www.avanan.com Open in urlscan Pro
199.60.103.254 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.avanan.com/e3t/Ctc/2H+113/ccGyW04/VWqggk58dy6XW4_rqSb6WfHrnW5NMkyh56N3P8KqQH3lYMRW7lCdLW6lZ3m2W2h9Km13f0jF-...
Effective URL:
https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-...
Submission: On December 07 via manual (December 7th 2023, 7:35:33 pm UTC) from CA — Scanned from CA

Summary HTTP 203 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 57 IPs in 2 countries across 48 domains to perform 203 HTTP transactions. The main IP is 199.60.103.254, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.avanan.com. The Cisco Umbrella rank of the primary domain is 784953.
TLS certificate: Issued by GTS CA 1P5 on November 18th 2023. Valid for: 3 months.

This is the only time www.avanan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 56	199.60.103.254 199.60.103.254	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
3	172.64.141.13 172.64.141.13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.253.122.95 172.253.122.95	15169 (GOOGLE) (GOOGLE)
2	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.218.218.191 23.218.218.191	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.16.109.209 104.16.109.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	104.19.155.83 104.19.155.83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.209.51 104.18.209.51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	99.86.229.18 99.86.229.18	16509 (AMAZON-02) (AMAZON-02)
1	104.17.192.96 104.17.192.96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.253.63.97 172.253.63.97	15169 (GOOGLE) (GOOGLE)
1	13.249.39.43 13.249.39.43	16509 (AMAZON-02) (AMAZON-02)
7	172.253.122.94 172.253.122.94	15169 (GOOGLE) (GOOGLE)
1	3.162.112.30 3.162.112.30	16509 (AMAZON-02) (AMAZON-02)
8	31.13.66.19 31.13.66.19	32934 (FACEBOOK) (FACEBOOK)
5	192.229.163.25 192.229.163.25	15133 (EDGECAST) (EDGECAST)
1	104.18.122.12 104.18.122.12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.77.186 104.16.77.186	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.34.229 104.18.34.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.229.163 104.17.229.163	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	104.18.130.236 104.18.130.236	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.17.207.249 104.17.207.249	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.203.204 104.17.203.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
3	13.225.195.48 13.225.195.48	16509 (AMAZON-02) (AMAZON-02)
4	23.218.218.181 23.218.218.181	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.18.32.137 104.18.32.137	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	13.225.195.49 13.225.195.49	16509 (AMAZON-02) (AMAZON-02)
3	157.240.229.35 157.240.229.35	32934 (FACEBOOK) (FACEBOOK)
11	23.196.3.196 23.196.3.196	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	204.79.197.200 204.79.197.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	142.250.31.155 142.250.31.155	15169 (GOOGLE) (GOOGLE)
1	3.162.3.99 3.162.3.99	16509 (AMAZON-02) (AMAZON-02)
1	3.161.210.224 3.161.210.224	16509 (AMAZON-02) (AMAZON-02)
2	3.162.7.181 3.162.7.181	16509 (AMAZON-02) (AMAZON-02)
1	34.205.220.113 34.205.220.113	14618 (AMAZON-AES) (AMAZON-AES)
1	34.107.254.219 34.107.254.219	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.64.151.60 172.64.151.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.162.112.37 3.162.112.37	16509 (AMAZON-02) (AMAZON-02)
1	172.64.144.225 172.64.144.225	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	216.239.34.181 216.239.34.181	15169 (GOOGLE) (GOOGLE)
3	142.251.163.94 142.251.163.94	15169 (GOOGLE) (GOOGLE)
2	142.250.31.147 142.250.31.147	15169 (GOOGLE) (GOOGLE)
2	34.111.208.231 34.111.208.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.193.102.142 34.193.102.142	14618 (AMAZON-AES) (AMAZON-AES)
1	99.84.191.41 99.84.191.41	16509 (AMAZON-02) (AMAZON-02)
1	54.192.31.81 54.192.31.81	16509 (AMAZON-02) (AMAZON-02)
1	104.26.11.16 104.26.11.16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.225.195.69 13.225.195.69	16509 (AMAZON-02) (AMAZON-02)
1 2	52.73.106.251 52.73.106.251	14618 (AMAZON-AES) (AMAZON-AES)
1	34.117.110.211 34.117.110.211	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	68.67.160.26 68.67.160.26	29990 (ASN-APPNEX) (ASN-APPNEX)
1	23.48.104.108 23.48.104.108	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.55.42.144 52.55.42.144	14618 (AMAZON-AES) (AMAZON-AES)
4	18.235.175.115 18.235.175.115	14618 (AMAZON-AES) (AMAZON-AES)
203	57

56 199.60.103.254 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.avanan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.141.13 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.122.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.218.191 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-218-218-191.deploy.static.akamaitechnologies.com

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.109.209 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.19.155.83 (None, )

ASN13335 (CLOUDFLARENET, US)

no-cache.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.209.51 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hscta.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.86.229.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-229-18.iad79.r.cloudfront.net

www.gartner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.192.96 (None, )

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.63.97 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.249.39.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-39-43.iad89.r.cloudfront.net

lftracker.leadfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.253.122.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.112.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-112-30.iad61.r.cloudfront.net

tr.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.229.163.25 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.122.12 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.77.186 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.34.229 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.229.163 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.18.130.236 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.207.249 (None, )

ASN13335 (CLOUDFLARENET, US)

perf.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.203.204 (None, )

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.195.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-48.yul62.r.cloudfront.net

reviews.static.gartner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.218.218.181 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-218-218-181.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.32.137 (None, )

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.107.42.14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 13.225.195.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-49.yul62.r.cloudfront.net

checkpointsoftwaretechnologiesincavanan.widget.insent.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.229.35 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-iad3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 23.196.3.196 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-196-3-196.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.31.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.3.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-99.yul62.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.210.224 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-210-224.yul62.r.cloudfront.net

d10lpsik1i8c69.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.162.7.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-7-181.yul62.r.cloudfront.net

d26x5ounzdjojj.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.205.220.113 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-220-113.compute-1.amazonaws.com

ct.capterra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.254.219 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 219.254.107.34.bc.googleusercontent.com

www.influ2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.151.60 (United States)

