi081pkZo6CxnM94s=
last-modified
Sat, 27 Oct 2018 19:46:12 GMT
server
cloudflare
etag
W/"1344d17d3d128e5007b78d7e98b18b0f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
f691uGrp.6RJxcAlsyclTUImiV07xc.e
access-control-allow-origin
*
cache-control
s-maxage=1209600, max-age=1209600
content-type
image/svg+xml
x-amz-cf-id
Vh155VqAAebTKdpkiAq2C0Hm__rIkK_XYIFY8kjmT8d8K5RkmUnveQ==
1.jpg
www.avanan.com/resources/assets/images/blog/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/resources/assets/images/blog/1.jpg
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b27190580a444129558b8bc9043afe5f6c5e7e7f0557a63d5ab6c53f1801874c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

:path
/resources/assets/images/blog/1.jpg
pragma
no-cache
cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:39 GMT
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
x-trace
2B0C4625AE191D062D537064C9C82538252401642D000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-hs-reason
No view mapper found to handle request
content-type
text/html;charset=utf-8
status
404
x-hubspot-notfound
true
cache-control
s-maxage=5,max-age=5
access-control-allow-credentials
false
strict-transport-security
max-age=0
cf-ray
4ba03f9cfff263e5-FRA
0-3.jpg
www.avanan.com/hubfs/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/0-3.jpg
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1989f7955752a5e1b0903a3d8774784436b9ee05f909a0e50d114f88791187bb

Request headers

:path
/hubfs/0-3.jpg
pragma
no-cache
cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:39 GMT
via
1.1 74f98ee8547ec50a6b9a4c3d010e1e0d.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-meta-cache-tag
F-6488477379,P-1835778,FLS-ALL
x-amz-request-id
D8D8D8B54B436A83
edge-cache-tag
F-6488477379,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
34018
x-amz-id-2
6qfzae0kbOiEt8uJnN0MN+yMR4MHRgkAcKdlnD7aKRDPtLEcSGNMf/LgkVafu69Q/M0UJArHm4M=
last-modified
Tue, 20 Nov 2018 13:54:08 GMT
server
cloudflare
etag
"baacfb85a8de56c673209e82d089f5ac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
s-maxage=1209600, max-age=1209600
x-amz-version-id
XqRl95qH_HTcfTk3nE4gEe5k8MhWA8hU
accept-ranges
bytes
cf-ray
4ba03f9cfff363e5-FRA
x-amz-cf-id
oQHbk27JOLADOhik00LuLjcZl30zVzKQ28W5RH7wJOGhUnOE2iQ92A==
What%20is%20a%20DNS%20MX%20record%3F.png
www.avanan.com/hs-fs/hubfs/Root%20Domain%20Exploit/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hs-fs/hubfs/Root%20Domain%20Exploit/What%20is%20a%20DNS%20MX%20record%3F.png?width=600&name=What%20is%20a%20DNS%20MX%20record%3F.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c695fd71e54ee4521f6b2bf1ea92ed2615118397e4c70683ff90cbb707600275

Request headers

:path
/hs-fs/hubfs/Root%20Domain%20Exploit/What%20is%20a%20DNS%20MX%20record%3F.png?width=600&name=What%20is%20a%20DNS%20MX%20record%3F.png
pragma
no-cache
cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:39 GMT
via
1.1 1019c7748e9bd9371b8cbc3777f0a40e.cloudfront.net (CloudFront)
cf-cache-status
MISS
edge-cache-tag
F-8229671135,FD-8263410349,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
33851
last-modified
Tue, 19 Mar 2019 13:56:30 GMT
server
cloudflare
etag
"8f2211b8aa17a8f8655c8937859c2c7c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
s-maxage=1209600, max-age=1209600
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
4ba03f9cfff463e5-FRA
x-amz-cf-id
vVkIihtWmgj8HXetyxmfSMP6kGtbGt2nCruZmlDrPzna3eCDYbOuEw==
What%20is%20a%20root%20domain%3F.png
www.avanan.com/hs-fs/hubfs/Root%20Domain%20Exploit/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hs-fs/hubfs/Root%20Domain%20Exploit/What%20is%20a%20root%20domain%3F.png?width=600&name=What%20is%20a%20root%20domain%3F.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2a6310eac721ee55c7b6963a299e007ae38b4ef4b98b68585d8416354f2e1cc

Request headers

:path
/hs-fs/hubfs/Root%20Domain%20Exploit/What%20is%20a%20root%20domain%3F.png?width=600&name=What%20is%20a%20root%20domain%3F.png
pragma
no-cache
cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:39 GMT
via
1.1 21b0487d8c28cb4577401d2a73a03053.cloudfront.net (CloudFront)
cf-cache-status
MISS
edge-cache-tag
F-8229400954,FD-8263410349,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
31264
last-modified
Tue, 19 Mar 2019 13:58:48 GMT
server
cloudflare
etag
"24e4db744f3507a36510cd7a1922772d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
s-maxage=1209600, max-age=1209600
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
4ba03f9cfff563e5-FRA
x-amz-cf-id
LHIHlDJuHmpj4yfYJhl2SppHQAVdi2gb7r_Ty6vFkvvqFHc2301Q0g==
How%20do%20you%20change%20DNS%20MX%20when%20you%20have%20a%20gateway%3F.png
www.avanan.com/hs-fs/hubfs/Root%20Domain%20Exploit/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hs-fs/hubfs/Root%20Domain%20Exploit/How%20do%20you%20change%20DNS%20MX%20when%20you%20have%20a%20gateway%3F.png?width=600&name=How%20do%20you%20change%20DNS%20MX%20when%20you%20have%20a%20gateway%3F.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebd3c1b80d020fe6de58ea3af8950efcfe91d72b8fe1001cf17609c9bcdc83a0

Request headers

:path
/hs-fs/hubfs/Root%20Domain%20Exploit/How%20do%20you%20change%20DNS%20MX%20when%20you%20have%20a%20gateway%3F.png?width=600&name=How%20do%20you%20change%20DNS%20MX%20when%20you%20have%20a%20gateway%3F.png
pragma
no-cache
cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:39 GMT
via
1.1 049cb323352be4caf619f577fce55af0.cloudfront.net (CloudFront)
cf-cache-status
MISS
edge-cache-tag
F-8258819151,FD-8263410349,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
43622
last-modified
Tue, 19 Mar 2019 14:19:17 GMT
server
cloudflare
etag
"e365b52e7ebdc2a3e4141ca5b6e92b9b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
s-maxage=1209600, max-age=1209600
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
4ba03f9cfff663e5-FRA
x-amz-cf-id
Z9ybHziMJUDKU4swjlQ53ATEg1HCW3nbdnf_pmkq56YOcE33_Mp-ow==
MX%20Lookup%20for%20company%20using%20Office%20365.jpg
www.avanan.com/hs-fs/hubfs/Root%20Domain%20Exploit/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hs-fs/hubfs/Root%20Domain%20Exploit/MX%20Lookup%20for%20company%20using%20Office%20365.jpg?width=600&name=MX%20Lookup%20for%20company%20using%20Office%20365.jpg
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
417526cbb752427aba93dfd016b0ac74b3b1a7c2bf2e574fc46366c21150b663

Request headers

:path
/hs-fs/hubfs/Root%20Domain%20Exploit/MX%20Lookup%20for%20company%20using%20Office%20365.jpg?width=600&name=MX%20Lookup%20for%20company%20using%20Office%20365.jpg
pragma
no-cache
cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:39 GMT
via
1.1 f8d44a9ae8d015e27eeaa90810b99a87.cloudfront.net (CloudFront)
cf-cache-status
MISS
edge-cache-tag
F-8258705821,FD-8263410349,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
25440
last-modified
Tue, 19 Mar 2019 14:19:16 GMT
server
cloudflare
etag
"9c8f7f7e0f2a16a2ca6ac10581c9d693"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
s-maxage=1209600, max-age=1209600
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
4ba03f9cfff763e5-FRA
x-amz-cf-id
2uJtHRGDPt0tVn12dZzeYUchDGUzhHTf_UCy_RwP_0Rq4MA2xEq0iQ==
Root%20domain%20exploit%20example.png
www.avanan.com/hs-fs/hubfs/Root%20Domain%20Exploit/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hs-fs/hubfs/Root%20Domain%20Exploit/Root%20domain%20exploit%20example.png?width=600&name=Root%20domain%20exploit%20example.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
212ef675508c38b425cd89299da32e90658e2b0a304d6f4f6d8ece925cbb0785

Request headers

:path
/hs-fs/hubfs/Root%20Domain%20Exploit/Root%20domain%20exploit%20example.png?width=600&name=Root%20domain%20exploit%20example.png
pragma
no-cache
cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:39 GMT
via
1.1 ffa8ec5cfe61dcaaebc108ff8c867055.cloudfront.net (CloudFront)
cf-cache-status
MISS
edge-cache-tag
F-8229340164,FD-8263410349,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
38191
last-modified
Tue, 19 Mar 2019 13:58:50 GMT
server
cloudflare
etag
"af0d2df8f23e0deb1195cb228e33ac53"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
s-maxage=1209600, max-age=1209600
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
4ba03f9cfff863e5-FRA
x-amz-cf-id
5qxNTen2aAvLDGL8qhwrEd99z6XfFOBF3dPDdWYwAOsb1DUGLfHHHQ==
MX%20Toolbox%20SuperTool%20hacker%20trick.png
www.avanan.com/hs-fs/hubfs/Root%20Domain%20Exploit/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hs-fs/hubfs/Root%20Domain%20Exploit/MX%20Toolbox%20SuperTool%20hacker%20trick.png?width=600&name=MX%20Toolbox%20SuperTool%20hacker%20trick.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
75c9924330f47824749d65231e1159290334a789fb8845bd34af82dee48f33a5

Request headers

:path
/hs-fs/hubfs/Root%20Domain%20Exploit/MX%20Toolbox%20SuperTool%20hacker%20trick.png?width=600&name=MX%20Toolbox%20SuperTool%20hacker%20trick.png
pragma
no-cache
cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:39 GMT
via
1.1 c8c9787916110356915bbdbddd0a32d6.cloudfront.net (CloudFront)
cf-cache-status
MISS
edge-cache-tag
F-8105447169,FD-8263410349,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
64972
last-modified
Tue, 19 Mar 2019 14:14:24 GMT
server
cloudflare
etag
"7dee872600a2d9edcb493a5e7aec9a02"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
s-maxage=1209600, max-age=1209600
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
4ba03f9cfff963e5-FRA
x-amz-cf-id
xmM7fudDjtYQ7D9R3YJyil39OKIUWVF_zlKzzQRxDe5yTVZ_Ty8N1g==
How%20do%20you%20set%20up%20Gmail%3F.png
www.avanan.com/hs-fs/hubfs/Root%20Domain%20Exploit/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hs-fs/hubfs/Root%20Domain%20Exploit/How%20do%20you%20set%20up%20Gmail%3F.png?width=600&name=How%20do%20you%20set%20up%20Gmail%3F.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e865b87b3186028797ddfe024eb9573f6ac9ac76eac8855a37caa9ef9b025a2d

Request headers

:path
/hs-fs/hubfs/Root%20Domain%20Exploit/How%20do%20you%20set%20up%20Gmail%3F.png?width=600&name=How%20do%20you%20set%20up%20Gmail%3F.png
pragma
no-cache
cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:39 GMT
via
1.1 c94378b36f8a40d65d0bb1c2edbb9c73.cloudfront.net (CloudFront)
cf-cache-status
MISS
edge-cache-tag
F-8133706869,FD-8263410349,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
41758
last-modified
Tue, 19 Mar 2019 13:58:25 GMT
server
cloudflare
etag
"7f3914eb087db679dd8708f400b536e4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
s-maxage=1209600, max-age=1209600
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
4ba03f9cfffa63e5-FRA
x-amz-cf-id
Dfgby-Rt_Obr4BaiyPBjcUWxM4RYKuOJxCsJtyy5zdPsSsHu3cR0Tg==
no-relationship.png
www.avanan.com/hs-fs/hubfs/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hs-fs/hubfs/no-relationship.png?width=240&name=no-relationship.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b0c671aa315f58a9dbbc91e1bfd3af52cdc88ac5660ae2a48e959e4da738fb2

Request headers

:path
/hs-fs/hubfs/no-relationship.png?width=240&name=no-relationship.png
pragma
no-cache
cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:39 GMT
via
1.1 91ed69d49df50f5558b0d5ebe4b3af7a.cloudfront.net (CloudFront)
cf-cache-status
MISS
edge-cache-tag
F-7691971626,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
12217
last-modified
Tue, 19 Feb 2019 18:51:29 GMT
server
cloudflare
etag
"3251c840961d156de6beebde733aac2a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
s-maxage=1209600, max-age=1209600
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
4ba03f9cfffb63e5-FRA
x-amz-cf-id
7eYxDpbOmEVwDQtiyVmQHBFRfAMZvMPC6lFl9hvSzKmNE0Ul1g4c7A==
129def08-6c3f-4e42-9eb1-bf3e544782e9.png
no-cache.hubspot.com/cta/default/1835778/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://no-cache.hubspot.com/cta/default/1835778/129def08-6c3f-4e42-9eb1-bf3e544782e9.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fa05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c4599273a7043bb6f94d3edc2b6c8654abebe134990278cfb61c6558c56b595
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:39 GMT
last-modified
Mon, 14 Jan 2019 21:55:52 GMT
server
cloudflare
x-amz-request-id
626A2854EAB9616E
etag
"d42a675c9d5a2e5c9d56349e90cad926"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
status
200
cache-control
no-cache, no-store
accept-ranges
bytes
cf-ray
4ba03f9d5b319762-FRA
content-length
3051
x-amz-id-2
LTDkx3Ku5HLQSNc5wwslfwVKhfIdEy+jc0+KmX9e2MIi3p/JYRV1Yv9tgJS/HV3RQdticaxenwc=
current.js
js.hscta.net/cta/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscta.net/cta/current.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:dfcc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c4da3820301d818f38ac9229edd65b52e2c3a2b779a6e5868e4ac2ac35cb1c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:37 GMT
via
1.1 dd169cfdbbafbb3da513bede6bc6640e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-amz-version-id
GPVksClhi11fFE1dVr2hA2Yhfl6HI5lS
last-modified
Fri, 01 Mar 2019 09:18:38 GMT
server
cloudflare
etag
W/"7b62ab8fd6d6fb578291ee3b5057415a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=600
cf-ray
4ba03f94ceabbf07-FRA
x-amz-cf-id
VdsXgUq1J1IiBmnyC6FJ_h6W5l4ug55yqxNpiUEUPo0FwVZT68jaXA==
microsoft_partner_small.png
www.avanan.com/hubfs/marketing/website/jacob_redesign/partners/tiny/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/marketing/website/jacob_redesign/partners/tiny/microsoft_partner_small.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
61176d71a9c7a8d1b5a070d54f47fcc1bf77d0779b18abfb44121ddd215337a4

Request headers

:path
/hubfs/marketing/website/jacob_redesign/partners/tiny/microsoft_partner_small.png
pragma
no-cache
cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:39 GMT
via
1.1 f989b812753677758cd8909391e239ac.cloudfront.net (CloudFront)
x-amz-meta-cache-tag
F-7181131917,FD-7181131911,P-1835778,FLS-ALL
x-amz-request-id
9C70A8C122DECD7D
cf-ray
4ba03f9cfffc63e5-FRA
edge-cache-tag
F-7181131917,FD-7181131911,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
4458
x-amz-id-2
5Vl4aBo5Dw2Nd7mHvsD9Kk4LGGJVzkAhGM+lRjCsQnSkPF9oStzj2ghwgZAi1oNPZ4n5t7DVHX4=
last-modified
Mon, 21 Jan 2019 18:11:27 GMT
server
cloudflare
etag
"540cb6620967209dbf7d720807e85463"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
ygizhvmr69genTUL9szhHE8OJworLAuq
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
pTIMtTaUR874amDygdKWjjsQ67hLke3ZvfDrFqyDb6fMJJbOlwx_ZQ==
gcp-partner-clear.png
www.avanan.com/hubfs/marketing/website/jacob_redesign/partners/tiny/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/marketing/website/jacob_redesign/partners/tiny/gcp-partner-clear.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
de657b8c0addb213e7fe409da7b1a4d4edb52ab824b49fa5a154216fdc74e61c

Request headers

:path
/hubfs/marketing/website/jacob_redesign/partners/tiny/gcp-partner-clear.png
pragma
no-cache
cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:39 GMT
via
1.1 cd103c18819ef0db201c8a8cb9162bd2.cloudfront.net (CloudFront)
x-amz-meta-cache-tag
F-7181131918,FD-7181131911,P-1835778,FLS-ALL
x-amz-request-id
1E182574D99353A6
cf-ray
4ba03f9cfffd63e5-FRA
edge-cache-tag
F-7181131918,FD-7181131911,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
4871
x-amz-id-2
GxNg3rTt5QwzvdOgGTVVbyYJWLPRSYV90PzQjV2PZebhX0Tw4faIs5V7PLaor1wcjoIk/+ecpXA=
last-modified
Mon, 21 Jan 2019 18:11:27 GMT
server
cloudflare
etag
"45872323bf32625169b78b7002f7003a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
hS3TJm6zgOdsUn8ysmnVcn0ffUVSrhLH
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
M6ASENSSYRVPND8_JUw_rCgUzWSf8QltCjCkDVHVvLgFG6x-8qYU6Q==
forbes-circle-white.png
www.avanan.com/hubfs/marketing/website/jacob_redesign/partners/tiny/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/marketing/website/jacob_redesign/partners/tiny/forbes-circle-white.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c6e802d1dfa2b7d66f589da0cc3fcae2bbfb29a97d8b3cfcacb5e2366aa3f63

Request headers

:path
/hubfs/marketing/website/jacob_redesign/partners/tiny/forbes-circle-white.png
pragma
no-cache
cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:39 GMT
via
1.1 2d2eb60d814c8202a5a69fa957cd569d.cloudfront.net (CloudFront)
x-amz-meta-cache-tag
F-7181131919,FD-7181131911,P-1835778,FLS-ALL
x-amz-request-id
9E1A63822B52E270
cf-ray
4ba03f9cf80063e5-FRA
edge-cache-tag
F-7181131919,FD-7181131911,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
8020
x-amz-id-2
8PLhVkkj0UGRe2HOwmRC/0SEAPwNyXPJi0Hnn5ueqRdKz2Hl3HQmrtsz6nJdWk4uWrBbrfTJoeE=
last-modified
Mon, 21 Jan 2019 18:11:27 GMT
server
cloudflare
etag
"d0d456b273bc7ff8d8a33210b4e30509"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
8xEQcEk_Bd56iWjwbTRpOYPTlOeF93Q3
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
RXFaZ_QlrLqDCLJ2KAeavlj6pG8kj7xeCTnfrRAhr2fXi1QcPHqjTg==
jquery.js
www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/1541626941360/Custom/jacob_redesign/js/ 		142 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/1541626941360/Custom/jacob_redesign/js/jquery.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
057d87ec0edbdb5fe7d60d32da4c3abfe1dc2e6a0aacd6543a5e9dabb7bbd21b

Request headers

:path
/hs-fs/hub/1835778/hub_generated/template_assets/1541626941360/Custom/jacob_redesign/js/jquery.js
pragma
no-cache
cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:37 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
19ED1E801589EBB4
cf-ray
4ba03f94ca4063e5-FRA
status
200
x-amz-id-2
QP5+5RtE1d0I+BYPsOp0JzqMwo1xmUTQ2Sbd/iUL5SjXxmwjL993fU7vHeDwydsd9bfBG9OKTzI=
last-modified
Wed, 07 Nov 2018 21:42:22 GMT
server
cloudflare
etag
W/"58abfaae2dedf59326b2ea681f828a06"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
8ZYli0bVXTkO8ZUC3urwp70ChYGnkI.z
cache-control
s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
content-type
application/javascript; charset=utf-8
popper.min.js
www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/1547074538717/Custom/jacob_redesign/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/1547074538717/Custom/jacob_redesign/js/popper.min.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
08be80084882e2ccb6c34873086c6f50fe72a5e9284f4a5fc012581f6677f9e6

Request headers

:path
/hs-fs/hub/1835778/hub_generated/template_assets/1547074538717/Custom/jacob_redesign/js/popper.min.js
pragma
no-cache
cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:37 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
528CE6115E2D0D1C
cf-ray
4ba03f94ea5c63e5-FRA
status
200
x-amz-id-2
DoWHJw1nD8zbtFpJ0iFrsVOo5QpOkdSAIBHVbQB5r0n+q6SM3pwmGGVGMdexhzN1oO3VHDLbhpM=
last-modified
Wed, 09 Jan 2019 22:55:39 GMT
server
cloudflare
etag
W/"3761299951652851f71f258225c66333"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
1GYqVxQ5cn3WBZcULHRv7q_gU_60xqkG
cache-control
s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
content-type
application/javascript; charset=utf-8
bootstrap.min.js
www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/1534451190379/Custom/jacob_redesign/js/ 		53 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/1534451190379/Custom/jacob_redesign/js/bootstrap.min.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbdf3f79ac4a6175659ae176598e064e27e85c57657569975113d0bd67bbcfcd

Request headers

:path
/hs-fs/hub/1835778/hub_generated/template_assets/1534451190379/Custom/jacob_redesign/js/bootstrap.min.js
pragma
no-cache
cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:37 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
AEA5BECDA10778FD
cf-ray
4ba03f94fa6e63e5-FRA
status
200
x-amz-id-2
kLlIs9LUpdhJ4i7Z9b9Dwvo0bxjZ5b6DnveaKPjHOwtKOiL3U1DfEGmXIz3iSCTuh6LAZgFNGzE=
last-modified
Thu, 16 Aug 2018 20:26:31 GMT
server
cloudflare
etag
W/"71122cadf887d6dfbe285d2e749f1d22"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
5CaUcMDW0RiD8QR8uLVZzf.KdNNfduWU
cache-control
s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
content-type
application/javascript; charset=utf-8
custom.js
www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/1551124492376/Custom/jacob_redesign/js/ 		28 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/1551124492376/Custom/jacob_redesign/js/custom.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a3b0ddfd306be9c0cc9d5c277df824c4efb5b6092f7ee21d4acc54605bd01bd

Request headers

:path
/hs-fs/hub/1835778/hub_generated/template_assets/1551124492376/Custom/jacob_redesign/js/custom.js
pragma
no-cache
cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:37 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
B902D3B37B3559FA
cf-ray
4ba03f951a8663e5-FRA
status
200
x-amz-id-2
0ROfCt+g74+Tk1mAW0Tvc2P0aVx4q2YMM/o4+783ohiv/s3HIxiaG5nv4fv0m6CcnkCaQw4enSs=
last-modified
Mon, 25 Feb 2019 19:54:53 GMT
server
cloudflare
etag
W/"50b4969290b3672bfc9aa798e31b80bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
4P6p6CYxFRxfztEXyRoHHi5RVdRxmfWB
cache-control
s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
content-type
application/javascript; charset=utf-8
plugins.js
www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/1548012593999/Custom/jacob_redesign/js/ 		508 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/1548012593999/Custom/jacob_redesign/js/plugins.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a82df3611c2166b9b9e824830c57bc09ef40860b9dc83fb2897b9a2a3ab0b98

Request headers

:path
/hs-fs/hub/1835778/hub_generated/template_assets/1548012593999/Custom/jacob_redesign/js/plugins.js
pragma
no-cache
cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:37 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
6EE8233F0DCB3E2D
cf-ray
4ba03f954aab63e5-FRA
status
200
x-amz-id-2
SAKCjDG2Fa2hwPIqKr1kLT3TuPJ76EINUg1JpHcGCQGzVF0hrgMD52VxJ8e/01BP77DLUPB0u8g=
last-modified
Sun, 20 Jan 2019 19:29:55 GMT
server
cloudflare
etag
W/"c612fe430751a00bb8750c6601520596"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
KL3BSjtBuyLhyJf7hW5GgmYd2hEGihr0
cache-control
s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
content-type
application/javascript; charset=utf-8
module_6416159786_Custom_jacob_redesign_modules_blog_new_body.min.js
www.avanan.com/hs-fs/hub/1835778/hub_generated/module_assets/1552920083070/ 		220 B
330 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs-fs/hub/1835778/hub_generated/module_assets/1552920083070/module_6416159786_Custom_jacob_redesign_modules_blog_new_body.min.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9a813be060efd29a4fd2994f018639303090b78d0f44f871573a4e2233190fa

Request headers

:path
/hs-fs/hub/1835778/hub_generated/module_assets/1552920083070/module_6416159786_Custom_jacob_redesign_modules_blog_new_body.min.js
pragma
no-cache
cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:37 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
62650FA8EDCA4D3C
cf-ray
4ba03f955ab763e5-FRA
status
200
x-amz-id-2
7WcAw5Tn1lczmPEr0a535LhsUUuhGxuLqQU0yrUBDJxEC5rfM8HBXQKfht/DsFtHyb4GW32oHoE=
last-modified
Mon, 18 Mar 2019 14:41:24 GMT
server
cloudflare
etag
W/"503b4f996e8aed8ef625b0d7d28937ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
YnqVv2SR8Gd4mVN0t0PQeS32KmQCOXRA
cache-control
s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
content-type
application/javascript; charset=utf-8
1835778.js
www.avanan.com/hs/scriptloader/ 		2 KB
699 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/hs/scriptloader/1835778.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8ff6b8bd53848090603614f7341e0a4946c9c1e6ff898d0cd3d089a38f7d74c

Request headers

:path
/hs/scriptloader/1835778.js
pragma
no-cache
cookie
__cfduid=d5fe57166eeefc12fffcc6e2a7a5081091553006917; __cfruid=a1550071de05c4127340bf2335259129f21a4b69-1553006917
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:39 GMT
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
x-trace
2B1568EA0004E5C0D7A4147969598A3593EB44E242000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=utf-8
status
200
cache-control
public, max-age=60
access-control-allow-credentials
false
cf-ray
4ba03f9cf80163e5-FRA
expires
Tue, 19 Mar 2019 14:49:39 GMT
conversion.js
www.googleadservices.com/pagead/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.217.22.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
569ba568353cecac0284474b40b57454817d836793b9ec427023434235ffaa1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
9933
x-xss-protection
1; mode=block
server
cafe
etag
17460547880409049971
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 19 Mar 2019 14:48:38 GMT
css
fonts.googleapis.com/ 		4 KB
638 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto|Montserrat
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
fd054315b9a5a4431a111a7c79acead683ddf0981021c1a8c462a69f9d799e80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 19 Mar 2019 14:48:37 GMT
server
ESF
access-control-allow-origin
*
date
Tue, 19 Mar 2019 14:48:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Tue, 19 Mar 2019 14:48:37 GMT
gtm.js
www.googletagmanager.com/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:808::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
2d394686daca72fb115ab0976cd6a87de44cf0744a22b43a9dd6cf681de8ed68
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:39 GMT
content-encoding
br
last-modified
Mon, 18 Mar 2019 17:51:57 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
27375
x-xss-protection
1; mode=block
expires
Tue, 19 Mar 2019 14:48:39 GMT
27de06ce-a997-42ad-9adc-ff709a5afb3e_eu.js
cdn.mouseflow.com/projects/
Redirect Chain
  • https://cdn.mouseflow.com/projects/27de06ce-a997-42ad-9adc-ff709a5afb3e.js
  • https://cdn.mouseflow.com/projects/27de06ce-a997-42ad-9adc-ff709a5afb3e_eu.js
764 B
658 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mouseflow.com/projects/27de06ce-a997-42ad-9adc-ff709a5afb3e_eu.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.38 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
f943eacfc483576eb7ca68a1fc5a4251614669e60ff2de262c16a2fd5ca9ce12

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:40 GMT
content-encoding
gzip
last-modified
Fri, 15 Mar 2019 08:05:02 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"ea017cb5dbd41:0"
x-cache
HIT
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=86400

Redirect headers

status
301
date
Tue, 19 Mar 2019 14:48:39 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
content-length
178
location
https://cdn.mouseflow.com/projects/27de06ce-a997-42ad-9adc-ff709a5afb3e_eu.js
content-type
text/html
close.svg
cdn2.hubspot.net/hubfs/1835778/marketing/website/jacob_redesign/page_icons/
Redirect Chain
  • https://cdn2.hubspot.net/hubfs/1835778/jacob_redesign/page_icons/close.svg
  • https://cdn2.hubspot.net/hubfs/1835778/marketing/website/jacob_redesign/page_icons/close.svg
513 B
898 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn2.hubspot.net/hubfs/1835778/marketing/website/jacob_redesign/page_icons/close.svg
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:f0cc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
24a3a9ccca4cde6a90f28a96467b83fcc8e8b02ae532b85c46d45514e98c9dc9

Request headers

Referer
https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/1551809090548/Custom/jacob_redesign/css/template.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:40 GMT
via
1.1 e1f6fa82d37f125cb361c7c37faf6662.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-meta-cache-tag
F-6129363300,FD-6106722142,P-1835778,FLS-ALL
x-amz-request-id
4BCF6D5F6C53D497
edge-cache-tag
F-6129363300,FD-6106722142,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 34
content-encoding
gzip
x-amz-version-id
hVju0bMmSlr.ACcbNuamoUKovpCAAxd7
x-amz-id-2
c94uB6lbRezy2k7bzmWYOhJ6SP9iJT41tnDEGVRUJTOUj86FMryFE0Tr+l3xe2qbAsfSDA9IEwo=
last-modified
Sat, 27 Oct 2018 19:45:57 GMT
server
cloudflare
etag
W/"cad7540d366ad86e66ac89079055b4b9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1209600, max-age=1209600
cf-ray
4ba03fa22c1d96b2-FRA
x-amz-cf-id
KqJSJdJ7Xq46mysePk7r3K7ehsD5yqS-aP_9M1MIeMMkD8l1Mtcfhg==

Redirect headers

date
Tue, 19 Mar 2019 14:48:39 GMT
via
1.1 73f3a23156999272233949c078c30859.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-request-id
6B34977B8430E5C2
x-cache
Miss from cloudfront
status
301
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
0
x-amz-id-2
V52wt/AQHGqx8P91hFl6eLXwA5QYBop8jdikyuPBAdByxEQjcKic2Z4onQdhbYZqM8ls5KcYzmw=
access-control-allow-origin
*
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
location
https://cdn2.hubspot.net/hubfs/1835778/marketing/website/jacob_redesign/page_icons/close.svg
cache-control
s-maxage=1209600, max-age=1209600
cf-ray
4ba03f9dbc0e96b2-FRA
x-amz-cf-id
6Pbv6nc117NHSYJBajlUCYBkAuamY8D8mJCK2sCkFBnCH_UMjoY12w==
pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v6/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v6/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Origin
https://www.avanan.com

Response headers

date
Fri, 08 Mar 2019 23:45:47 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Feb 2019 22:28:24 GMT
server
sffe
age
918172
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
7924
x-xss-protection
1; mode=block
expires
Sat, 07 Mar 2020 23:45:47 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v6/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v6/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Origin
https://www.avanan.com

Response headers

date
Sat, 09 Mar 2019 03:03:28 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Feb 2019 22:28:27 GMT
server
sffe
age
906311
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
7836
x-xss-protection
1; mode=block
expires
Sun, 08 Mar 2020 03:03:28 GMT
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v6/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v6/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Origin
https://www.avanan.com

Response headers

date
Sat, 09 Mar 2019 00:02:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Feb 2019 22:26:34 GMT
server
sffe
age
917187
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
7968
x-xss-protection
1; mode=block
expires
Sun, 08 Mar 2020 00:02:12 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v6/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v6/pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5e07f937be00bbef113152fa46b2b2d5df97f405b152881c96e1c5069d8f405d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Origin
https://www.avanan.com

Response headers

date
Sat, 09 Mar 2019 02:06:29 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Feb 2019 22:28:00 GMT
server
sffe
age
909730
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
7960
x-xss-protection
1; mode=block
expires
Sun, 08 Mar 2020 02:06:29 GMT
pxiGyp8kv8JHgFVrJJLucHtAOvWDSA.woff2
fonts.gstatic.com/s/poppins/v6/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v6/pxiGyp8kv8JHgFVrJJLucHtAOvWDSA.woff2
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7930f49c4da455b5c7dd46dd4aaa7260afedf32a341da9fa5f6867cdcf4acee4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Origin
https://www.avanan.com