ASN13335 (CLOUDFLARENET, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.112.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-112-37.iad61.r.cloudfront.net

vidassets.terminus.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.144.225 (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.g2crowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.239.34.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.163.94 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f94.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.31.147 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.208.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.208.111.34.bc.googleusercontent.com

ibc-flow.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.193.102.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-102-142.compute-1.amazonaws.com

bf28149orj.bf.dynatrace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.191.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-191-41.iad89.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.31.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-31-81.iad89.r.cloudfront.net

js.pusher.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.11.16 (None, )

ASN13335 (CLOUDFLARENET, US)

settings.luckyorange.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.195.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-69.yul62.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.73.106.251 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-106-251.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.110.211 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 211.110.117.34.bc.googleusercontent.com

t.influ2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.160.26 (Jersey City, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.48.104.108 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-104-108.deploy.static.akamaitechnologies.com

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.55.42.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-42-144.compute-1.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.235.175.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-175-115.compute-1.amazonaws.com

com-thebigwillow-prod1.collector.snplow.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	avanan.com 1 redirects www.avanan.com — Cisco Umbrella Rank: 784953	2 MB
12	6sc.co j.6sc.co — Cisco Umbrella Rank: 5657 c.6sc.co — Cisco Umbrella Rank: 8715 ipv6.6sc.co — Cisco Umbrella Rank: 5852 b.6sc.co — Cisco Umbrella Rank: 3994	23 KB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 324	155 KB
9	insent.ai checkpointsoftwaretechnologiesincavanan.widget.insent.ai	508 KB
9	gartner.com www.gartner.com — Cisco Umbrella Rank: 56772 reviews.static.gartner.com — Cisco Umbrella Rank: 146183	205 KB
8	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1230 syndication.twitter.com — Cisco Umbrella Rank: 1549	161 KB
8	hubspot.com no-cache.hubspot.com — Cisco Umbrella Rank: 12110 app.hubspot.com — Cisco Umbrella Rank: 5546 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 4978 track.hubspot.com — Cisco Umbrella Rank: 2246 forms.hubspot.com — Cisco Umbrella Rank: 4894	10 KB
7	gstatic.com fonts.gstatic.com	82 KB
6	linkedin.com 3 redirects platform.linkedin.com — Cisco Umbrella Rank: 3771 px.ads.linkedin.com — Cisco Umbrella Rank: 327 www.linkedin.com — Cisco Umbrella Rank: 629	165 KB
5	google.com analytics.google.com — Cisco Umbrella Rank: 152 www.google.com — Cisco Umbrella Rank: 2	888 B
4	snplow.net com-thebigwillow-prod1.collector.snplow.net — Cisco Umbrella Rank: 77241	639 B
4	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 953	274 KB
4	licdn.com snap.licdn.com — Cisco Umbrella Rank: 763	26 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	177 KB
3	google.ca www.google.ca — Cisco Umbrella Rank: 9252	670 B
3	techtarget.com trk.techtarget.com — Cisco Umbrella Rank: 26115 ibc-flow.techtarget.com — Cisco Umbrella Rank: 23835	2 KB
3	cloudfront.net d10lpsik1i8c69.cloudfront.net d26x5ounzdjojj.cloudfront.net	113 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75	4 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 329	14 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	34 KB
3	hsforms.com perf.hsforms.com — Cisco Umbrella Rank: 13064	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	307 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	3 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 971	135 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 9429	774 B
2	bidr.io 1 redirects match.prod.bidr.io — Cisco Umbrella Rank: 563	1 KB
2	dynatrace.com bf28149orj.bf.dynatrace.com — Cisco Umbrella Rank: 90300	954 B
2	influ2.com www.influ2.com — Cisco Umbrella Rank: 54376 t.influ2.com — Cisco Umbrella Rank: 52243	3 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 700 script.hotjar.com — Cisco Umbrella Rank: 933	59 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	9 KB
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 478	573 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2580	258 B
1	luckyorange.net settings.luckyorange.net — Cisco Umbrella Rank: 10163	740 B
1	pusher.com js.pusher.com — Cisco Umbrella Rank: 15569	18 KB
1	g2crowd.com tracking.g2crowd.com — Cisco Umbrella Rank: 8744	1 KB
1	terminus.services vidassets.terminus.services — Cisco Umbrella Rank: 34071
1	capterra.com ct.capterra.com — Cisco Umbrella Rank: 22647	430 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 548	306 B
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3450	1 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3131	4 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2129	20 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2128	21 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4727	88 KB
1	lfeeder.com tr.lfeeder.com — Cisco Umbrella Rank: 25528	293 B
1	leadfeeder.com lftracker.leadfeeder.com — Cisco Umbrella Rank: 86353	11 KB
1	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 5536	6 KB
1	hscta.net js.hscta.net — Cisco Umbrella Rank: 21950	7 KB
1	hubspot.net cdn2.hubspot.net — Cisco Umbrella Rank: 8411	2 KB
203	48