Response headers

date
Sat, 09 Mar 2019 03:34:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Feb 2019 22:28:06 GMT
server
sffe
age
904441
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9120
x-xss-protection
1; mode=block
expires
Sun, 08 Mar 2020 03:34:38 GMT
pxiDyp8kv8JHgFVrJJLmr19VF9eOYktMqg.woff2
fonts.gstatic.com/s/poppins/v6/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v6/pxiDyp8kv8JHgFVrJJLmr19VF9eOYktMqg.woff2
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b7ab8989fc4fdf71dad241d721ae8397c01e29c5d5b09050b16f99d0ed297dca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Origin
https://www.avanan.com

Response headers

date
Sat, 09 Mar 2019 04:49:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 19 Feb 2019 22:29:10 GMT
server
sffe
age
899974
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9140
x-xss-protection
1; mode=block
expires
Sun, 08 Mar 2020 04:49:05 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.2.0/webfonts/ 		61 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-solid-900.woff2
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://use.fontawesome.com/releases/v5.2.0/css/all.css
Origin
https://www.avanan.com

Response headers

date
Tue, 19 Mar 2019 14:48:39 GMT
last-modified
Mon, 23 Jul 2018 17:07:14 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
"b75b4bfe0d58faeced5006c785eaae23"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
status
200
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
62472
fa-brands-400.woff2
use.fontawesome.com/releases/v5.2.0/webfonts/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-brands-400.woff2
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://use.fontawesome.com/releases/v5.2.0/css/all.css
Origin
https://www.avanan.com

Response headers

date
Tue, 19 Mar 2019 14:48:39 GMT
last-modified
Mon, 23 Jul 2018 17:07:09 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
"6814d0e8136d34e313623eb7129d538e"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
status
200
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
64144
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v12/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
50e7e16fa947036ed479023375a7a44597c72dcc780c110ddb87a28cfa7fd16c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto|Montserrat
Origin
https://www.avanan.com

Response headers

date
Sat, 09 Mar 2019 23:35:32 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Nov 2017 15:24:13 GMT
server
sffe
age
832387
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13248
x-xss-protection
1; mode=block
expires
Sun, 08 Mar 2020 23:35:32 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
3706
date
Tue, 19 Mar 2019 13:46:54 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17543
expires
Tue, 19 Mar 2019 15:46:54 GMT
uwt.js
static.ads-twitter.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.46.80 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
/
Resource Hash
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:40 GMT
content-encoding
gzip
age
53292
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1954
x-served-by
mtc-tw-lon2-4-TWLON2
last-modified
Tue, 23 Jan 2018 19:05:33 GMT
x-timer
S1553006920.320353,VS0,VE0
etag
"b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
insight.min.js
sjs.bizographics.com/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sjs.bizographics.com/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f1:280::3adf , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 19 Mar 2019 14:48:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Dec 2018 23:03:30 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=14341
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4571
hotjar-923213.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-923213.js?sv=5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.32.173 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-27
Software
openresty /
Resource Hash
9498986fc8431b4e681517da93dcf72485477bbc6da133ffa588ff038aec0cf1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript
section-io-tag
hotjar
age
2
status
200
access-control-max-age
600
section-io-cache
Hit
content-length
1731
x-cache-hit
1
server
openresty
x-frame-options
SAMEORIGIN
etag
W/ff04a7ede19ecde68be8e38992a2c8f3
vary
Accept-Encoding
section-io-origin-status
304
access-control-allow-origin
*
cache-control
max-age=60
section-io-origin-time-seconds
0.070
accept-ranges
bytes
section-io-id
b4c5e70a7543d0ca2b5bdec8f15bdb73
fbevents.js
connect.facebook.net/en_US/ 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/e2t/c/*W8v8XSX1sXwwNW7VP-vn8xtHpJ0/*N3J9QGbKH7FlW8xqj3T9g6Z-f0/5/f18dQhb0S8329dsQXzW6bPrSs8q5B_3VxwwWr4cv5BSW1T-CDf13QwVrW1m2Dkx99c0JBW8nP6fB51frthW4vgKM197QBwBW96zRPS6b-LD7W3S_kbD6bW3N-W64-kXB1xlbrLW51vDGn2z3LPJW6Qk4-W4l2q4PW2xFVtR3MjZnJW2HVTVM3CcrhnW3MbN9Z3vgcQ3W2TKT0D3Wgy8yW4LG27L62WP1ZW6nzlwj2FJ71DW5r17Qj47XqvRW1tBHvJ83KHrFW7J39pB2przrYN6W3RDgHd1JGW17Tx3v7wzDllW1VJryk5lX8fqW13bD4h6dkdCwW5nn6Z92LBYSVVKQF785lBF-_W84pxMQ7t50TXW337_-B9dPKncW55cWm26wSPPkW1GXB8T2fzJdKW9gRm1N1yNX06W59BNSt4P71DjW54NLlQ75GGdqW759bJ_2L51HLW3mF3Pv750pssV7qr8k5NkW_nW2PTlBY59GQCsW6Vgrtk6X_LvtV_Z-Tr3fWXWKW4CHsW245Ly2MVkwRN48sXjGlW1BqPcn1vXsnJW47Nysp4DdNY3W49Jc2g3JVKzHW8DHFV28mhg5wW7z2vr68DwjfNW4B1zkV1K8nMxW4DwXwh3FZ5DNVB2BJL32rNqXW4R1rFX4HzlYGf2NbN_J11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
6bb981959d783d83df88b9aa48738948c9a8a22c1a31b8cb5305d3e338ebf9a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
private
x-fb-debug
YNlC5FhtBy62CNCxAEL9QlxiGGg3NxT6SwQjhRmIgwwRF5iObJwz36ni32kZCJOZV6uUyU+eSzDcyzvpUSJicw==
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 19 Mar 2019 14:48:40 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
private
strict-transport-security
max-age=31536000; preload; includeSubDomains
vary
Accept-Encoding
content-length
15216
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
w.js
d10lpsik1i8c69.cloudfront.net/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/e2t/c/*W8v8XSX1sXwwNW7VP-vn8xtHpJ0/*N3J9QGbKH7FlW8xqj3T9g6Z-f0/5/f18dQhb0S8329dsQXzW6bPrSs8q5B_3VxwwWr4cv5BSW1T-CDf13QwVrW1m2Dkx99c0JBW8nP6fB51frthW4vgKM197QBwBW96zRPS6b-LD7W3S_kbD6bW3N-W64-kXB1xlbrLW51vDGn2z3LPJW6Qk4-W4l2q4PW2xFVtR3MjZnJW2HVTVM3CcrhnW3MbN9Z3vgcQ3W2TKT0D3Wgy8yW4LG27L62WP1ZW6nzlwj2FJ71DW5r17Qj47XqvRW1tBHvJ83KHrFW7J39pB2przrYN6W3RDgHd1JGW17Tx3v7wzDllW1VJryk5lX8fqW13bD4h6dkdCwW5nn6Z92LBYSVVKQF785lBF-_W84pxMQ7t50TXW337_-B9dPKncW55cWm26wSPPkW1GXB8T2fzJdKW9gRm1N1yNX06W59BNSt4P71DjW54NLlQ75GGdqW759bJ_2L51HLW3mF3Pv750pssV7qr8k5NkW_nW2PTlBY59GQCsW6Vgrtk6X_LvtV_Z-Tr3fWXWKW4CHsW245Ly2MVkwRN48sXjGlW1BqPcn1vXsnJW47Nysp4DdNY3W49Jc2g3JVKzHW8DHFV28mhg5wW7z2vr68DwjfNW4B1zkV1K8nMxW4DwXwh3FZ5DNVB2BJL32rNqXW4R1rFX4HzlYGf2NbN_J11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.20 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-208-20.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6886e3e22ba9f24879507ac2832d2aa39ce4582311563dc70f245519945b5522

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:45:49 GMT
content-encoding
gzip
last-modified
Fri, 15 Mar 2019 14:45:20 GMT
server
AmazonS3
age
177
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=3600
x-amz-cf-id
daeRTLBO0iHmRsd0fJyhqJAQ0gd-aLugElUlRahtOqcHyzjKcEdFfg==
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
qevents.js
a.quora.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.quora.com/qevents.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/e2t/c/*W8v8XSX1sXwwNW7VP-vn8xtHpJ0/*N3J9QGbKH7FlW8xqj3T9g6Z-f0/5/f18dQhb0S8329dsQXzW6bPrSs8q5B_3VxwwWr4cv5BSW1T-CDf13QwVrW1m2Dkx99c0JBW8nP6fB51frthW4vgKM197QBwBW96zRPS6b-LD7W3S_kbD6bW3N-W64-kXB1xlbrLW51vDGn2z3LPJW6Qk4-W4l2q4PW2xFVtR3MjZnJW2HVTVM3CcrhnW3MbN9Z3vgcQ3W2TKT0D3Wgy8yW4LG27L62WP1ZW6nzlwj2FJ71DW5r17Qj47XqvRW1tBHvJ83KHrFW7J39pB2przrYN6W3RDgHd1JGW17Tx3v7wzDllW1VJryk5lX8fqW13bD4h6dkdCwW5nn6Z92LBYSVVKQF785lBF-_W84pxMQ7t50TXW337_-B9dPKncW55cWm26wSPPkW1GXB8T2fzJdKW9gRm1N1yNX06W59BNSt4P71DjW54NLlQ75GGdqW759bJ_2L51HLW3mF3Pv750pssV7qr8k5NkW_nW2PTlBY59GQCsW6Vgrtk6X_LvtV_Z-Tr3fWXWKW4CHsW245Ly2MVkwRN48sXjGlW1BqPcn1vXsnJW47Nysp4DdNY3W49Jc2g3JVKzHW8DHFV28mhg5wW7z2vr68DwjfNW4B1zkV1K8nMxW4DwXwh3FZ5DNVB2BJL32rNqXW4R1rFX4HzlYGf2NbN_J11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3f37d74095d27ff0f96a5db6eb5136c477109a18e09d9dc6b94bd9cb5f45fba2

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id
YCV7VuLi1FWNdCoW3lEJrFWrz1GWe8vX
content-encoding
gzip
age
5348
x-cache
HIT
status
200
date
Tue, 19 Mar 2019 14:48:40 GMT
content-length
5544
x-amz-id-2
B39JIW/GWrnRUySHwWhlWu4ZOkpHhpCDkL1+19pk7UCj6cz8dY6TM/c4yfHDqi5FZjltKzXsbZM=
x-served-by
cache-hhn1522-HHN
last-modified
Thu, 17 May 2018 01:54:45 GMT
server
AmazonS3
x-timer
S1553006920.372184,VS0,VE0
etag
"ff1694b5052cad982a64fab43387cf6d"
vary
Accept-Encoding
x-amz-request-id
7757EB3811C7F1B0
via
1.1 varnish
cache-control
max-age=7200
accept-ranges
bytes
content-type
text/plain; charset=us-ascii
x-cache-hits
5560
px.js
px.spiceworks.com/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://px.spiceworks.com/px.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.212 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
b3c4c350bc8e1f5dfb3cd2219da782d012cabbd838860724b5b677adb3b83eec

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
x-iinfo
9-14897073-14892294 PNNN RT(1553006919607 0) q(0 0 0 9) r(0 0) U5
date
Tue, 19 Mar 2019 14:48:40 GMT
content-encoding
gzip
x-cdn
Incapsula
content-type
text/javascript
1936026250043111
connect.facebook.net/signals/config/ 		186 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1936026250043111?v=2.8.42&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
e24292a202ee1328c1ba5359f6d698adf062197eb5697582a0f15e4a39ab66ad
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
tLLXHYWtPtoD2oD0NCbd8sCSkzNSSVJJCpVLMnMzPyvk1F1wPh+ey4M0nUohM2M8KrgDMXMjCom/RlzRF8JYKQ==
date
Tue, 19 Mar 2019 14:48:40 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
modules-e39a5507cbb05f5d456097501c919882.js
script.hotjar.com/ 		403 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules-e39a5507cbb05f5d456097501c919882.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-923213.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.81.98 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-30
Software
/
Resource Hash
f5ee20343782e170511daaa30e087970a5dec8ad9ad108ed0e174d0ec583dbf3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 15 Mar 2019 20:31:45 GMT
access-control-allow-origin
*
etag
W/"e39a5507cbb05f5d456097501c919882"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
section-io-origin-time-seconds
0.031
section-io-origin-status
200
accept-ranges
bytes
section-io-id
ef680f9677c0fba1b28968c9da402921
content-length
85707
pixel
q.quora.com/_/ad/fd7bfbc3f0e14e8ab4ef694d7ca81f7d/ 		43 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.quora.com/_/ad/fd7bfbc3f0e14e8ab4ef694d7ca81f7d/pixel?j=1&u=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit%3Futm_campaign%3DNewsletter%25202019-03-19%26utm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D70874762%26_hsenc%3Dp2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M%26_hsmi%3D70879296&tag=ViewContent&ts=1553006920734
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.218.142 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-233-218-142.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 19 Mar 2019 14:48:41 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
js
www.google-analytics.com/gtm/ 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-P5GTK6B&t=gtm2&cid=675451659.1553006921
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
ef776708ac8e9a3a3ecc43ff4a80bb0e1ba3048ff55a9cbc40fae0f020bf3516
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:41 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
20705
x-xss-protection
1; mode=block
expires
Tue, 19 Mar 2019 14:48:41 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=166423513&t=pageview&_s=1&dl=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit%3Futm_campaign%3DNewsletter%...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-59393664-1&cid=675451659.1553006921&jid=1919180912&_gid=1298818519.1553006921&gjid=790950569&_v=j73&z=3588515
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-59393664-1&cid=675451659.1553006921&jid=1919180912&_v=j73&z=3588515
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-59393664-1&cid=675451659.1553006921&jid=1919180912&_v=j73&z=3588515&slf_rd=1&random=1519748161
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-59393664-1&cid=675451659.1553006921&jid=1919180912&_v=j73&z=3588515&slf_rd=1&random=1519748161
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Mar 2019 14:48:41 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Mar 2019 14:48:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-59393664-1&cid=675451659.1553006921&jid=1919180912&_v=j73&z=3588515&slf_rd=1&random=1519748161
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
0516
px.spiceworks.com/px/ 		42 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.spiceworks.com/px/0516?buster=1397&pxref=&_fpv=2.4&_fpt=15&_fp2=866036f769d411d6d1df14d81864b646
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.13.212 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
x-iinfo
9-14897265-14892294 PNNN RT(1553006920391 0) q(0 0 0 -1) r(1 1) U5
date
Tue, 19 Mar 2019 14:48:41 GMT
x-cdn
Incapsula
content-length
42
content-type
image/gif
adsct
t.co/i/ 		43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o0967&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.197 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=0
content-length
65
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
x-response-time
144
pragma
no-cache
last-modified
Tue, 19 Mar 2019 14:48:41 GMT
server
tsa_f
x-frame-options
SAMEORIGIN
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
a95815192ec04e72a85537dfbd005b64
x-transaction
00df7e3e00ef7990
expires
Tue, 31 Mar 1981 05:00:00 GMT
loader-v2.js
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/loader-v2.js?canon=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit&hsutk=c7a000001cd210c5165e0169966d0678&pg=129def08-6c3f-4e42-9eb1-bf3e544782e9&pid=1835778&sv=static-1.198&utm_campaign=Newsletter%202019-03-19&utm_medium=email&lag=2209&df=t
Requested by
Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fa05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
42d16cb632b823d73376331e8e716c302df1eee95e079b60a4634937a5b75b25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray
4ba03faacd009762-FRA
date
Tue, 19 Mar 2019 14:48:41 GMT
content-encoding
br
server
cloudflare
x-trace
2B541068B9C10337B777FF858254D2C9DB3F9364B0000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, User-Agent
content-type
text/javascript
status
200
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-robots-tag
noindex, follow
/
www.facebook.com/tr/ 		44 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1936026250043111&ev=PageView&dl=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit%3Futm_campaign%3DNewsletter%25202019-03-19%26utm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D70874762%26_hsenc%3Dp2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M%26_hsmi%3D70879296&rl=&if=false&ts=1553006921635&sw=1600&sh=1200&v=2.8.42&r=stable&ec=0&o=30&fbp=fb.1.1553006921618.1660967976&it=1553006920645&coo=false&rqm=GET
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Tue, 19 Mar 2019 14:48:41 GMT
/
www.facebook.com/tr/ 		44 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1936026250043111&ev=ViewContent&dl=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit%3Futm_campaign%3DNewsletter%25202019-03-19%26utm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D70874762%26_hsenc%3Dp2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M%26_hsmi%3D70879296&rl=&if=false&ts=1553006921638&sw=1600&sh=1200&v=2.8.42&r=stable&ec=1&o=30&fbp=fb.1.1553006921618.1660967976&it=1553006920645&coo=false&rqm=GET
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Tue, 19 Mar 2019 14:48:41 GMT
cta-loaded.js
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 		0
137 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-loaded.js?pid=1835778&pg=129def08-6c3f-4e42-9eb1-bf3e544782e9&lt=1553006919136&dt=1553006921345&at=1553006921704&sl=1&an=1
Requested by
Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fa05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray
4ba03facb8ba9762-FRA
date
Tue, 19 Mar 2019 14:48:41 GMT
server
cloudflare
x-trace
2BF92BECEC4AC6D5A84C6ED4F6F96BA3F6C22A5655000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, User-Agent
content-type
application/octet-stream
status
200
cache-control
no-cache, no-store, no-transform, max-age=0
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-robots-tag
noindex, follow
content-length
0
js
www.google-analytics.com/gtm/ 		46 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-MRPGQ7S&t=gtm4&cid=1556281219.1553006922
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
d70ca30e032c44217a48beda52c76c2e1b15188104fd67d885467d6e830cd5d0
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:42 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
17369
x-xss-protection
1; mode=block
expires
Tue, 19 Mar 2019 14:48:42 GMT
loader.js
static.olark.com/jsclient/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.olark.com/jsclient/loader.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.42 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41A4) /
Resource Hash
9d07a3afe2050c2e5d44dd2dbfdc8756e1d0fa177518eb6992d5096526cbd7bd

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:42 GMT
content-encoding
gzip
last-modified
Tue, 26 Feb 2019 18:19:42 GMT
server
ECS (fcn/41A4)
vary
Accept-Encoding
x-cache
HIT
p3p
CP='Olark does not have a P3P policy. Learn why here: http://olark.com/p3p'
status
200
cache-control
max-age=10800
accept-ranges
bytes
content-type
application/x-javascript; charset=utf-8
content-length
2120
via
1.1 google
expires
Tue, 19 Mar 2019 17:48:42 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/881234066/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/881234066/?random=1553006922039&cv=9&fst=1553006922039&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit%3Futm_campaign%3DNewsletter%25202019-03-19%26utm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D70874762%26_hsenc%3Dp2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M%26_hsmi%3D70879296&tiba=Widespread%20Office%20365%20and%20Gmail%20Misconfiguration%20Allows%20Hackers%20to%20Bypass%20Email%20Gateways&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
91c214f182dfabdbf5744a64ef916473a3ae1476c5ec595e88854909427ab056
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Mar 2019 14:48:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1193
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
42232b8d61dfeb9059bcce4439d953bf9528d1038aee467d6bde40e4c6c42c17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
/m4wRiUb/1t4NWACyGVPBA==
status
200
date
Tue, 19 Mar 2019 14:48:42 GMT
vary
Accept-Encoding
content-length
1776
x-fb-debug
hf9TSIZs7OnGuwiCxeiNLS3c4Idro8i8ADX5/OJokfhk8mnJAXj50evJCgCubxz7cMlH7bmSYliJSs7QtgCYPA==
x-fb-content-md5
3805eb140cf9c8cad24e43a42e87afb6
etag
"009c0888efc7e876cabcc40c34e36869"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 19 Mar 2019 14:56:13 GMT
widgets.js
platform.twitter.com/ 		93 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41AB) /
Resource Hash
460c112ca18e517ef1a6c6abb2ba5ae55187138503a10177bf1908d9261c3a19

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 19 Mar 2019 14:48:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Mar 2019 17:40:21 GMT
Server
ECS (fcn/41AB)
Etag
"4cf9f34505e9344b9a7e4d00e67b6c88+gzip"
Vary
Accept-Encoding
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control
public, max-age=1800
Content-Type
application/javascript; charset=utf-8
Content-Length
28028
has-permission
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 		0
207 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=1835778&callback=jQuery32103578381438676794_1553006920422&_=1553006920423
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/1541626941360/Custom/jacob_redesign/js/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fa05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:42 GMT
server
cloudflare
x-trace
2BA5963A4FA0EB174BD536D24E16245FC91431572D000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
status
204
cache-control
max-age=0
access-control-allow-credentials
false
cf-ray
4ba03fafddca9762-FRA
postlisting
www.avanan.com/_hcms/ 		2 KB
721 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/_hcms/postlisting?blogId=4153530738&maxLinks=6&listingType=recent&orderByViews=false&hs-expires=1553618917&hs-version=2&hs-signature=AJ2IBuGsU1XE7BDjxsbbhyoD5IPJqqWGJw&currentUrl=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit%3Futm_campaign%3DNewsletter%25202019-03-19%26utm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D70874762%26_hsenc%3Dp2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M%26_hsmi%3D70879296
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/hs/hsstatic/AsyncSupport/static-1.43/js/post_listing_asset.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
17e113f9eca1657cf8121e46d9ec61f11ef01ec44cd684bab73d063b417e2a1b

Request headers

:path
/_hcms/postlisting?blogId=4153530738&maxLinks=6&listingType=recent&orderByViews=false&hs-expires=1553618917&hs-version=2&hs-signature=AJ2IBuGsU1XE7BDjxsbbhyoD5IPJqqWGJw&currentUrl=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit%3Futm_campaign%3DNewsletter%25202019-03-19%26utm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D70874762%26_hsenc%3Dp2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M%26_hsmi%3D70879296
pragma
no-cache
cookie
_ga=GA1.2.1556281219.1553006922; _gid=GA1.2.869557950.1553006922
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray
4ba03fafdecd63e5-FRA
date
Tue, 19 Mar 2019 14:48:42 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
x-trace
2B27BFF76D9356DD6786CF11D251CAD3E2117032C3000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json;charset=utf-8
status
200
access-control-allow-credentials
false
set-cookie
__cfduid=d49397fa562f3c213de77dd64a6af4aa71553006922; expires=Wed, 18-Mar-20 14:48:42 GMT; path=/; domain=.www.avanan.com; HttpOnly __cfruid=38395d41a82db6bbb75eb460ed2272b32d8a63bc-1553006922; path=/; domain=.www.avanan.com; HttpOnly
x-robots-tag
none
postlisting
www.avanan.com/_hcms/ 		2 KB
962 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/_hcms/postlisting?blogId=4153530738&maxLinks=6&listingType=popular_all_time&orderByViews=true&hs-expires=1553618917&hs-version=2&hs-signature=AJ2IBuHBC2zYW4zIHv2eBA3D4HhhUBkv5A&currentUrl=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit%3Futm_campaign%3DNewsletter%25202019-03-19%26utm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D70874762%26_hsenc%3Dp2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M%26_hsmi%3D70879296
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/hs/hsstatic/AsyncSupport/static-1.43/js/post_listing_asset.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bf825ebb54376cd81263199c38c4adecfc5ff57d0ca9f45bd5d32cb126bc948

Request headers

:path
/_hcms/postlisting?blogId=4153530738&maxLinks=6&listingType=popular_all_time&orderByViews=true&hs-expires=1553618917&hs-version=2&hs-signature=AJ2IBuHBC2zYW4zIHv2eBA3D4HhhUBkv5A&currentUrl=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit%3Futm_campaign%3DNewsletter%25202019-03-19%26utm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D70874762%26_hsenc%3Dp2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M%26_hsmi%3D70879296
pragma
no-cache
cookie
_ga=GA1.2.1556281219.1553006922; _gid=GA1.2.869557950.1553006922
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray
4ba03fafdece63e5-FRA
date
Tue, 19 Mar 2019 14:48:42 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
x-trace
2B3E3F2852EBA7B83AD0BD175ECCAAFCBFAC583638000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json;charset=utf-8
status
200
access-control-allow-credentials
false
set-cookie
__cfduid=d49397fa562f3c213de77dd64a6af4aa71553006922; expires=Wed, 18-Mar-20 14:48:42 GMT; path=/; domain=.www.avanan.com; HttpOnly __cfruid=38395d41a82db6bbb75eb460ed2272b32d8a63bc-1553006922; path=/; domain=.www.avanan.com; HttpOnly
x-robots-tag
none
/
px.ads.linkedin.com/collect/
Redirect Chain
  • https://px.ads.linkedin.com/collect/?time=1553006922160&pid=110528&url=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit%3Futm_campaign%3DNewsletter%25202019-03-19...
  • https://px.ads.linkedin.com/collect/?time=1553006922160&pid=110528&url=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit%3Futm_campaign%3DNewsletter%25202019-03-19...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1553006922160%26pid%3D110528%26url%3Dhttps%253A%252F%252Fwww.avanan.com%252Fresources%252Foffice...
  • https://px.ads.linkedin.com/collect/?time=1553006922160&pid=110528&url=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit%3Futm_campaign%3DNewsletter%25202019-03-19...
0
93 B 		Script
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/collect/?time=1553006922160&pid=110528&url=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit%3Futm_campaign%3DNewsletter%25202019-03-19%26utm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D70874762%26_hsenc%3Dp2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M%26_hsmi%3D70879296&fmt=js&s=1&cookiesTest=true&liSync=true
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:109:c007:102::5be1:f885 , United States, ASN197612 (LINKEDIN-1, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:43 GMT
content-encoding
gzip
server
Play
vary
Accept-Encoding
x-li-fabric
prod-ltx1
status
200
x-li-proto
http/2
x-li-pop
PROD-IDB2
content-type
application/javascript
content-length
20
x-li-uuid
17aDn5FjjRWAKfPz6yoAAA==

Redirect headers

date
Tue, 19 Mar 2019 14:48:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
302
x-li-pop
prod-edc2
content-length
20
x-li-uuid
+U1QjZFjjRUgd5t8ySoAAA==
pragma
no-cache
server
Play
x-frame-options
sameorigin
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
vary
Accept-Encoding
strict-transport-security
max-age=2592000
x-li-fabric
prod-ltx1
location
https://px.ads.linkedin.com/collect/?time=1553006922160&pid=110528&url=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit%3Futm_campaign%3DNewsletter%25202019-03-19%26utm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D70874762%26_hsenc%3Dp2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M%26_hsmi%3D70879296&fmt=js&s=1&cookiesTest=true&liSync=true
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
adsct
analytics.twitter.com/i/ 		31 B
268 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o0967&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit%3Futm_campaign%3DNewsletter%25202019-03-19%26utm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D70874762%26_hsenc%3Dp2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M%26_hsmi%3D70879296
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.131 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_f /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
x-response-time
154
pragma
no-cache
last-modified
Tue, 19 Mar 2019 14:48:42 GMT
server
tsa_f
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
46b6abf64126d244dd79975aaf825095
x-transaction
003befb0007c4e83
expires
Tue, 31 Mar 1981 05:00:00 GMT
conversations-embed.js
js.usemessages.com/ 		53 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/hs/scriptloader/1835778.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:ebcc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
51cef7353586b67b88420dbbb0ca10733b2732961618963fb91060f233cebfd9

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:42 GMT
via
1.1 e7311287a3a52035e5fcaf9a58791105.cloudfront.net (CloudFront)
cf-cache-status
HIT
cf-ray
4ba03fb07e35c288-FRA
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Thu, 14 Mar 2019 03:19:20 GMT
server
cloudflare
etag
W/"f18b7fe52aaa658f8b8b4addd2356dce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
kcAoSBw7ayiHX.BChVdVewtDLBmn8_jM
cache-control
max-age=600
content-type
application/javascript; charset=utf-8
x-amz-cf-id
AbAh8XnlTVZgXsPofdQzAGPAhIpGmSpdcL_Ac3jXHwq7cVzTsaR94g==
leadflows.js
js.hsleadflows.net/ 		369 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/hs/scriptloader/1835778.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:e9cc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d34f8a7f8cbc62d31b9cbff1ef4b633e84e43b157865de9c074c21e7fd19912

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Origin
https://www.avanan.com

Response headers

date
Tue, 19 Mar 2019 14:48:42 GMT
via
1.1 ec9b50c7bee8c251b0724c3c8490c1e4.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
x-cache
Miss from cloudfront
status
200
access-control-max-age
3000
x-amz-replication-status
COMPLETED
content-encoding
br
content-type
application/javascript; charset=utf-8
last-modified
Fri, 15 Mar 2019 10:00:10 GMT
server
cloudflare
etag
W/"9ac92d50d22685c7396963e40217f7f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
x-amz-version-id
fUburlnX6zjJPDZ9fSEpQ0rjBwWO15Fi
access-control-allow-origin
*
cache-control
max-age=600
cf-ray
4ba03fb06ff8bedf-FRA
x-amz-cf-id
Jr4h6SaiuuCvrKeQbgFOMuBo_hzuwuQWaljOvENIcUjFqqPkYquDTQ==
1835778.js
js.hs-analytics.net/analytics/1553006700000/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1553006700000/1835778.js
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/hs/scriptloader/1835778.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1903624a3ba86f29a3e809b2de412d2c916935db6e95a85479991dc9f267744

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:42 GMT
content-encoding
gzip
cf-cache-status
MISS
x-amz-request-id
23D2CBFB10369F24
status
200
content-type
text/javascript
x-amz-id-2
9oiFLKNJHsRFdCDWxDpws7MMyWxWb4KAgqowk2Hd8bQX4V/XWlP/+WMd1DolQBfJNuHg2QO9qUE=
last-modified
Mon, 18 Mar 2019 18:42:22 GMT
server
cloudflare
etag
W/"6922148bde698370f986ad1d61de6af8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
cf-ray
4ba03fb06ef16415-FRA
expires
Tue, 19 Mar 2019 14:53:42 GMT
tbw_analytics_v1.0.js
d26x5ounzdjojj.cloudfront.net/tbw/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d26x5ounzdjojj.cloudfront.net/tbw/tbw_analytics_v1.0.js?14
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/e2t/c/*W8v8XSX1sXwwNW7VP-vn8xtHpJ0/*N3J9QGbKH7FlW8xqj3T9g6Z-f0/5/f18dQhb0S8329dsQXzW6bPrSs8q5B_3VxwwWr4cv5BSW1T-CDf13QwVrW1m2Dkx99c0JBW8nP6fB51frthW4vgKM197QBwBW96zRPS6b-LD7W3S_kbD6bW3N-W64-kXB1xlbrLW51vDGn2z3LPJW6Qk4-W4l2q4PW2xFVtR3MjZnJW2HVTVM3CcrhnW3MbN9Z3vgcQ3W2TKT0D3Wgy8yW4LG27L62WP1ZW6nzlwj2FJ71DW5r17Qj47XqvRW1tBHvJ83KHrFW7J39pB2przrYN6W3RDgHd1JGW17Tx3v7wzDllW1VJryk5lX8fqW13bD4h6dkdCwW5nn6Z92LBYSVVKQF785lBF-_W84pxMQ7t50TXW337_-B9dPKncW55cWm26wSPPkW1GXB8T2fzJdKW9gRm1N1yNX06W59BNSt4P71DjW54NLlQ75GGdqW759bJ_2L51HLW3mF3Pv750pssV7qr8k5NkW_nW2PTlBY59GQCsW6Vgrtk6X_LvtV_Z-Tr3fWXWKW4CHsW245Ly2MVkwRN48sXjGlW1BqPcn1vXsnJW47Nysp4DdNY3W49Jc2g3JVKzHW8DHFV28mhg5wW7z2vr68DwjfNW4B1zkV1K8nMxW4DwXwh3FZ5DNVB2BJL32rNqXW4R1rFX4HzlYGf2NbN_J11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.150 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-208-150.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3017f8092c3d71e4f60be3564dcd11a4697a834e96c593613eeb2c25094c4b8f