	Domain	Requested by
56	www.avanan.com	1 redirects www.avanan.com
11	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org
9	checkpointsoftwaretechnologiesincavanan.widget.insent.ai	www.avanan.com checkpointsoftwaretechnologiesincavanan.widget.insent.ai
8	b.6sc.co
7	fonts.gstatic.com	fonts.googleapis.com
6	www.gartner.com	www.avanan.com www.gartner.com
5	platform.twitter.com	www.avanan.com platform.twitter.com
4	com-thebigwillow-prod1.collector.snplow.net	d26x5ounzdjojj.cloudfront.net
4	static.xx.fbcdn.net	www.facebook.com
4	px.ads.linkedin.com	2 redirects www.avanan.com snap.licdn.com
4	snap.licdn.com	js.hsadspixel.net snap.licdn.com www.googletagmanager.com
4	connect.facebook.net	www.avanan.com connect.facebook.net
3	www.google.ca
3	analytics.google.com	www.googletagmanager.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	www.facebook.com	connect.facebook.net
3	track.hubspot.com
3	reviews.static.gartner.com	www.gartner.com
3	syndication.twitter.com	platform.twitter.com www.avanan.com
3	perf.hsforms.com	www.avanan.com
3	www.googletagmanager.com	www.avanan.com www.googletagmanager.com
3	fonts.googleapis.com	www.avanan.com
3	use.fontawesome.com	www.avanan.com use.fontawesome.com
2	epsilon.6sense.com	j.6sc.co
2	match.prod.bidr.io	1 redirects
2	bf28149orj.bf.dynatrace.com	www.gartner.com
2	ibc-flow.techtarget.com	trk.techtarget.com
2	www.google.com
2	d26x5ounzdjojj.cloudfront.net	www.avanan.com d26x5ounzdjojj.cloudfront.net
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	j.6sc.co	www.googletagmanager.com j.6sc.co
2	cta-service-cms2.hubspot.com	js.hscta.net
2	cdnjs.cloudflare.com	www.avanan.com www.gartner.com
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	secure.adnxs.com	j.6sc.co
1	t.influ2.com	www.influ2.com
1	vc.hotjar.io	script.hotjar.com
1	settings.luckyorange.net	d10lpsik1i8c69.cloudfront.net
1	js.pusher.com	checkpointsoftwaretechnologiesincavanan.widget.insent.ai
1	script.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	forms.hubspot.com	js.hsleadflows.net
1	tracking.g2crowd.com	www.avanan.com
1	vidassets.terminus.services	www.googletagmanager.com
1	trk.techtarget.com	www.avanan.com
1	www.influ2.com	www.googletagmanager.com
1	ct.capterra.com	www.avanan.com
1	d10lpsik1i8c69.cloudfront.net	www.avanan.com
1	static.hotjar.com	www.googletagmanager.com
1	www.linkedin.com	1 redirects
1	geolocation.onetrust.com	cdn.cookielaw.org
1	api.hubapi.com	js.hsadspixel.net
1	app.hubspot.com	www.avanan.com
1	js.hsadspixel.net	www.avanan.com
1	js.hs-banner.com	www.avanan.com
1	js.hs-analytics.net	www.avanan.com
1	js.hsleadflows.net	www.avanan.com
1	tr.lfeeder.com	www.avanan.com
1	lftracker.leadfeeder.com	www.avanan.com
1	static.hsappstatic.net	www.avanan.com
1	js.hscta.net	www.avanan.com
1	no-cache.hubspot.com	www.avanan.com
1	cdn2.hubspot.net	www.avanan.com
1	platform.linkedin.com	www.avanan.com
203	65

This site contains links to these domains. Also see Links.

Domain
www.checkpoint.com
accounts.checkpoint.com
www.gartner.com
gtnr.io
careers.checkpoint.com
twitter.com
www.linkedin.com
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
www.avanan.com GTS CA 1P5	`2023-11-18` - `2024-02-16`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2023-05-17` - `2024-05-16`	a year	crt.sh
hubspot.net Cloudflare Inc ECC CA-3	`2023-04-06` - `2024-04-05`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
www.gartner.com Amazon RSA 2048 M01	`2023-02-22` - `2024-02-05`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.leadfeeder.com Amazon RSA 2048 M01	`2023-02-02` - `2024-03-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.lfeeder.com Amazon RSA 2048 M01	`2023-03-22` - `2024-04-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-16` - `2023-12-15`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh
syndication.twitter.com R3	`2023-12-06` - `2024-03-05`	3 months	crt.sh
reviews.static.gartner.com Amazon RSA 2048 M02	`2023-03-16` - `2024-04-13`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh
*.widget.insent.ai Amazon RSA 2048 M01	`2023-03-01` - `2024-03-29`	a year	crt.sh
6sc.co R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.capterra.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-01` - `2024-08-31`	a year	crt.sh
influ2.com GTS CA 1D4	`2023-12-01` - `2024-02-29`	3 months	crt.sh
*.terminus.services Amazon RSA 2048 M02	`2023-09-16` - `2024-10-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
ibc-flow.techtarget.com GTS CA 1D4	`2023-11-17` - `2024-02-15`	3 months	crt.sh
*.bf.dynatrace.com Amazon RSA 2048 M02	`2023-03-01` - `2024-01-07`	10 months	crt.sh
js.pusher.com Amazon RSA 2048 M01	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
t.influ2.com R3	`2023-11-09` - `2024-02-07`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.6sense.com Amazon RSA 2048 M01	`2023-05-24` - `2024-06-21`	a year	crt.sh
com-thebigwillow-prod1.collector.snplow.net Amazon RSA 2048 M01	`2023-10-12` - `2024-11-08`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
Frame ID: EE3DF77DE26763B09C22BC4B271E5A21
Requests: 175 HTTP requests in this frame

Frame: https://www.gartner.com/reviews/public/Widget/data?widget_id=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy&size=large
Frame ID: 6DDCEF18AABBBE1304260354BB1209F8
Requests: 6 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fwww.avanan.com
Frame ID: 0A02A34E8DC35DE9DBA56D3084208CB0
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.d37472b4a6622d0b1fff46ad904f6896.en.html
Frame ID: 48D5AD5196493B8DE0A85C2203CF8CE7
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.d37472b4a6622d0b1fff46ad904f6896.en.html
Frame ID: 9C3321FA59F7F4827B944C91AFA5473F
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df11b6842f417ab8%26domain%3Dwww.avanan.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.avanan.com%252Ffff95c1edb808%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&width=120
Frame ID: D8BF6A4B08875BE5942B8D843559051C
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2d667ae185155%26domain%3Dwww.avanan.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.avanan.com%252Ffff95c1edb808%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&width=120
Frame ID: E6FB88BF880BD195BFD75262CDF17A65
Requests: 3 HTTP requests in this frame

Frame: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/?project_key=p2xERwhuLXXni4npvQaI&blog_url=www.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&event_listener=RY2F9pIDf4YMQF8&hubspot_cookies=[%22ca9d137359014ef346a276be0c1e860f%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
Frame ID: 4D49FFFF86E9DDB5935C59540960EF48
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Phishing via Genial.lyBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

https://www.avanan.com/e3t/Ctc/2H+113/ccGyW04/VWqggk58dy6XW4_rqSb6WfHrnW5NMkyh56N3P8KqQH3lYMRW7lCdL... Page URL
https://www.avanan.com/events/public/v1/encoded/track/tc/2H+113/ccGyW04/VWqggk58dy6XW4_rqSb6WfHrnW5... HTTP 307
https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.linkedin\.com/in\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