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 19 Mar 2019 02:58:28 GMT
Via
1.1 f2db75b601dc30df73b1beb29596a375.cloudfront.net (CloudFront)
Last-Modified
Thu, 05 Apr 2018 20:59:43 GMT
Server
AmazonS3
Age
42614
ETag
"8e4c80bb656719244e8b060ffcfe2934"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11898
X-Amz-Cf-Id
EtCC57hmBTsnni_T65KMj38pcbGmGrY6mBfnk0fmn01BMletuN7XCA==
/
www.facebook.com/tr/ 		44 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1936026250043111&ev=Microdata&dl=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit%3Futm_campaign%3DNewsletter%25202019-03-19%26utm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D70874762%26_hsenc%3Dp2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M%26_hsmi%3D70879296&rl=&if=false&ts=1553006922358&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22If%20you%E2%80%99re%20using%20a%20gateway%2C%20and%20your%20mail%20flow%20accepts%20emails%20not%20from%20the%20gateway%2C%20then%20hackers%20can%20send%20mail%20directly%20to%20your%20users.%22%2C%22og%3Atitle%22%3A%22Widespread%20Office%20365%20and%20Gmail%20Misconfiguration%20Allows%20Hackers%20to%20Bypass%20Email%20Gateways%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.avanan.com%2Fhubfs%2FRoot%2520Domain%2520Exploit%2520featured.png%23keepProtocol%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit%22%2C%22og%3Atype%22%3A%22article%22%7D&cd[Meta]=%7B%22title%22%3A%22Widespread%20Office%20365%20and%20Gmail%20Misconfiguration%20Allows%20Hackers%20to%20Bypass%20Email%20Gateways%22%2C%22meta%3Adescription%22%3A%22If%20you%E2%80%99re%20using%20a%20gateway%2C%20and%20your%20mail%20flow%20accepts%20emails%20not%20from%20the%20gateway%2C%20then%20hackers%20can%20send%20mail%20directly%20to%20your%20users.%22%7D&cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.42&r=stable&ec=2&o=30&fbp=fb.1.1553006922356.605111129&it=1553006920645&coo=false&es=automatic&rqm=GET
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:42 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Tue, 19 Mar 2019 14:48:42 GMT
box-d831eecf6f5411af024c3acd759add17.html
vars.hotjar.com/ Frame BC83 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-d831eecf6f5411af024c3acd759add17.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-923213.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.83.82 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-29
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-d831eecf6f5411af024c3acd759add17.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296

Response headers

status
200
date
Tue, 19 Mar 2019 14:48:42 GMT
content-type
text/html
content-length
894
cache-control
max-age=31536000
last-modified
Fri, 15 Mar 2019 20:31:45 GMT
section-io-origin-status
200
section-io-origin-time-seconds
0.023
etag
W/"d831eecf6f5411af024c3acd759add17"
content-encoding
gzip
vary
Accept-Encoding
accept-ranges
bytes
section-io-id
d05a80c2379d0a24564c4be058add3aa
all.js
connect.facebook.net/en_US/ 		185 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=c4b0e4d90905d8c6ff10acf691d14e04&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
b3660396975bbcf000e2870a12ad47a719b6432657b271f55dd570f1d67b81b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Origin
https://www.avanan.com

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
b0y/PNs9oOJf1dT7a9zPHQ==
status
200
date
Tue, 19 Mar 2019 14:48:42 GMT
vary
Accept-Encoding
content-length
55916
x-fb-debug
hq8BBYtwGvX7tDuqELZL+3I6+LFuxYKcJCdK9E62CmAWH5d3GoG5LFvweNZe0XLHB35PXZtDMd/S+teIJzOR3w==
x-fb-content-md5
31a3cb761015049ae1d73d6b17941a0b
etag
"c09e1b3a393a1db18eaeb96b107be332"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Wed, 18 Mar 2020 13:29:47 GMT
/
www.google.com/pagead/1p-user-list/881234066/ 		42 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/881234066/?random=1553006922039&cv=9&fst=1553004000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit%3Futm_campaign%3DNewsletter%25202019-03-19%26utm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D70874762%26_hsenc%3Dp2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M%26_hsmi%3D70879296&tiba=Widespread%20Office%20365%20and%20Gmail%20Misconfiguration%20Allows%20Hackers%20to%20Bypass%20Email%20Gateways&fmt=3&cdct=2&is_vtc=1&random=103092245&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Mar 2019 14:48:42 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/881234066/ 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/881234066/?random=1553006922039&cv=9&fst=1553004000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit%3Futm_campaign%3DNewsletter%25202019-03-19%26utm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D70874762%26_hsenc%3Dp2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M%26_hsmi%3D70879296&tiba=Widespread%20Office%20365%20and%20Gmail%20Misconfiguration%20Allows%20Hackers%20to%20Bypass%20Email%20Gateways&fmt=3&cdct=2&is_vtc=1&random=103092245&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Mar 2019 14:48:42 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
app.js
static.olark.com/jsclient/ Frame 41DB 		54 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.olark.com/jsclient/app.js
Requested by
Host: static.olark.com
URL: https://static.olark.com/jsclient/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.42 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40FB) /
Resource Hash
ff4c14632743e8be46295e64e3da8e4028c7a12c7f426bae5edfa9a10876f2c5

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:42 GMT
content-encoding
gzip
last-modified
Tue, 26 Feb 2019 18:19:28 GMT
server
ECS (fcn/40FB)
vary
Accept-Encoding
x-cache
HIT
p3p
CP='Olark does not have a P3P policy. Learn why here: http://olark.com/p3p'
status
200
cache-control
max-age=10800
accept-ranges
bytes
content-type
application/x-javascript; charset=utf-8
content-length
18379
via
1.1 google
expires
Tue, 19 Mar 2019 17:48:42 GMT
widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html
platform.twitter.com/widgets/ Frame C05D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html?origin=https%3A%2F%2Fwww.avanan.com&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41AB) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Accept-Encoding
gzip, deflate, br
Cookie
personalization_id="v1_hK7SjT+MDgmfce9CEmpXuw=="
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296

Response headers

Content-Encoding
gzip
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Tue, 19 Mar 2019 14:48:42 GMT
Etag
"347ce5de96d97a02c18244967b8b6532+gzip"
Last-Modified
Thu, 07 Mar 2019 17:39:26 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/41AB)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
5783
button.dd024c345fc26f7c7a8d9938b67e5d3d.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.dd024c345fc26f7c7a8d9938b67e5d3d.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40E8) /
Resource Hash
bec117b5be8f22e9305be68965e3734a5135357a3ac88cda5814b7069a1c62dc

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 19 Mar 2019 14:48:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Mar 2019 17:39:15 GMT
Server
ECS (fcn/40E8)
Etag
"481d209bbcd2464884d57a77bc64e947+gzip"
Vary
Accept-Encoding
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control
public, max-age=315360000
Content-Type
application/javascript; charset=utf-8
Content-Length
2293
public
api.hubspot.com/livechat/v1/message/ 		0
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat/v1/message/public?portalId=1835778&conversations-embed=static-1.2257&mobile=false&messagesUtk=9c7f2d8d3b1c4982b2a2b530082b389d
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fb05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Access-Control-Request-Method
GET
Origin
https://www.avanan.com
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
x-hubspot-messages-uri

Response headers

date
Tue, 19 Mar 2019 14:48:43 GMT
server
cloudflare
access-control-allow-origin
https://www.avanan.com
x-trace
2BF255706CD8B57CF193AE765DFB80F14063C74273000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow
OPTIONS,HEAD,GET,PUT
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
status
204
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
4ba03fb55a6f9aca-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
Cerber3.png
www.avanan.com/hubfs/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/Cerber3.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
934dbd6ce3617c8275ab2fd275d078aaab03530c4a56336df6be1ccec964a72f

Request headers

:path
/hubfs/Cerber3.png
pragma
no-cache
cookie
_ga=GA1.2.1556281219.1553006922; _gid=GA1.2.869557950.1553006922; _fbp=fb.1.1553006922356.605111129; __cfduid=d49397fa562f3c213de77dd64a6af4aa71553006922; __cfruid=38395d41a82db6bbb75eb460ed2272b32d8a63bc-1553006922
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:43 GMT
via
1.1 1136b0fc7377c6211173282a3992a814.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-meta-cache-tag
F-4225086791,P-1835778,FLS-ALL
x-amz-request-id
D65AD5A4EFE629CD
cf-polished
origFmt=png, origSize=66932
edge-cache-tag
F-4225086791,P-1835778,FLS-ALL
status
200
content-disposition
inline; filename="Cerber3.webp"
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
43732
x-amz-id-2
F6U7oYTsL/nlGnlKskaaS/KWt1voDzSiB4UJOD1VwDK6+W/4IAy0uxe40upX6UOw0tAp+88wwUM=
x-cache
Miss from cloudfront
last-modified
Sat, 27 Oct 2018 19:38:00 GMT
server
cloudflare
etag
"3472a2cc1c5744c3d7825643b3d5e58d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
s-maxage=1209600, max-age=1209600
x-amz-version-id
xrH8LOugJzlNF8cuVAu7NkJCgxfV4iS_
accept-ranges
bytes
cf-ray
4ba03fb4fb2c63e5-FRA
x-amz-cf-id
6iQC-QbaVG5M5lBHavfvj5e8GSRk08jU7Sg7Xo_bqC2hn-qH13L7pA==
cf-bgj
imgq:85
baseStriker-featured.png
s3.amazonaws.com/avanan-public/avanan_hubSpot_imgs/blog/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/avanan-public/avanan_hubSpot_imgs/blog/baseStriker-featured.png?t=1528989118755
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.85.77 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5cbbc7d9e8e831509b3b3633bc4fda503413f939e17c97110d790f3d871951b4

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 19 Mar 2019 14:48:44 GMT
Last-Modified
Fri, 15 Jun 2018 19:00:53 GMT
Server
AmazonS3
x-amz-request-id
023992C7457B4C8E
ETag
"17c419cc9208ca6945cc0ec070b86c8f"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
7563
x-amz-id-2
jUAy5oVl4pqADxSCJu5RJLofZoE66LvEAIOLfyPrp7Tlvdvkd9tZCVer7BEP98myJh/qsWN8Ofk=
safe-links-featured.png
www.avanan.com/hubfs/blog/safelinks/ 		485 KB
486 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/blog/safelinks/safe-links-featured.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c8a87efe5f4bb9345d45baa057dd2b23b8f44d46d2b3ed4bd454c1bf54fc66d

Request headers

:path
/hubfs/blog/safelinks/safe-links-featured.png
pragma
no-cache
cookie
_ga=GA1.2.1556281219.1553006922; _gid=GA1.2.869557950.1553006922; _fbp=fb.1.1553006922356.605111129; __cfduid=d49397fa562f3c213de77dd64a6af4aa71553006922; __cfruid=38395d41a82db6bbb75eb460ed2272b32d8a63bc-1553006922
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:43 GMT
via
1.1 2d2eb60d814c8202a5a69fa957cd569d.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-meta-cache-tag
F-6364746608,FD-5394993321,P-1835778,FLS-ALL
x-amz-request-id
2CA65512E77E2DC7
cf-polished
origFmt=png, origSize=1103260
edge-cache-tag
F-6364746608,FD-5394993321,P-1835778,FLS-ALL
status
200
content-disposition
inline; filename="safe-links-featured.webp"
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
496448
x-amz-id-2
wHaMpfHLbGvS2R7KJDndc+zDh4ohdptpS86Qs3m9BfohTbGiZRkB9rzzBoJCn7/NSLreN6KFXR4=
x-cache
Miss from cloudfront
last-modified
Sat, 27 Oct 2018 19:50:17 GMT
server
cloudflare
etag
"99d66a3188aacd868ec49591051c6ce9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
s-maxage=1209600, max-age=1209600
x-amz-version-id
exIcYViTt7D1_.QhQq_cJAresX2RakwH
accept-ranges
bytes
cf-ray
4ba03fb4fb2d63e5-FRA
x-amz-cf-id
jWPnQgUx_o846jmflkTEPMcTvwsD7Wl_x1ju-NPxOeuTp3zN-4BwbA==
cf-bgj
imgq:85
ZeroFont-featured.png
www.avanan.com/hubfs/blog/ZeroFont/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/blog/ZeroFont/ZeroFont-featured.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e299d85a670bd3f1bb262c5e905a176c82058ff4d85ccc20750accb242702bf

Request headers

:path
/hubfs/blog/ZeroFont/ZeroFont-featured.png
pragma
no-cache
cookie
_ga=GA1.2.1556281219.1553006922; _gid=GA1.2.869557950.1553006922; _fbp=fb.1.1553006922356.605111129; __cfduid=d49397fa562f3c213de77dd64a6af4aa71553006922; __cfruid=38395d41a82db6bbb75eb460ed2272b32d8a63bc-1553006922
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:43 GMT
via
1.1 f7c2c81dcd8f9c4723ba9992c4abd851.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-meta-cache-tag
F-5780694270,FD-5777647680,P7hZK,FLS
x-amz-request-id
E0C16DC2E87AFD0A
cf-polished
origFmt=png, origSize=74217
edge-cache-tag
F-5780694270,FD-5777647680,P7hZK,FLS
status
200
content-disposition
inline; filename="ZeroFont-featured.webp"
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
39450
x-amz-id-2
mMkJGoIgd+S2ooCP1miDcUGRELUUiZWQwaU9WnSTyZkSaxOnYfQ6FW5jiEhggmsaKws53obWOz4=
x-cache
Miss from cloudfront
last-modified
Sat, 27 Oct 2018 19:51:23 GMT
server
cloudflare
etag
"e55b2b69eb591ec6095d6d686ed784e2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
s-maxage=1209600, max-age=1209600
x-amz-version-id
XhOzufUE8gSoS5HxPGqCo2HvgJqYjynn
accept-ranges
bytes
cf-ray
4ba03fb4fb2f63e5-FRA
x-amz-cf-id
ug5YeGG9452DGyiqUTLEslB1HgM7uG8VCp6X2ebx_8RqoLGakZC4HA==
cf-bgj
imgq:85
proofpoint-mimecast.png
www.avanan.com/hubfs/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/proofpoint-mimecast.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
37d40458be219062251f1ad0a691f0edeb4cbd796aafa80ac4a1c925dc286641

Request headers

:path
/hubfs/proofpoint-mimecast.png
pragma
no-cache
cookie
_ga=GA1.2.1556281219.1553006922; _gid=GA1.2.869557950.1553006922; _fbp=fb.1.1553006922356.605111129; __cfduid=d49397fa562f3c213de77dd64a6af4aa71553006922; __cfruid=38395d41a82db6bbb75eb460ed2272b32d8a63bc-1553006922
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:43 GMT
via
1.1 7483360604f484b4fd54bffc9e822f46.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-meta-cache-tag
F-6563509751,P-1835778,FLS-ALL
x-amz-request-id
371B859965712234
cf-polished
origFmt=png, origSize=25281
edge-cache-tag
F-6563509751,P-1835778,FLS-ALL
status
200
content-disposition
inline; filename="proofpoint-mimecast.webp"
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
14240
x-amz-id-2
kDybOsy4DiMXzLLfi6E8RQDwWQjp9r3zIaopCnNgIannIOlfRD509fzKmAKDtUwm0rMzIkbdZAY=
x-cache
Miss from cloudfront
last-modified
Tue, 20 Nov 2018 14:52:56 GMT
server
cloudflare
etag
"f2ecb0205194e80bcb03d5bfd2dc48bd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
image/webp
cache-control
s-maxage=1209600, max-age=1209600
x-amz-version-id
X_iSYnYG9Jv5eQI_0farWBgM8KtUtlGK
accept-ranges
bytes
cf-ray
4ba03fb4fb3063e5-FRA
x-amz-cf-id
S5mP-B97iLtFpwP5x48jMNztXe2aUvsYtW8EBo00wd7GzlT2yXW7oQ==
cf-bgj
imgq:85
Blog%20Post2FWebinar%20Images%20%282%29.png
www.avanan.com/hubfs/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/Blog%20Post2FWebinar%20Images%20%282%29.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4510ce57933ba76f8325482d2fedce211e915316d885643bf752e1de09f455d