203
Requests

99 %
HTTPS

0 %
IPv6

48
Domains

65
Subdomains

57
IPs

2
Countries

5181 kB
Transfer

12448 kB
Size

46
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: https://www.checkpoint.com/partners/channel/
Title: Become a Reseller

Search URL Search Domain Scan URL

URL: https://accounts.checkpoint.com/#/login
Title: Go Now

Search URL Search Domain Scan URL

URL: https://www.gartner.com/reviews/market/email-security/vendor/check-point-software-technologies-avanan?utm_source=check-point-software-technologies-avanan&utm_medium=referral&utm_campaign=widget&utm_content=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy
Title: Check Point Software Technologies (Avanan)Email Security4.7520 Ratings Submit a reviewAs of 7 Dec 2023Reviewed October 17, 2023"In the top tier of all email security solutions..." (read more)Reviewed October 17, 2023"AI-Based email detection tool modernizing email security..." (read more)Reviewed October 12, 2023"A solution to protect email in the cloud that is easy to manage ..." (read more)Reviewed August 14, 2023"Best Email security ..." (read more)Reviewed July 25, 2023"I sleep better at night with Avanan protecting us...." (read more)Reviewed July 13, 2023"Great product..." (read more)Reviewed June 23, 2023"Avanan just works to protect your email...." (read more)Reviewed June 11, 2023"Avanan email security protects your email and collaboration suites using AI/ML algorithms..." (read more)Reviewed June 11, 2023"Very nice, fantastic and pocket friendly cloud email security application. ..." (read more)Reviewed June 8, 2023"Ultimate cloud cover protection against cloud phishing ..."

Search URL Search Domain Scan URL

URL: https://gtnr.io/KTCLEMy5I
Title: Submit a review

Search URL Search Domain Scan URL

URL: https://www.gartner.com/reviews/market/email-security/vendor/check-point-software-technologies-avanan/product/avanan/review/view/5053682?utm_source=check-point-software-technologies-avanan&utm_medium=referral&utm_campaign=widget&utm_content=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy
Title: (read more)

Search URL Search Domain Scan URL

URL: https://www.gartner.com/reviews/market/email-security/vendor/check-point-software-technologies-avanan/product/avanan/review/view/5053454?utm_source=check-point-software-technologies-avanan&utm_medium=referral&utm_campaign=widget&utm_content=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy
Title: (read more)

Search URL Search Domain Scan URL

URL: https://www.gartner.com/reviews/market/email-security/vendor/check-point-software-technologies-avanan/product/avanan/review/view/5046086?utm_source=check-point-software-technologies-avanan&utm_medium=referral&utm_campaign=widget&utm_content=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy
Title: (read more)

Search URL Search Domain Scan URL

URL: https://www.gartner.com/reviews/market/email-security/vendor/check-point-software-technologies-avanan/product/avanan/review/view/4859858?utm_source=check-point-software-technologies-avanan&utm_medium=referral&utm_campaign=widget&utm_content=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy
Title: (read more)

Search URL Search Domain Scan URL

URL: https://www.gartner.com/reviews/market/email-security/vendor/check-point-software-technologies-avanan/product/avanan/review/view/4770260?utm_source=check-point-software-technologies-avanan&utm_medium=referral&utm_campaign=widget&utm_content=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy
Title: (read more)

Search URL Search Domain Scan URL

URL: https://www.gartner.com/reviews/market/email-security/vendor/check-point-software-technologies-avanan/product/avanan/review/view/4871998?utm_source=check-point-software-technologies-avanan&utm_medium=referral&utm_campaign=widget&utm_content=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy
Title: (read more)

Search URL Search Domain Scan URL

URL: https://www.gartner.com/reviews/market/email-security/vendor/check-point-software-technologies-avanan/product/avanan/review/view/4835268?utm_source=check-point-software-technologies-avanan&utm_medium=referral&utm_campaign=widget&utm_content=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy
Title: (read more)

Search URL Search Domain Scan URL

URL: https://www.gartner.com/reviews/market/email-security/vendor/check-point-software-technologies-avanan/product/avanan/review/view/4805710?utm_source=check-point-software-technologies-avanan&utm_medium=referral&utm_campaign=widget&utm_content=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy
Title: (read more)

Search URL Search Domain Scan URL

URL: https://www.gartner.com/reviews/market/email-security/vendor/check-point-software-technologies-avanan/product/avanan/review/view/4805860?utm_source=check-point-software-technologies-avanan&utm_medium=referral&utm_campaign=widget&utm_content=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy
Title: (read more)

Search URL Search Domain Scan URL

URL: https://www.gartner.com/reviews/market/email-security/vendor/check-point-software-technologies-avanan/product/avanan/review/view/4802398?utm_source=check-point-software-technologies-avanan&utm_medium=referral&utm_campaign=widget&utm_content=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy
Title: (read more)

Search URL Search Domain Scan URL

URL: https://www.gartner.com/reviews/market/email-security/vendor/check-point-software-technologies-avanan/product/avanan/review/view/4791196?utm_source=check-point-software-technologies-avanan&utm_medium=referral&utm_campaign=widget&utm_content=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy
Title: (read more)

Search URL Search Domain Scan URL

URL: https://www.gartner.com/reviews/market/email-security/vendor/check-point-software-technologies-avanan/product/avanan/review/view/4778378?utm_source=check-point-software-technologies-avanan&utm_medium=referral&utm_campaign=widget&utm_content=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy
Title: (read more)

Search URL Search Domain Scan URL

URL: https://www.gartner.com/reviews/market/email-security/vendor/check-point-software-technologies-avanan/product/avanan/review/view/4776428?utm_source=check-point-software-technologies-avanan&utm_medium=referral&utm_campaign=widget&utm_content=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy
Title: (read more)

Search URL Search Domain Scan URL

URL: https://www.gartner.com/reviews/market/email-security/vendor/check-point-software-technologies-avanan/product/avanan/review/view/4774748?utm_source=check-point-software-technologies-avanan&utm_medium=referral&utm_campaign=widget&utm_content=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy
Title: (read more)

Search URL Search Domain Scan URL

URL: https://www.gartner.com/reviews/market/email-security/vendor/check-point-software-technologies-avanan/product/avanan/review/view/4770850?utm_source=check-point-software-technologies-avanan&utm_medium=referral&utm_campaign=widget&utm_content=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy
Title: (read more)