Request headers

:path
/hubfs/Blog%20Post2FWebinar%20Images%20%282%29.png
pragma
no-cache
cookie
_ga=GA1.2.1556281219.1553006922; _gid=GA1.2.869557950.1553006922; _fbp=fb.1.1553006922356.605111129; __cfduid=d49397fa562f3c213de77dd64a6af4aa71553006922; __cfruid=38395d41a82db6bbb75eb460ed2272b32d8a63bc-1553006922
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:43 GMT
via
1.1 147e057d2f96cf5a0082d96978e38a5b.cloudfront.net (CloudFront)
x-amz-meta-cache-tag
F-6642834349,P-1835778,FLS-ALL
x-amz-request-id
FD70C7513891AC4E
cf-ray
4ba03fb4fb3163e5-FRA
edge-cache-tag
F-6642834349,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
27205
x-amz-id-2
ce9Pdv7DpQGv4WYPOh3WuhgiPZKzmWteIwguBP7mHla0FwXutp9c36CBmZG+sGi8rKXq0y2++FY=
last-modified
Wed, 28 Nov 2018 22:01:46 GMT
server
cloudflare
etag
"59e2779985eb0caafb1f0356746a09bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
40iXVPcAFpDDYKK4rI4YMNEEzrK1vgb0
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
vyjZQGO7FFf8wt_6hkc5W2zMKQ6-kqkNPiBjCkaRv867esYAOmqflA==
Root%20Domain%20Exploit%20featured.png
www.avanan.com/hubfs/ 		126 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/Root%20Domain%20Exploit%20featured.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e9d5ddb4fb9498ca640193cbb553a3e46b943aaefeb538ca5c90f9255f3e674

Request headers

:path
/hubfs/Root%20Domain%20Exploit%20featured.png
pragma
no-cache
cookie
_ga=GA1.2.1556281219.1553006922; _gid=GA1.2.869557950.1553006922; _fbp=fb.1.1553006922356.605111129; __cfduid=d49397fa562f3c213de77dd64a6af4aa71553006922; __cfruid=38395d41a82db6bbb75eb460ed2272b32d8a63bc-1553006922
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:43 GMT
via
1.1 7239cddab402255f71ebf4fa62183992.cloudfront.net (CloudFront)
x-amz-meta-cache-tag
F-8230937649,P-1835778,FLS-ALL
x-amz-request-id
DFF3A01120FCA5E3
cf-ray
4ba03fb50b3d63e5-FRA
edge-cache-tag
F-8230937649,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
128820
x-amz-id-2
XZieOEPluZUmWB2HmM7Rw2xk/nGviNQJC4Qas+aL7+9iOoSo/rVtVNf6BbPPTk8J3rCKgAXfjZ8=
last-modified
Mon, 18 Mar 2019 14:48:19 GMT
server
cloudflare
etag
"69bf99f6d98fa4d66ae094bcc2a5436d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
rgfBZejKZ83OC.RzMgr_Q9iNpvtB8JkI
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
_Omm2vjY8t8_FQZHJ23p7UWGffxgUIqhev0nqTSmwoZQDKrOZueeKg==
avanan-wins-awards-featured.png
www.avanan.com/hubfs/marketing/website/jacob_redesign/blog-posts/ 		137 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/marketing/website/jacob_redesign/blog-posts/avanan-wins-awards-featured.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0395037cd524f454472aeea4572a5110d43406d30a6af69dbd5611d6c994e505

Request headers

:path
/hubfs/marketing/website/jacob_redesign/blog-posts/avanan-wins-awards-featured.png
pragma
no-cache
cookie
_ga=GA1.2.1556281219.1553006922; _gid=GA1.2.869557950.1553006922; _fbp=fb.1.1553006922356.605111129; __cfduid=d49397fa562f3c213de77dd64a6af4aa71553006922; __cfruid=38395d41a82db6bbb75eb460ed2272b32d8a63bc-1553006922
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:43 GMT
via
1.1 3ccfbae98f5816b531634c1e82e45259.cloudfront.net (CloudFront)
x-amz-meta-cache-tag
F-8104560869,FD-6157507841,P-1835778,FLS-ALL
x-amz-request-id
C3C469414DEC8DF9
cf-ray
4ba03fb72d0263e5-FRA
edge-cache-tag
F-8104560869,FD-6157507841,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
140161
x-amz-id-2
E4Stft0LAHrZnW5iqLGTi7Arywr5m4nAr4uj+0lSTwfBzfC2Th0dqUqXM9wP3hiLR15mcdo7uUk=
last-modified
Tue, 12 Mar 2019 14:19:15 GMT
server
cloudflare
etag
"26674133e1ef717bf6a6f22e1706df08"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
.3pek5t7IWXhBOat.FMK_3ZSyLBIBHYs
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
BQABNeoviHTTfCiZGqk3H8j99wkbRQJ7or7mKXgMwi8o-cEV8zd25A==
mta-webinar-featured.png
www.avanan.com/hubfs/marketing/website/jacob_redesign/webinar_pics/ 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/marketing/website/jacob_redesign/webinar_pics/mta-webinar-featured.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b13061f5f96f63ae1cd66807f9272ee6b3430dc8f0c4b62e714f7e80c9b58e1

Request headers

:path
/hubfs/marketing/website/jacob_redesign/webinar_pics/mta-webinar-featured.png
pragma
no-cache
cookie
_ga=GA1.2.1556281219.1553006922; _gid=GA1.2.869557950.1553006922; _fbp=fb.1.1553006922356.605111129; __cfduid=d49397fa562f3c213de77dd64a6af4aa71553006922; __cfruid=38395d41a82db6bbb75eb460ed2272b32d8a63bc-1553006922
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:43 GMT
via
1.1 d89eaba973a5c1614ea9f0994f5e8a12.cloudfront.net (CloudFront)
x-amz-meta-cache-tag
F-7828804891,FD-6366481089,P-1835778,FLS-ALL
x-amz-request-id
2FF397FDFD89FF7F
cf-ray
4ba03fb73d0e63e5-FRA
edge-cache-tag
F-7828804891,FD-6366481089,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
72118
x-amz-id-2
+NDIpL3CJJ8eaa0pyt+5Cn+7eTgIr1azM4oh6jdTHLad9a6p7CtoKZnB9ryuZFMy3ECvH4siEM4=
last-modified
Tue, 26 Feb 2019 21:59:11 GMT
server
cloudflare
etag
"6ddc5433cf6132da2c6e8a5ebaef4624"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
0_u7hByzu33c__iovRcKz2fBqsuRbNir
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
8bL9FNBlj4ZFaqbU3E_VASfmmbesllUCi2PRlO2oC7zazAQA_Hbi4Q==
featured%20image%20NoRelationship%20Phishing%20Attack.png
www.avanan.com/hubfs/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/featured%20image%20NoRelationship%20Phishing%20Attack.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
388b72e57d9b4b0d82694c2313246e07c981b6f0dc9a1683cf4a8908dd9a6cdc

Request headers

:path
/hubfs/featured%20image%20NoRelationship%20Phishing%20Attack.png
pragma
no-cache
cookie
_ga=GA1.2.1556281219.1553006922; _gid=GA1.2.869557950.1553006922; _fbp=fb.1.1553006922356.605111129; __cfduid=d49397fa562f3c213de77dd64a6af4aa71553006922; __cfruid=38395d41a82db6bbb75eb460ed2272b32d8a63bc-1553006922; _okcs=7079218790139916
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:43 GMT
via
1.1 7f0216233154388a0ffe191ece5a7b12.cloudfront.net (CloudFront)
x-amz-meta-cache-tag
F-7618950345,P-1835778,FLS-ALL
x-amz-request-id
2DA86373D354365E
cf-ray
4ba03fb73d1163e5-FRA
edge-cache-tag
F-7618950345,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
84354
x-amz-id-2
ErNKRr1+6BDKiEdQ0sXXfeJL+dDt9GpY6cPsxx+jO4VF/a1TKAMHhzYboVO4WKV1iEN3Onl65vc=
last-modified
Fri, 15 Feb 2019 17:41:52 GMT
server
cloudflare
etag
"aef25f8876c2a5fcb988133b51c37703"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
..FkTxumFBehPgUZwnanKamyUpWwLLfU
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
5WSde2y2ZYOZCa9Przd84kS5vZXUQ1TN9a2iP_9AL1HZ_kZ3btCPBw==
2FA%20blog%20featured.png
www.avanan.com/hubfs/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/2FA%20blog%20featured.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c2a79786e999bc4205a8842e5c5511fabc4580c0eb23f294dde0bfd1f6738c8

Request headers

:path
/hubfs/2FA%20blog%20featured.png
pragma
no-cache
cookie
_ga=GA1.2.1556281219.1553006922; _gid=GA1.2.869557950.1553006922; _fbp=fb.1.1553006922356.605111129; __cfduid=d49397fa562f3c213de77dd64a6af4aa71553006922; __cfruid=38395d41a82db6bbb75eb460ed2272b32d8a63bc-1553006922; _okcs=7079218790139916
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:43 GMT
via
1.1 aac86dd0bb06b97ef178f97d0c65ee5f.cloudfront.net (CloudFront)
x-amz-meta-cache-tag
F-7500069589,P-1835778,FLS-ALL
x-amz-request-id
176F2B6EAB4DA649
cf-ray
4ba03fb73d1263e5-FRA
edge-cache-tag
F-7500069589,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
28125
x-amz-id-2
/SlsNigfN7Y9yj9BMaYhpaiJboDDOsuTtnxYsQe2gUiSyTfpWnCDhYtU79kLF6eIwpB6pPHdOLU=
last-modified
Fri, 08 Feb 2019 21:33:34 GMT
server
cloudflare
etag
"3324ba9724072680a29291b1e1b46320"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
ePiuGxOjrIR5Z53I0rx_45LQ8wfGtJlA
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
kxBNiLRXz0yYpyXAuXgNxFVuwMH5oIVmkIchJrDnPIK02ImVSNiz5w==
avanan-vs-atp-web-ft.png
www.avanan.com/hubfs/marketing/website/jacob_redesign/webinar_pics/ 		175 KB
175 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/marketing/website/jacob_redesign/webinar_pics/avanan-vs-atp-web-ft.png
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d75badcc1db3359335f538c9dc81ee7d4935c965b29ca87ddf23465800225bf6

Request headers

:path
/hubfs/marketing/website/jacob_redesign/webinar_pics/avanan-vs-atp-web-ft.png
pragma
no-cache
cookie
_ga=GA1.2.1556281219.1553006922; _gid=GA1.2.869557950.1553006922; _fbp=fb.1.1553006922356.605111129; __cfduid=d49397fa562f3c213de77dd64a6af4aa71553006922; __cfruid=38395d41a82db6bbb75eb460ed2272b32d8a63bc-1553006922; _okcs=7079218790139916
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:43 GMT
via
1.1 7239cddab402255f71ebf4fa62183992.cloudfront.net (CloudFront)
x-amz-meta-cache-tag
F-7557826920,FD-6366481089,P-1835778,FLS-ALL
x-amz-request-id
F8D4D0ABA4E6F677
cf-ray
4ba03fb73d1363e5-FRA
edge-cache-tag
F-7557826920,FD-6366481089,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
179008
x-amz-id-2
57HQ/buD9vDssc56PUox9fe2Rdk+gFbntrSekq69qzGAyW2Pg/gz2kydEdiKN89sffjFshSIk8k=
last-modified
Tue, 12 Feb 2019 21:00:05 GMT
server
cloudflare
etag
"b3463bd707382b1e960b16924d1d934b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
JY3nXucTDqcAkrdhebtt.2qQZDJKzvIL
cache-control
s-maxage=1209600, max-age=1209600
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
ODqUf1NITrTZSCJvGXU4yxj8SwiGkP6eg7jf_lfGWvpHIdp0_Z7anQ==
tbw
match.prod.bidr.io/cookie-sync/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/tbw
  • https://match.prod.bidr.io/cookie-sync/tbw?_bee_ppp=1
44 B
430 B 		Script
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/tbw?_bee_ppp=1
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.182.186 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-213-182-186.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a1caafe445c7f386a7d5dde1c633bb9de997c20d2af032ba92bfa72052dbd30d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 19 Mar 2019 14:48:43 GMT
x-content-type-options
nosniff
Server
nginx
Connection
keep-alive
Content-Length
44
content-type
application/javascript

Redirect headers

location
https://match.prod.bidr.io/cookie-sync/tbw?_bee_ppp=1
Date
Tue, 19 Mar 2019 14:48:43 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
1782-142-10-2638.js
static.olark.com/a/assets/v0/site/ Frame 41DB 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.olark.com/a/assets/v0/site/1782-142-10-2638.js?cb=1553006923433
Requested by
Host: static.olark.com
URL: https://static.olark.com/jsclient/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.42 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40B2) /
Resource Hash
b2296cc09e0031fb63346a47c34ad827ca39775778c400b7519ba400e05bc521

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:43 GMT
content-encoding
gzip
last-modified
Tue, 11 Dec 2018 19:08:14 GMT
server
ECS (fcn/40B2)
vary
Accept-Encoding
x-cache
HIT
content-type
application/x-javascript
status
200
cache-control
max-age=86400, public
content-length
4586
via
1.1 google
expires
Wed, 20 Mar 2019 14:48:43 GMT
public
api.hubspot.com/livechat/v1/message/ 		504 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat/v1/message/public?portalId=1835778&conversations-embed=static-1.2257&mobile=false&messagesUtk=9c7f2d8d3b1c4982b2a2b530082b389d
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fb05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
63f5e923eda8044a6baf90a60aa6ecd960bb7ec4d554705f0b520f647ccbdcee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Origin
https://www.avanan.com
X-HubSpot-Messages-Uri
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:43 GMT
content-encoding
br
status
200
server
cloudflare
x-trace
2BE05715969BE28DBA106784390FB8F47E2A1D9866000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, User-Agent
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.avanan.com
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
4ba03fb86e849aca-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
tweet_button.2e9f365dae390394eb8d923cba8c5b11.en.html
platform.twitter.com/widgets/ Frame A83B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2e9f365dae390394eb8d923cba8c5b11.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41A2) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Accept-Encoding
gzip, deflate, br
Cookie
personalization_id="v1_hK7SjT+MDgmfce9CEmpXuw=="
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296

Response headers

Content-Encoding
gzip
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Tue, 19 Mar 2019 14:48:43 GMT
Etag
"8dadfe02e828fc4a9d61e33bdd1df329+gzip"
Last-Modified
Thu, 07 Mar 2019 17:39:22 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/41A2)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
12257
d_vbiawPdxB.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 1121 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=c4b0e4d90905d8c6ff10acf691d14e04&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
accept-encoding
gzip, deflate, br
cookie
fr=0fsuqGCwTrxEDc6r1..BckQFK...1.0.BckQFK.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296

Response headers

status
200
content-encoding
br
content-type
text/html; charset=utf-8
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expires
Tue, 17 Mar 2020 16:18:22 GMT
cache-control
public,max-age=31536000,immutable
x-fb-debug
6Olh5BabMq/2llpiaHzsVdaiWJ02Ir3LRlQs0kEwJxhvSs3roxBXcvOQWboy8oPblbbr32WxFj7Sl5ummREjlg==
content-length
10985
date
Tue, 19 Mar 2019 14:48:43 GMT
sp.js
d26x5ounzdjojj.cloudfront.net/2.5.3/ 		67 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d26x5ounzdjojj.cloudfront.net/2.5.3/sp.js
Requested by
Host: d26x5ounzdjojj.cloudfront.net
URL: https://d26x5ounzdjojj.cloudfront.net/tbw/tbw_analytics_v1.0.js?14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.165 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-208-165.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e3f009965bacbe5c0e640baad0f002e9155f386e62f807766dec41c12f90505

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 13 Jul 2018 09:18:35 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Jan 2016 17:57:38 GMT
Server
AmazonS3
Age
21533409
ETag
"e1a39ad30353de24ff2cd550d228fb11"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24148
X-Amz-Cf-Id
cpoAulklMqwD1Ez2zHBbLN4M1EuffdQfOfpYWMgRsyCOlfprJTTdjg==
i
drvizd1lyevz4.cloudfront.net/ 		37 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://drvizd1lyevz4.cloudfront.net/i?e=pv&url=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit%3Futm_campaign%3DNewsletter%25202019-03-19%26utm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D70874762%26_hsenc%3Dp2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M%26_hsmi%3D70879296&page=Widespread%20Office%20365%20and%20Gmail%20Misconfiguration%20Allows%20Hackers%20to%20Bypass%20Email%20Gateways&tv=js-2.5.3&tna=co&aid=Lccb71485b6d5053f&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=fe2e321c-2485-4a81-a96f-7d8930c48da5&dtm=1553006923763&vp=1600x1200&ds=1585x6963&vid=1&sid=227c5cdd-7e93-402d-9444-327449802c04&duid=036fd0d2ca706743&fp=3998842399&uid=tbw_bw_uid%7Cbito.AAISrU65IgMAACHa4nbOTg&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uc25vd3Bsb3dhbmFseXRpY3Muc25vd3Bsb3cvd2ViX3BhZ2UvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiaWQiOiI0MDFiMTE0NS00ZGM5LTRmM2UtOTdmMS1kMmY2YTYyYzVhYTcifX1dfQ
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.54 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-208-54.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 19 Mar 2019 02:56:32 GMT
Via
1.1 d7524ff4a82155dd51a24800cf39deec.cloudfront.net (CloudFront)
Last-Modified
Wed, 27 Apr 2016 10:24:35 GMT
Server
AmazonS3
Age
42732
ETag
"3eacd0132310ea44cad756b378a3bc07"
X-Cache
Hit from cloudfront
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37
X-Amz-Cf-Id
NvDgqIKvRvecTIMdLKnfOcRRLUBteEsdDytw90bGmUnvnZQfs8ExBw==
i
drvizd1lyevz4.cloudfront.net/ 		37 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://drvizd1lyevz4.cloudfront.net/i?e=se&se_ca=DEFAULT&se_ac=DEFAULT&se_la=DEFAULT&se_pr=DEFAULT&se_va=1.0&tv=js-2.5.3&tna=co&aid=Lccb71485b6d5053f&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=f564d8df-eafc-47c5-b200-a717de0e405e&dtm=1553006923770&vp=1600x1200&ds=1585x6963&vid=1&sid=227c5cdd-7e93-402d-9444-327449802c04&duid=036fd0d2ca706743&fp=3998842399&uid=tbw_bw_uid%7Cbito.AAISrU65IgMAACHa4nbOTg&url=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit%3Futm_campaign%3DNewsletter%25202019-03-19%26utm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D70874762%26_hsenc%3Dp2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M%26_hsmi%3D70879296&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uc25vd3Bsb3dhbmFseXRpY3Muc25vd3Bsb3cvd2ViX3BhZ2UvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiaWQiOiI0MDFiMTE0NS00ZGM5LTRmM2UtOTdmMS1kMmY2YTYyYzVhYTcifX1dfQ
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.208.54 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-208-54.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 19 Mar 2019 09:37:31 GMT
Via
1.1 d7524ff4a82155dd51a24800cf39deec.cloudfront.net (CloudFront)
Last-Modified
Wed, 27 Apr 2016 10:24:35 GMT
Server
AmazonS3
Age
42732
ETag
"3eacd0132310ea44cad756b378a3bc07"
X-Cache
Hit from cloudfront
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37
X-Amz-Cf-Id
WkGSaNPzH_YEUgkqHGShaf1hqVzrNc5ZQcIQycagDsDvVrspe8OxYA==
__ptq.gif
track.hubspot.com/ 		45 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%22129def08-6c3f-4e42-9eb1-bf3e544782e9%22%2C%22f93a16d1-eb92-4788-8396-ee7e7bce1de3%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1332804328&v=1.1&a=1835778&pi=7826958295&ct=blog-post&ccu=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit&cpi=7826958295&cgi=4153530738&lpi=7826958295&lvi=7826958295&lvc=en-us&pu=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit%3Futm_campaign%3DNewsletter%25202019-03-19%26utm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D70874762%26_hsenc%3Dp2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M%26_hsmi%3D70879296&t=Widespread+Office+365+and+Gmail+Misconfiguration+Allows+Hackers+to+Bypass+Email+Gateways&cts=1553006924203&vi=ab8c328766a2a34798fcc87b8ad3d159&nc=true&u=23485541.ab8c328766a2a34798fcc87b8ad3d159.1553006924161.1553006924161.1553006924161.1&b=23485541.1.1553006924161&pt=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fa05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray
4ba03fbc59fd9762-FRA
date
Tue, 19 Mar 2019 14:48:44 GMT
content-type
image/gif
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1332804328&v=1.1&a=1835778&pi=7826958295&ct=blog-post&ccu=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit&cpi=7826958295&cgi=4153530738&lpi=7826958295&lvi=7826958295&lvc=en-us&pu=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit%3Futm_campaign%3DNewsletter%25202019-03-19%26utm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D70874762%26_hsenc%3Dp2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M%26_hsmi%3D70879296&t=Widespread+Office+365+and+Gmail+Misconfiguration+Allows+Hackers+to+Bypass+Email+Gateways&cts=1553006924207&vi=ab8c328766a2a34798fcc87b8ad3d159&nc=true&u=23485541.ab8c328766a2a34798fcc87b8ad3d159.1553006924161.1553006924161.1553006924161.1&b=23485541.1.1553006924161&pt=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fa05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray
4ba03fbc59ff9762-FRA
date
Tue, 19 Mar 2019 14:48:44 GMT
content-type
image/gif
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
like.php
www.facebook.com/plugins/ Frame DD33 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df28bd37629bcef8%26domain%3Dwww.avanan.com%26origin%3Dhttps%253A%252F%252Fwww.avanan.com%252Fffeb8d670512%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&width=120
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=c4b0e4d90905d8c6ff10acf691d14e04&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2Fd_vbiawPdxB.js%3Fversion%3D44%23cb%3Df28bd37629bcef8%26domain%3Dwww.avanan.com%26origin%3Dhttps%253A%252F%252Fwww.avanan.com%252Fffeb8d670512%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&width=120
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296

Response headers

status
200
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
content-encoding
br
timing-allow-origin
*
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expect-ct
max-age=86400, report-uri="https://reports.fb.com/expectct/"
content-type
text/html; charset="utf-8"
x-fb-debug
pPIrb8mdy3WvDIztQf5y8Y8IEJp/YqhJKyPNakZl0qHAi33FBAaFdT+r/NdiGjSA+wYsvD0dG9auzRcHzQ917g==
date
Tue, 19 Mar 2019 14:48:44 GMT
json
forms.hubspot.com/lead-flows-config/v1/config/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=1835778&utk=ab8c328766a2a34798fcc87b8ad3d159&__hstc=23485541.ab8c328766a2a34798fcc87b8ad3d159.1553006924161.1553006924161.1553006924161.1&__hssc=23485541.1.1553006924161&contentId=7826958295&currentUrl=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit%3Futm_campaign%3DNewsletter%25202019-03-19%26utm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D70874762%26_hsenc%3Dp2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M%26_hsmi%3D70879296
Requested by
Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fb05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ca13b9fdd93beac7cd4f710afca5f68e248eff5e886f2f7ea2167fd15093345
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Origin
https://www.avanan.com

Response headers

date
Tue, 19 Mar 2019 14:48:44 GMT
content-encoding
br
x-robots-tag
none
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.avanan.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
4ba03fbcbc139aca-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
jot
syndication.twitter.com/i/ 		43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22AvananSecurity%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1553006924332%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22c1f189f%3A1551939852453%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.72 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
content-length
65
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
x-response-time
186
pragma
no-cache
last-modified
Tue, 19 Mar 2019 14:48:44 GMT
server
tsa_f
x-frame-options
SAMEORIGIN
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
35294b26e83d698bb126dbc68798b937
x-transaction
002317460069a28b
expires
Tue, 31 Mar 1981 05:00:00 GMT
__ptq.gif
track.hubspot.com/ 		45 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=16&fi=84d0abef-4f11-4d3f-97dd-270c4fd47f2b&lfi=430764&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1332804328&v=1.1&a=1835778&pi=7826958295&ct=blog-post&ccu=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit&cpi=7826958295&cgi=4153530738&lpi=7826958295&lvi=7826958295&lvc=en-us&pu=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit%3Futm_campaign%3DNewsletter%25202019-03-19%26utm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D70874762%26_hsenc%3Dp2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M%26_hsmi%3D70879296&t=Widespread+Office+365+and+Gmail+Misconfiguration+Allows+Hackers+to+Bypass+Email+Gateways&cts=1553006924486&vi=ab8c328766a2a34798fcc87b8ad3d159&nc=true&u=23485541.ab8c328766a2a34798fcc87b8ad3d159.1553006924161.1553006924161.1553006924161.1&b=23485541.1.1553006924161&pt=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fa05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray
4ba03fbe3d249762-FRA
date
Tue, 19 Mar 2019 14:48:44 GMT
content-type
image/gif
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
ATP-cover-shadow-1.png
www.avanan.com/hubfs/ 		9 MB
9 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avanan.com/hubfs/ATP-cover-shadow-1.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4555b733303ca316582d3eb08265f07bf3d746a637c47f9c171c978740d7769

Request headers

:path
/hubfs/ATP-cover-shadow-1.png
pragma
no-cache
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
:method
GET
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Mar 2019 14:48:45 GMT
via
1.1 7239cddab402255f71ebf4fa62183992.cloudfront.net (CloudFront)
x-amz-meta-cache-tag
F-7221582852,P-1835778,FLS-ALL
x-amz-request-id
CF87C66C11B52AEA
edge-cache-tag
F-7221582852,P-1835778,FLS-ALL
status
200
x-cache
Miss from cloudfront
x-hs-cf-lambda
us-east-1.setCacheTagHeaders 40
content-length
9718698
x-amz-id-2
nzSuOaFWaNsvbaKAS5gkPQ9nIpov7F3dFBpLbUS9Ui5eqgb7QVtjwESw9I5mOURggcqgWMEBXFo=
last-modified
Wed, 23 Jan 2019 19:25:31 GMT
server
cloudflare
etag
"e12993e88780efe008d53b9d0770bf54"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
s-maxage=1209600, max-age=1209600
x-amz-version-id
DwBgSKhAK1VjpuzuNLiVyPbfUlK9Ro4c
set-cookie
__cfduid=d099a95509a1b3e9443f68cff0e9a16ee1553006925; expires=Wed, 18-Mar-20 14:48:45 GMT; path=/; domain=.www.avanan.com; HttpOnly __cfruid=3cef2ded13fd716183a18c5cb7def1948df48613-1553006925; path=/; domain=.www.avanan.com; HttpOnly
accept-ranges
bytes
cf-ray
4ba03fc40f5463e5-FRA
x-amz-cf-id
FBIIxUdV-SMPsqN9wLsQ0xkJM1pvuqTtKR6vkNgMpUWdXIAfe0cNZQ==
perf
www.avanan.com/_hcms/ 		2 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.avanan.com/_hcms/perf
Requested by
Host: www.avanan.com
URL: https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7db4 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

:path
/_hcms/perf
pragma
no-cache
cookie
__cfduid=d099a95509a1b3e9443f68cff0e9a16ee1553006925; __cfruid=3cef2ded13fd716183a18c5cb7def1948df48613-1553006925
origin
https://www.avanan.com
accept-encoding
gzip, deflate, br
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
www.avanan.com
referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
:scheme
https
content-length
1085
:method
POST
Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
Origin
https://www.avanan.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type
application/json

Response headers

date
Tue, 19 Mar 2019 14:48:47 GMT
content-encoding
br
server
cloudflare
x-trace
2BB5B1C30C192769438D50862A8993D533A7157D6E000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
status
200
x-robots-tag
none
access-control-allow-credentials
false
cf-ray
4ba03fce2f5d63e5-FRA
__ptq.gif
track.hubspot.com/ 		45 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=84d0abef-4f11-4d3f-97dd-270c4fd47f2b&lfi=430764&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1332804328&v=1.1&a=1835778&pi=7826958295&ct=blog-post&ccu=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit&cpi=7826958295&cgi=4153530738&lpi=7826958295&lvi=7826958295&lvc=en-us&pu=https%3A%2F%2Fwww.avanan.com%2Fresources%2Foffice-365-and-gmail-root-domain-exploit%3Futm_campaign%3DNewsletter%25202019-03-19%26utm_source%3Dhs_email%26utm_medium%3Demail%26utm_content%3D70874762%26_hsenc%3Dp2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M%26_hsmi%3D70879296&t=Widespread+Office+365+and+Gmail+Misconfiguration+Allows+Hackers+to+Bypass+Email+Gateways&cts=1553006931545&vi=ab8c328766a2a34798fcc87b8ad3d159&nc=true&pt=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fa05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.avanan.com/resources/office-365-and-gmail-root-domain-exploit?utm_campaign=Newsletter%202019-03-19&utm_source=hs_email&utm_medium=email&utm_content=70874762&_hsenc=p2ANqtz-9Yby7Xu7-5azhhbTOEG9YV7ug3ekEVN65yrLfNjeOM8crYICpSOfKxy-Zi3jcnSflirTWxVlRRVhojt27vE0nZWA65PWAIBwXp5-4-3KTDJxcgJ2M&_hsmi=70879296
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cf-ray
4ba03fea38de9762-FRA
date
Tue, 19 Mar 2019 14:48:51 GMT
content-type
image/gif
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none

Verdicts & Comments Add Verdict or Comment

178 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery function| hsjQuery object| dataLayer function| Cookies boolean| mouseflowDisableKeyLogging object| _mfq object| __core-js_shared__ object| Sslac object| IN object| _hsq object| hbspt function| hs_show_tools_menu_if_author object| jQuery111206817655846550736 object| vex function| hsInitSlider function| postscribe object| google_tag_manager object| mouseflow string| GoogleAnalyticsObject function| ga function| twq string| _bizo_data_partner_id undefined| _bizo_data_partner_title undefined| _bizo_data_partner_domain undefined| _bizo_data_partner_company undefined| _bizo_data_partner_location undefined| _bizo_data_partner_employee_range undefined| _bizo_data_partner_sics undefined| _bizo_data_partner_email function| hj object| _hjSettings function| fbq function| _fbq number| __lo_site_id function| qp object| SWPX function| Popper object| twttr object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| bootstrap object| google_optimize string| default_css string| cta_css object| _self object| Prism function| EventEmitter object| eventie function| imagesLoaded function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| __twttrf object| twitterFetcher function| jarallax function| VideoWorker function| hs_i18n_log function| hs_i18n_substituteStrings function| hs_i18n_insertPlaceholders function| hs_i18n_getMessage undefined| module_4226788 function| i18n_getmessage function| i18n_getlanguage object| hsPostListings function| hsPopulateListingFeed object| hsVars function| olark object| google_conversion_id object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_evaluemrc object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_disable_merchant_reported_conversions object| google_additional_conversion_params function| _bizo_local_logger function| _bizo_fire_partners boolean| _bizo_main_already_called object| script object| FB object| __twttrll object| __twttr boolean| hubspot_live_messages_running object| tbw_parameters function| tbw_set_cookie function| tbw_get_all_cookies function| tbw_get_cookie function| tbw_get_part_of_cookie function| tbw_check_cookie function| tbw_get_host_name function| tbw_collector function| tbw_get_first_party_cookie function| tbw_get_parameters function| tbw_callback_other function| tbw_callback function| tbw_bw_call function| tbw_make_bw_call function| tbw_event_tracker function| tbw_form_event_tracker function| tbw_set_event_listeners function| tbw_get_bwid_from_url function| tbw_get_current_utc_time function| tbw_send_data function| tbw_parse object| _paq boolean| _hstc_loaded object| GlobalSnowplowNamespace function| snowplow function| defineProperties object| globalRoot undefined| hns object| leadflows function| hmerge object| hubspot function| OutpostErrorReporter boolean| popupPoliceActive undefined| hns2 undefined| jade undefined| I18n undefined| hubspot_mailcheck undefined| Pikaday undefined| exports undefined| define boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN object| Snowplow boolean| _hstc_ran string| __hsUserToken number| expireDateTime boolean| LEAD_FLOW_DOCUMENT_READY_RAN

4 Cookies

Domain/Path Name / Value
.avanan.com/ Name: __hssc
Value: 23485541.1.1553006924161
.avanan.com/ Name: __hssrc
Value: 1
.avanan.com/ Name: hubspotutk
Value: ab8c328766a2a34798fcc87b8ad3d159
.avanan.com/ Name: __hstc
Value: 23485541.ab8c328766a2a34798fcc87b8ad3d159.1553006924161.1553006924161.1553006924161.1