Search URL Search Domain Scan URL

URL: https://www.gartner.com/reviews/market/email-security/vendor/check-point-software-technologies-avanan/product/avanan/review/view/4770682?utm_source=check-point-software-technologies-avanan&utm_medium=referral&utm_campaign=widget&utm_content=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy
Title: (read more)

Search URL Search Domain Scan URL

URL: https://www.gartner.com/reviews/market/email-security/vendor/check-point-software-technologies-avanan/product/avanan/review/view/3424847?utm_source=check-point-software-technologies-avanan&utm_medium=referral&utm_campaign=widget&utm_content=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy
Title: (read more)

Search URL Search Domain Scan URL

URL: https://www.gartner.com/reviews/market/email-security/vendor/check-point-software-technologies-avanan/product/avanan/review/view/4770336?utm_source=check-point-software-technologies-avanan&utm_medium=referral&utm_campaign=widget&utm_content=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy
Title: (read more)

Search URL Search Domain Scan URL

URL: https://www.gartner.com/reviews/market/email-security/vendor/check-point-software-technologies-avanan/product/avanan/review/view/4770022?utm_source=check-point-software-technologies-avanan&utm_medium=referral&utm_campaign=widget&utm_content=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy
Title: (read more)

Search URL Search Domain Scan URL

URL: https://www.gartner.com/reviews/market/email-security/vendor/check-point-software-technologies-avanan/product/avanan/review/view/4768382?utm_source=check-point-software-technologies-avanan&utm_medium=referral&utm_campaign=widget&utm_content=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy
Title: (read more)

Search URL Search Domain Scan URL

URL: https://careers.checkpoint.com/?q=&module=cpcareers&a=search&fa%5B%5D=department_s%3AEmail%2520Security&sort=
Title: Careers

Search URL Search Domain Scan URL

URL: https://twitter.com/AvananSecurity

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/avanan/

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/privacy/cookies/
Title: Cookie Notice

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.avanan.com/e3t/Ctc/2H+113/ccGyW04/VWqggk58dy6XW4_rqSb6WfHrnW5NMkyh56N3P8KqQH3lYMRW7lCdLW6lZ3m2W2h9Km13f0jF-W1kkKXX2ZdfJ7W9bX7xr5xp7wWW4prkrF2Yst27W7wSM1g231HfqW2zfW4K6Xz4yvW6q5tNy6ybRryW1fVSg238l0x3VRsVQ161Qk11VnMS6X8P2mPSW4Snz2M2NNQzPW8MCy-68djlHDW7xZvHQ7KhmN7W4HpQpv7sFPpqW5k9dyv7Q_b6yW35tNGx2YLKMpN5YNmk8b4wb2W9cn7Ps7-SJqKW5bBgZb1SlBjlW1YTdXy1SbgCyVdqy6Y7tMrHRW5rwsGP4mBqNrW24hwCP8BcVwqW67-zNq93T5Fxf77g5BF04 Page URL
https://www.avanan.com/events/public/v1/encoded/track/tc/2H+113/ccGyW04/VWqggk58dy6XW4_rqSb6WfHrnW5NMkyh56N3P8KqQH3lYMRW7lCdLW6lZ3m2W2h9Km13f0jF-W1kkKXX2ZdfJ7W9bX7xr5xp7wWW4prkrF2Yst27W7wSM1g231HfqW2zfW4K6Xz4yvW6q5tNy6ybRryW1fVSg238l0x3VRsVQ161Qk11VnMS6X8P2mPSW4Snz2M2NNQzPW8MCy-68djlHDW7xZvHQ7KhmN7W4HpQpv7sFPpqW5k9dyv7Q_b6yW35tNGx2YLKMpN5YNmk8b4wb2W9cn7Ps7-SJqKW5bBgZb1SlBjlW1YTdXy1SbgCyVdqy6Y7tMrHRW5rwsGP4mBqNrW24hwCP8BcVwqW67-zNq93T5Fxf77g5BF04?_ud=eebf3b08-2f43-49c1-ba69-ce044b831804&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 113

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=110528&time=1701977724969&url=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=110528&time=1701977724969&url=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D110528%26time%3D1701977724969%26url%3Dhttps%253A%252F%252Fwww.avanan.com%252Fblog%252Fphishing-via-genial.ly%253Futm_medium%253Demail%2526_hsmi%253D285604545%2526_hsenc%253Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%2526utm_content%253D285604545%2526utm_source%253Dhs_email%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=110528&time=1701977724969&url=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&cookiesTest=true&liSync=true

Request Chain 178

https://match.prod.bidr.io/cookie-sync/tbw HTTP 303
https://match.prod.bidr.io/cookie-sync/tbw?_bee_ppp=1

203 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VWqggk58dy6XW4_rqSb6WfHrnW5NMkyh56N3P8KqQH3lYMRW7lCdLW6lZ3m2W2h9Km13f0jF-W1kkKXX2ZdfJ7W9bX7xr5xp7wWW4prkrF2Yst27W7wSM1g231HfqW2zfW4K6Xz4yvW6q5tNy6ybRryW1fVSg238l0x3VRsVQ161Qk11VnMS6X8P2mPSW4Snz2M2N...
www.avanan.com/e3t/Ctc/2H+113/ccGyW04/ 8 KB
4 KB 715ms
126ms Document
text/html 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/e3t/Ctc/2H+113/ccGyW04/VWqggk58dy6XW4_rqSb6WfHrnW5NMkyh56N3P8KqQH3lYMRW7lCdLW6lZ3m2W2h9Km13f0jF-W1kkKXX2ZdfJ7W9bX7xr5xp7wWW4prkrF2Yst27W7wSM1g231HfqW2zfW4K6Xz4yvW6q5tNy6ybRryW1fVSg238l0x3VRsVQ161Qk11VnMS6X8P2mPSW4Snz2M2NNQzPW8MCy-68djlHDW7xZvHQ7KhmN7W4HpQpv7sFPpqW5k9dyv7Q_b6yW35tNGx2YLKMpN5YNmk8b4wb2W9cn7Ps7-SJqKW5bBgZb1SlBjlW1YTdXy1SbgCyVdqy6Y7tMrHRW5rwsGP4mBqNrW24hwCP8BcVwqW67-zNq93T5Fxf77g5BF04

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: false
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
cf-ray: 831f361e2bad3905-YYZ
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html;charset=utf-8
date: Thu, 07 Dec 2023 19:35:22 GMT
last-modified: Thu, 07 Dec 2023 19:35:22 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0TXbNU%2FenupixabxbFgxI9ggLZwzoP2fq2Z2XXuzN1YnkN81EaVseoytBNuxUpZU54vXnrkX%2BWmi4u6XJ8YFclgz7s0DEHG0S1RVbDHycxYzKnFlEO1Yr5eGNtFgTMmA"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 25
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/event-tracking-td/envoy-proxy-5bb8974fb5-r57fj
x-evy-trace-virtual-host: all
x-hs-https-only: worker
x-hubspot-correlation-id: 344b3c56-b2d1-4b33-8cb9-ccf9b89a9f32
x-request-id: 344b3c56-b2d1-4b33-8cb9-ccf9b89a9f32
x-robots-tag: none

GET
H3

200

Primary Request phishing-via-genial.ly Show response
www.avanan.com/blog/
Redirect Chain

https://www.avanan.com/events/public/v1/encoded/track/tc/2H+113/ccGyW04/VWqggk58dy6XW4_rqSb6WfHrnW5NMkyh56N3P8KqQH3lYMRW7lCdLW6lZ3m2W2h9Km13f0jF-W1kkKXX2ZdfJ7W9bX7xr5xp7wWW4prkrF2Yst27W7wSM1g231Hfq...
https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwc...

95 KB
21 KB

68ms
67ms

Document
text/html

199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/e3t/Ctc/2H+113/ccGyW04/VWqggk58dy6XW4_rqSb6WfHrnW5NMkyh56N3P8KqQH3lYMRW7lCdLW6lZ3m2W2h9Km13f0jF-W1kkKXX2ZdfJ7W9bX7xr5xp7wWW4prkrF2Yst27W7wSM1g231HfqW2zfW4K6Xz4yvW6q5tNy6ybRryW1fVSg238l0x3VRsVQ161Qk11VnMS6X8P2mPSW4Snz2M2NNQzPW8MCy-68djlHDW7xZvHQ7KhmN7W4HpQpv7sFPpqW5k9dyv7Q_b6yW35tNGx2YLKMpN5YNmk8b4wb2W9cn7Ps7-SJqKW5bBgZb1SlBjlW1YTdXy1SbgCyVdqy6Y7tMrHRW5rwsGP4mBqNrW24hwCP8BcVwqW67-zNq93T5Fxf77g5BF04

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

636cfb0881ed8c598690b31fad62f8fc83c00411bcc6527745b97409d43bc647

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/e3t/Ctc/2H+113/ccGyW04/VWqggk58dy6XW4_rqSb6WfHrnW5NMkyh56N3P8KqQH3lYMRW7lCdLW6lZ3m2W2h9Km13f0jF-W1kkKXX2ZdfJ7W9bX7xr5xp7wWW4prkrF2Yst27W7wSM1g231HfqW2zfW4K6Xz4yvW6q5tNy6ybRryW1fVSg238l0x3VRsVQ161Qk11VnMS6X8P2mPSW4Snz2M2NNQzPW8MCy-68djlHDW7xZvHQ7KhmN7W4HpQpv7sFPpqW5k9dyv7Q_b6yW35tNGx2YLKMpN5YNmk8b4wb2W9cn7Ps7-SJqKW5bBgZb1SlBjlW1YTdXy1SbgCyVdqy6Y7tMrHRW5rwsGP4mBqNrW24hwCP8BcVwqW67-zNq93T5Fxf77g5BF04
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=10800, max-age=0
cf-ray: 831f36201f393905-YYZ
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 07 Dec 2023 19:35:22 GMT
edge-cache-tag: CT-147462885790,CG-4153530738,P-1835778,L-6416153737,CW-10828273430,CW-10828758285,CW-11124227288,CW-38920737000,E-5097885803,E-6067151804,E-6073351973,E-6073918834,E-6084513730,E-6476923280,PGS-ALL,SW-2,B-4153530738
etag: W/"691df031cbc2864d2404a5af4aff6758"
last-modified: Thu, 07 Dec 2023 14:15:10 GMT
link: </hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script,</hs/hsstatic/AsyncSupport/static-1.122/js/post_listing_asset.js>; rel=preload; as=script
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2MdATJr9KWGT43Q%2BH0CLyGTZTuWmpxEX5D0ns%2BtuErXYdwzf2WtrkVjUkBiGAxDoM8hcH%2F%2BENKRKJCYvGB1fLhtjljs2cBoqzLgUHQlV5X0upz5LyFXlJIY05iitUQy"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
x-hs-cache-control: s-maxage=10800, max-age=0
x-hs-cf-cache-status: HIT
x-hs-content-id: 147462885790
x-hs-https-only: worker
x-hs-hub-id: 1835778
x-hs-prerendered: Thu, 07 Dec 2023 14:15:10 GMT

Redirect headers

access-control-allow-credentials: false
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
cf-ray: 831f361f3dde3905-YYZ
content-security-policy: upgrade-insecure-requests
date: Thu, 07 Dec 2023 19:35:22 GMT
link: <https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email>; rel="canonical"
location: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TvKwcwnulKeOUpRzGC7JlUErTvG3pGrXqDhi32QYqipH46GtKIrdewFa1kQs8Q5adTjyskcDJOZuNVOvLHMIRfyDt8%2FGhp3XjEYwI%2B426GEXK9PJ6LhWQrOEmZEW3dea"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 50
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/event-tracking-td/envoy-proxy-5bb8974fb5-drcfm
x-evy-trace-virtual-host: all
x-hs-https-only: worker
x-hubspot-correlation-id: 627c8324-b275-46b1-afab-aa7b67aaa9b2
x-request-id: 627c8324-b275-46b1-afab-aa7b67aaa9b2
x-robots-tag: none