6 Console Messages

Source Level URL
Text
console-api debug URL: https://www.avanan.com/e2t/c/*W8v8XSX1sXwwNW7VP-vn8xtHpJ0/*N3J9QGbKH7FlW8xqj3T9g6Z-f0/5/f18dQhb0S8329dsQXzW6bPrSs8q5B_3VxwwWr4cv5BSW1T-CDf13QwVrW1m2Dkx99c0JBW8nP6fB51frthW4vgKM197QBwBW96zRPS6b-LD7W3S_kbD6bW3N-W64-kXB1xlbrLW51vDGn2z3LPJW6Qk4-W4l2q4PW2xFVtR3MjZnJW2HVTVM3CcrhnW3MbN9Z3vgcQ3W2TKT0D3Wgy8yW4LG27L62WP1ZW6nzlwj2FJ71DW5r17Qj47XqvRW1tBHvJ83KHrFW7J39pB2przrYN6W3RDgHd1JGW17Tx3v7wzDllW1VJryk5lX8fqW13bD4h6dkdCwW5nn6Z92LBYSVVKQF785lBF-_W84pxMQ7t50TXW337_-B9dPKncW55cWm26wSPPkW1GXB8T2fzJdKW9gRm1N1yNX06W59BNSt4P71DjW54NLlQ75GGdqW759bJ_2L51HLW3mF3Pv750pssV7qr8k5NkW_nW2PTlBY59GQCsW6Vgrtk6X_LvtV_Z-Tr3fWXWKW4CHsW245Ly2MVkwRN48sXjGlW1BqPcn1vXsnJW47Nysp4DdNY3W49Jc2g3JVKzHW8DHFV28mhg5wW7z2vr68DwjfNW4B1zkV1K8nMxW4DwXwh3FZ5DNVB2BJL32rNqXW4R1rFX4HzlYGf2NbN_J11(Line 13)
Message:
toS
console-api log URL: https://d26x5ounzdjojj.cloudfront.net/tbw/tbw_analytics_v1.0.js?14(Line 1)
Message:
tbwlog: %c The following parameters were collected from the page
console-api log URL: https://d26x5ounzdjojj.cloudfront.net/tbw/tbw_analytics_v1.0.js?14(Line 1)
Message:
[object Object]
console-api log URL: https://d26x5ounzdjojj.cloudfront.net/tbw/tbw_analytics_v1.0.js?14(Line 1)
Message:
tbwlog: %c Got response from Beeswax. Setting tbw_bw_uid
console-api log URL: https://d26x5ounzdjojj.cloudfront.net/tbw/tbw_analytics_v1.0.js?14(Line 1)
Message:
tbwlog: %c The following parameters were sent to the collector
console-api log URL: https://d26x5ounzdjojj.cloudfront.net/tbw/tbw_analytics_v1.0.js?14(Line 1)
Message:
[object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.quora.com
analytics.twitter.com
api.hubspot.com
app.hubspot.com
cdn.mouseflow.com
cdn2.hubspot.net
cdnjs.cloudflare.com
connect.facebook.net
cta-service-cms2.hubspot.com
d10lpsik1i8c69.cloudfront.net
d26x5ounzdjojj.cloudfront.net
drvizd1lyevz4.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hscta.net
js.hsleadflows.net
js.usemessages.com
match.prod.bidr.io
no-cache.hubspot.com
platform.linkedin.com
platform.twitter.com
px.ads.linkedin.com
px.spiceworks.com
q.quora.com
s3.amazonaws.com
script.hotjar.com
secure.leadforensics.com
sjs.bizographics.com
static.ads-twitter.com
static.hotjar.com
static.olark.com
staticxx.facebook.com
stats.g.doubleclick.net
syndication.twitter.com
t.co
track.hubspot.com
use.fontawesome.com
vars.hotjar.com
www.avanan.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
104.244.42.131
104.244.42.197
104.244.42.72
104.244.46.80
143.204.208.150
143.204.208.165
143.204.208.20
143.204.208.54
147.75.32.173
147.75.81.98
147.75.83.82
151.101.1.2
172.217.22.98
23.111.9.35
23.111.9.38
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:fa05
2606:4700::6810:fb05
2606:4700::6811:47b0
2606:4700::6811:7db4
2606:4700::6811:dfcc
2606:4700::6811:e9cc
2606:4700::6811:ebcc
2606:4700::6811:f0cc
2606:4700::6813:c397
2620:109:c002::6cae:a0a
2620:109:c007:102::5be1:f885
2a00:1450:4001:808::2008
2a00:1450:4001:809::2002
2a00:1450:4001:816::200e
2a00:1450:4001:820::2003
2a00:1450:4001:820::200a
2a00:1450:4001:824::2004
2a00:1450:4001:825::2003
2a00:1450:400c:c08::9c
2a02:26f0:6c00:299::25eb
2a02:26f0:f1:280::3adf
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
34.233.218.142
45.60.13.212
51.140.49.131
52.213.182.186
52.216.85.77
93.184.220.42
0395037cd524f454472aeea4572a5110d43406d30a6af69dbd5611d6c994e505
057d87ec0edbdb5fe7d60d32da4c3abfe1dc2e6a0aacd6543a5e9dabb7bbd21b
07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a
08be80084882e2ccb6c34873086c6f50fe72a5e9284f4a5fc012581f6677f9e6
0c4599273a7043bb6f94d3edc2b6c8654abebe134990278cfb61c6558c56b595
0c6e802d1dfa2b7d66f589da0cc3fcae2bbfb29a97d8b3cfcacb5e2366aa3f63
0e9d5ddb4fb9498ca640193cbb553a3e46b943aaefeb538ca5c90f9255f3e674
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11aa3cacb21ac879ffba3aecd3fac86d2f2ce17d965b7ba76b41b36a431f190a
17e113f9eca1657cf8121e46d9ec61f11ef01ec44cd684bab73d063b417e2a1b
1989f7955752a5e1b0903a3d8774784436b9ee05f909a0e50d114f88791187bb
202a9198b5ff23a3703ba65ba465f23794d1e583d7fe78b4cddd7920c90e62c4
212ef675508c38b425cd89299da32e90658e2b0a304d6f4f6d8ece925cbb0785
24a3a9ccca4cde6a90f28a96467b83fcc8e8b02ae532b85c46d45514e98c9dc9
2a04a47ccc7d5006b02f3f03f227ac2b624bb8b78a694b6dfa964a7c5ec0ffb4
2b13061f5f96f63ae1cd66807f9272ee6b3430dc8f0c4b62e714f7e80c9b58e1
2d394686daca72fb115ab0976cd6a87de44cf0744a22b43a9dd6cf681de8ed68
2deaf5b3607cda1a83543ca7909211dc7a0cc442e2de321acaae5004ee1c2b85
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
3017f8092c3d71e4f60be3564dcd11a4697a834e96c593613eeb2c25094c4b8f
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
341a4d40ad1b2560db940f906716d0e9539d4c0785399d7e0348fd0d3af00170
3636e8810aa8b16828af450174251147977372f0201e77d464c719f110b0924f
37d40458be219062251f1ad0a691f0edeb4cbd796aafa80ac4a1c925dc286641
388b72e57d9b4b0d82694c2313246e07c981b6f0dc9a1683cf4a8908dd9a6cdc
3e299d85a670bd3f1bb262c5e905a176c82058ff4d85ccc20750accb242702bf
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
3f37d74095d27ff0f96a5db6eb5136c477109a18e09d9dc6b94bd9cb5f45fba2
417526cbb752427aba93dfd016b0ac74b3b1a7c2bf2e574fc46366c21150b663
42232b8d61dfeb9059bcce4439d953bf9528d1038aee467d6bde40e4c6c42c17
42d16cb632b823d73376331e8e716c302df1eee95e079b60a4634937a5b75b25
443e57ad165f52206a632043077e5f155dd2a09afb883a79ec3070394e70cd14
460c112ca18e517ef1a6c6abb2ba5ae55187138503a10177bf1908d9261c3a19
4a304e5dee828957418ea25d99e585acb6f874f043d23b09bd0050a50e180683
4b441a207171b83120e97672edffa15b3a5d243fa0123740c78a21e376366481
4c4da3820301d818f38ac9229edd65b52e2c3a2b779a6e5868e4ac2ac35cb1c0
4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589
50e7e16fa947036ed479023375a7a44597c72dcc780c110ddb87a28cfa7fd16c
51cef7353586b67b88420dbbb0ca10733b2732961618963fb91060f233cebfd9
537e74bd5e1dfb7837d0764bb40a7d5f6680802674e1e95b0d71495a57976ef8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
563d275ed0aa46f4601d759a75e721a53af7d2c4c5973c24be0d2bea181183c0
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
569ba568353cecac0284474b40b57454817d836793b9ec427023434235ffaa1e
56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d
5a3b0ddfd306be9c0cc9d5c277df824c4efb5b6092f7ee21d4acc54605bd01bd
5b0c671aa315f58a9dbbc91e1bfd3af52cdc88ac5660ae2a48e959e4da738fb2
5b87e4646139278fa6e92bdb8005b52718be52263a370493eb59826d6a0b0948
5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f
5cbbc7d9e8e831509b3b3633bc4fda503413f939e17c97110d790f3d871951b4
5d34f8a7f8cbc62d31b9cbff1ef4b633e84e43b157865de9c074c21e7fd19912
5e07f937be00bbef113152fa46b2b2d5df97f405b152881c96e1c5069d8f405d
5fa4134392661d801f47af7cdb562ba63be61d2b78510bd00e1a3cdf7447794f
5ff9e46dfda4eaa892b36d7764cfe74631f7edf07365addb143198a68735e3c2
61176d71a9c7a8d1b5a070d54f47fcc1bf77d0779b18abfb44121ddd215337a4
61cd0511f1f46f8cc5c5163ea59d8d207742bc87dcca2fd79538c37b932dbbaa
635715663a728b7a28302c032c26dda63ec1f4cb2a616874d862710426513fa9
63f5e923eda8044a6baf90a60aa6ecd960bb7ec4d554705f0b520f647ccbdcee
6886e3e22ba9f24879507ac2832d2aa39ce4582311563dc70f245519945b5522
6bb981959d783d83df88b9aa48738948c9a8a22c1a31b8cb5305d3e338ebf9a7
6bf825ebb54376cd81263199c38c4adecfc5ff57d0ca9f45bd5d32cb126bc948
6c3e8c7aec7590b452bfd3dee1d364b75ce1d457b86ffad35b1e99d3587f289d
716e923952d922da8287eef6ce8647cedda95148861e0a38e31caf065551764c
75c9924330f47824749d65231e1159290334a789fb8845bd34af82dee48f33a5
776bcb99e24f966bf698ea263ad1c62e85d13a18af162afec87d9a468dfe36db
7930f49c4da455b5c7dd46dd4aaa7260afedf32a341da9fa5f6867cdcf4acee4
7a82df3611c2166b9b9e824830c57bc09ef40860b9dc83fb2897b9a2a3ab0b98
7c2a79786e999bc4205a8842e5c5511fabc4580c0eb23f294dde0bfd1f6738c8
7c3a5d7a3aa9e8f0d67982c5a1c27b10904d8f1d52863c3ff2e298c9b5bdcd28
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
8c8a87efe5f4bb9345d45baa057dd2b23b8f44d46d2b3ed4bd454c1bf54fc66d
8ca13b9fdd93beac7cd4f710afca5f68e248eff5e886f2f7ea2167fd15093345
91c214f182dfabdbf5744a64ef916473a3ae1476c5ec595e88854909427ab056
934dbd6ce3617c8275ab2fd275d078aaab03530c4a56336df6be1ccec964a72f
9498986fc8431b4e681517da93dcf72485477bbc6da133ffa588ff038aec0cf1
97152508df33871d78e6d8595480ac6c5cf8f2feb1fc1ef7fd2ef7a0517810c7
97ff13d7c171e82a561b1ed7ec96c87d85d173eae3ae91d2cf5875e9f36fc3f5
9d07a3afe2050c2e5d44dd2dbfdc8756e1d0fa177518eb6992d5096526cbd7bd
9e3f009965bacbe5c0e640baad0f002e9155f386e62f807766dec41c12f90505
a0e292af323e79789da01c3a3a8d8b78af24cfc1742786cebf8c489d0a686e03
a1caafe445c7f386a7d5dde1c633bb9de997c20d2af032ba92bfa72052dbd30d
a3dee1f3e5910065a08f4734456d718f98ef7e70e68da10f629b5f05dba671fd
ab449241b50123673e76dbcd70f869ae11d26920f0ce1670fdfd266308058179
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ace356aa4ac55ca8d7caeda783f4643a7255d20eaf94c4e884d87e9ea14f31ef
b2296cc09e0031fb63346a47c34ad827ca39775778c400b7519ba400e05bc521
b27190580a444129558b8bc9043afe5f6c5e7e7f0557a63d5ab6c53f1801874c
b3660396975bbcf000e2870a12ad47a719b6432657b271f55dd570f1d67b81b7
b3c4c350bc8e1f5dfb3cd2219da782d012cabbd838860724b5b677adb3b83eec
b7a8d4e918c98ec9eec4b1ea4d89acc72716c0ece6277f1f88898a764e185145
b7ab8989fc4fdf71dad241d721ae8397c01e29c5d5b09050b16f99d0ed297dca
b9a813be060efd29a4fd2994f018639303090b78d0f44f871573a4e2233190fa
ba0c019ab7b30399a991f543405e32c78af12b9793614fd8144f3870e5dfc888
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b
bec117b5be8f22e9305be68965e3734a5135357a3ac88cda5814b7069a1c62dc
c4555b733303ca316582d3eb08265f07bf3d746a637c47f9c171c978740d7769
c4b304e99b623fdb308eedee76a45099412c85dfbcb9aee1d362aa5e0fa16765
c695fd71e54ee4521f6b2bf1ea92ed2615118397e4c70683ff90cbb707600275
c859145d850ec2c98e2855e06bfaf2573010bb29e98bc568d68932aa0297ea59
cee395287975be607deb7a11ebc5cf2451e3c3b2dde29618f6612d134768509b
d4510ce57933ba76f8325482d2fedce211e915316d885643bf752e1de09f455d
d70ca30e032c44217a48beda52c76c2e1b15188104fd67d885467d6e830cd5d0
d75badcc1db3359335f538c9dc81ee7d4935c965b29ca87ddf23465800225bf6
dba5521edf2485cb2c6c3c21f98bccefab16f765e37feea70272f420e1da8fa8
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de657b8c0addb213e7fe409da7b1a4d4edb52ab824b49fa5a154216fdc74e61c
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e1903624a3ba86f29a3e809b2de412d2c916935db6e95a85479991dc9f267744
e24292a202ee1328c1ba5359f6d698adf062197eb5697582a0f15e4a39ab66ad
e2a6310eac721ee55c7b6963a299e007ae38b4ef4b98b68585d8416354f2e1cc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e865b87b3186028797ddfe024eb9573f6ac9ac76eac8855a37caa9ef9b025a2d
e8ff6b8bd53848090603614f7341e0a4946c9c1e6ff898d0cd3d089a38f7d74c
ebd3c1b80d020fe6de58ea3af8950efcfe91d72b8fe1001cf17609c9bcdc83a0
eec882563e44168a4ce35f9314e7d6c76c6176e7279668ad8413ebd5e17f3d85
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef776708ac8e9a3a3ecc43ff4a80bb0e1ba3048ff55a9cbc40fae0f020bf3516
f18f5bd3f7f715bb570620c65f9affa1a902b99747171d051e12c47b20f08af0
f5ee20343782e170511daaa30e087970a5dec8ad9ad108ed0e174d0ec583dbf3
f943eacfc483576eb7ca68a1fc5a4251614669e60ff2de262c16a2fd5ca9ce12
fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388
fbdf3f79ac4a6175659ae176598e064e27e85c57657569975113d0bd67bbcfcd
fcef96bd3d8479bd51214ea2308b44862e719474c22c78361e02e6546156c96f
fd054315b9a5a4431a111a7c79acead683ddf0981021c1a8c462a69f9d799e80
ff4c14632743e8be46295e64e3da8e4028c7a12c7f426bae5edfa9a10876f2c5