GET
H3 200 project.js Show response
www.avanan.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 1 KB
1 KB 107ms
106ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 baea19e57b5c9a395399255309193508.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 565215
x-amz-cf-pop: YTO50-P3
x-amz-server-side-encryption: AES256
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
content-encoding: br
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
server: cloudflare
etag: W/"61ca66de658cab9587e4636894680d5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AOMWb6SIKzReIk23pMiEDXUUsJZFkvgEesVOiXvx6%2B%2FerFPMCNRTAsX6lpR%2BH1TxehET461EgdwYSgsEs8RpzWw7jGm7Ld%2BPVJH0GrJ1xo1cWhN5ULaF1bE9u68NdA3x"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 831f3620885c3905-YYZ
x-amz-cf-id: N4KLZ0CiHQJ81318Xd2mABR3W6ukKVk-p3ueAE6-6taQpbPA9_2oog==
expires: Fri, 06 Dec 2024 19:35:23 GMT

GET
H3 200 post_listing_asset.js Show response
www.avanan.com/hs/hsstatic/AsyncSupport/static-1.122/js/ 3 KB
2 KB 107ms
106ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hs/hsstatic/AsyncSupport/static-1.122/js/post_listing_asset.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e7902d12bed414b23fd30c7019fc0fe08d03b14984beb21e486aaa59135f803

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 df34ce5bf73c140dc63a22fa17a4dcda.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 190554
x-amz-cf-pop: YTO50-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: nC1hzr07YsutChb9rCwKsMoiyxip8lR7
content-encoding: br
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 17 Dec 2021 15:26:10 GMT
server: cloudflare
etag: W/"d95d7dafd49a1edc76a47120c287b579"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2BLghWw8cu%2BaFzJTuRY1UaaEjLl13y4knxRXoXIiiE9Afdms%2FTHWGvWR1M4T0gz0i1Ay79d3Rfx75itltmTr%2FIQudS6V%2B2bKbKP5Fffey%2Bk0PhxQlxEHR5p6njrj255w"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 831f3620885e3905-YYZ
x-amz-cf-id: tm49AifqKZ19cW-GbiZNjOHYVTTwIFFaSUAI-9lOMD1zy6snHTxWtA==
expires: Fri, 06 Dec 2024 19:35:23 GMT

GET
H3 200 jquery-1.11.2.js Show response
www.avanan.com/hs/hsstatic/jquery-libs/static-1.4/jquery/ 94 KB
35 KB 109ms
108ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 c73f9dc228a4b3fb05ae37ce52d04a1c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 813646
x-amz-cf-pop: YTO50-P1
x-amz-version-id: null
content-encoding: br
x-cache: Hit from cloudfront
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 08 Jan 2015 18:08:00 GMT
server: cloudflare
etag: W/"5790ead7ad3ba27397aedfa3d263b867"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etM3okEFykWEJ%2BZ3eQzL%2BwvXOEm18vzT4IjMYj6DbQxeJoPCpp%2FSNImm3BMcGyhNCeqO8Ckf3411UyiZjuA1GPhLdXqjHRgISb%2F9UOemdCaOzngHYUNCRPgjRQwZEdcx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 831f362088633905-YYZ
x-amz-cf-id: IwiS937WaacTbkDRym94IXcTCXCQb6NUrz7p0u7IqPpDR6VjGsE4fA==
expires: Fri, 06 Dec 2024 19:35:23 GMT

GET
H3 200 module_38920737000_header-NEW.min.css
www.avanan.com/hs-fs/hub/1835778/hub_generated/module_assets/38920737000/1693339116978/ 350 B
2 KB 126ms
121ms Stylesheet
text/css 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hs-fs/hub/1835778/hub_generated/module_assets/38920737000/1693339116978/module_38920737000_header-NEW.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a28a88a058bb32f3fff988c31380f2392939d9c4d1bf38b32f531969a02a33de

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: YV43QRZFMEQ4WTX8
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"d03acb35e50d52eba2de45e92772724e"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1693339116978
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 263d97c176fc51d1d08116820c013de4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: mzhlCP.Q4kGZtjrszMLY3UteK9JyKt8t
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 01154447-734d-4516-b7a1-c96da628bdce
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 144
alt-svc: h3=":443"; ma=86400
x-amz-id-2: +dxz+eTmnKksQ+4VtVZX10rLzddt/OV+OenUN5L4ipW73xjXoEfTVgvFzIBeXhrBe/IZFcXwxje5/BeZBuIMk47u1H7WRQEAHycK7hAOuBE=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 01154447-734d-4516-b7a1-c96da628bdce
last-modified: Tue, 29 Aug 2023 19:58:37 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WBemSwTOa%2FXkgFapOhT1X4MYbZSoUQI7bUeDS7P2RyrSRx0xgXoMIqVFygq1sSFCXGRFEOvE6XNb2EA4jTHA%2Be3KTS1Dv%2FkV44b7PBT%2BVda65BuhaGS1BW%2FWC4Ij%2B5UY"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-54d77d98d9-lx8qs
access-control-allow-credentials: false
cf-ray: 831f3620987e3905-YYZ
x-amz-cf-id: rhnK01_4jYhmiNeuQDJaan10GeSQS3L6nKdE8wRYZXWxTEHLAt2CNA==

GET
H3 200 reset.min.css
www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/6067151804/1577975558437/Custom/jacob_redesign/css/ 760 B
2 KB 106ms
101ms Stylesheet
text/css 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/6067151804/1577975558437/Custom/jacob_redesign/css/reset.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

97152508df33871d78e6d8595480ac6c5cf8f2feb1fc1ef7fd2ef7a0517810c7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 3596
x-amz-request-id: 1TTX3RF26E1VW7WP
x-evy-trace-route-service-name: envoyset-translator
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"dd216fc74c067413933b3c64bb975273"
vary: origin, Accept-Encoding
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 1448f69604d5be1f9c9f0c64cfa90594.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: adg6Tcxw8bHaHALCZHMiZcGnIuL6f9nZ
x-amz-cf-pop: IAD89-C1
x-hubspot-correlation-id: 62ac04c7-5df7-4020-a241-e833c6cb748c
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 168
alt-svc: h3=":443"; ma=86400
x-amz-id-2: hR+g7scWYl09gvRzR3SUHe98LSugkduyeqIcaxTRqsJo0T0lanCXsV55+TpLg67YOrFMr79myT8=
x-request-id: 62ac04c7-5df7-4020-a241-e833c6cb748c
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 02 Jan 2020 14:32:39 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pc3bw%2BmgbFKQZOWSQAllnVUf1xuPHMHmVLdj26gkr5h%2B1p8gmO6FIfilrZ6SOnjfxdAgf2DFQ3LGL8AajrnbV5X4NsLQ294d%2FXubDAJc0sQb6uRQsYSb0ZccqgQbZ6KF"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-54d77d98d9-mdhhg
access-control-allow-credentials: false
cf-ray: 831f362098803905-YYZ
x-amz-cf-id: Y2PiPGgyKKrVNUS5XsCZl1eiCXvG8Ry1O1pWWQPivAzeaIsI_16gqg==

GET
H3 200 module_11124227288_updated_blog_body.min.css
www.avanan.com/hs-fs/hub/1835778/hub_generated/module_assets/11124227288/1683298028261/ 5 KB
3 KB 127ms
122ms Stylesheet
text/css 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hs-fs/hub/1835778/hub_generated/module_assets/11124227288/1683298028261/module_11124227288_updated_blog_body.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb73cc89830d3824b5c588849b29a5d4bad5b71108ba60e17bad3e6276dd5f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 3596
x-amz-request-id: 22R94CWA39Y1TKKR
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"34740dad57e89fd2749c7cdb3497cb09"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1683298028261
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 50f5f6b4e0025748bb74dce1db44c750.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: HyZl6ue_xg82nZe3wq8kD7rN5WNVoPQi
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 10cc91ec-478c-4be8-a803-95e4c37a2351
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 179
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 3hGdbHbNUXnD1V8e+z/1ui5kGO+cnwXrg1tUPIItzPUFeX7NxlFbUcvE1+ZwShfFAlXDmVK6294=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 10cc91ec-478c-4be8-a803-95e4c37a2351
last-modified: Fri, 05 May 2023 14:47:09 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KjCncC2aJ6wWaCeKfMUvb7ox8L1ljeUTIQ3bhpJ1RAvoezpTFI02asD0QMh%2BBz2%2FgBptZT60BQrUfSYTAzBY185D5tdMGJp92bI8oeRbq8yscI9xcyrJFphFpdHTpP6v"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-5d487f56c7-2p6jk
access-control-allow-credentials: false
cf-ray: 831f362098813905-YYZ
x-amz-cf-id: Nfmh7EA4bfKcKUWYjxB6QLF-rRzJ0RFAETPS_L1JaRyRMleTBs1ntg==

GET
H3 200 project.css
www.avanan.com/hs/hsstatic/BlogSocialSharingSupport/static-1.16/bundles/ 720 B
1 KB 127ms
123ms Stylesheet
text/css 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hs/hsstatic/BlogSocialSharingSupport/static-1.16/bundles/project.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf3e0ecae28a70c5e010c24c160321243efe54f497d49a6a8f31ca12ee7eb972

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 64909529c4e581ad4c88eb71f591fbc8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 733991
x-amz-cf-pop: YTO50-P3
x-amz-server-side-encryption: AES256
x-amz-version-id: 7bzlyDLBPgFUhJmnx6rYCRN4B2XAfbkA
content-encoding: br
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 19 Aug 2020 22:47:10 GMT
server: cloudflare
etag: W/"a81c70764750950eb72d4537c41e781f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=irUifP2kgm8sJJoS8uMQs8YgZEBugBQ%2FUSpgeg2KwZqAGvsgZ5zoRH8D3BX6HNQPKfTPiOiKRPYPrRcN2ZXUeq3YoxIXC4%2FnyjKAWS5hkos%2Bh1DnQ9eiylO12rHx%2FANA"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 831f362098843905-YYZ
x-amz-cf-id: Eok2RxI5QB6CWe18tYXiknIAA3VNPFCVpkrqF19u8WpVa9788oe8Ig==
expires: Fri, 06 Dec 2024 19:35:23 GMT

GET
H3 200 rss_post_listing.css
www.avanan.com/hs/hsstatic/AsyncSupport/static-1.122/sass/ 910 B
1001 B 106ms
101ms Stylesheet
text/css 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hs/hsstatic/AsyncSupport/static-1.122/sass/rss_post_listing.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

723fbf8d73cd4e75f64f7d21558585aa1658b11332e87bd288f6987e398ecfb4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 101faeb149b23d8a2ab2e8bae2efec18.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 810617
x-amz-cf-pop: YTO50-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: YluxiXaQWSQWC28IUPv3NXYXDi68ylxl
content-encoding: br
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 17 Dec 2021 15:26:10 GMT
server: cloudflare
etag: W/"e1b521ec14a912d6d385c21388ec7d79"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PqqvlqkccR9c4E0WkRUZM%2F8CjXwVeJkHifklp0VpnTAEsqFK0dm8nwmuF7RGd2m41z003xsQzokrQEv65kopFeFHioZy7htsocIXAM2Gk0wmyx1M8cMFIZHgPU0E%2Bza8"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 831f362098853905-YYZ
x-amz-cf-id: hU-ttE-U4z2FxusvAw-3fX7EKvUPSwqFQvoHWmbMGX6Do5ARJSGAbA==
expires: Fri, 06 Dec 2024 19:35:23 GMT

GET
H3 200 module_10828758285_updated-blog-cta-banner.min.css
www.avanan.com/hs-fs/hub/1835778/hub_generated/module_assets/10828758285/1681233594853/ 43 B
1 KB 109ms
105ms Stylesheet
text/css 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hs-fs/hub/1835778/hub_generated/module_assets/10828758285/1681233594853/module_10828758285_updated-blog-cta-banner.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c5109ab0fecc5ef21cc3eddf9e5e66741feb3c03a08c0c5d12a153bffe56a4d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
age: 3596
x-amz-request-id: PK1TH1Q8FSTPN63D
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: "5c9c72ede880a71bcb77cbc90d5183e2"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1681233594853
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 041a4887d523cabe8177e269cc358162.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: ltjXTsnFD2W5CxxF4UctYebNy2UB5hTD
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: bc2d1bb9-566f-4717-92ea-94e9ed194c82
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 156
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-id-2: fcmzEoLC5v7e/SGjMiW07aR78oe/PVIqVlfPkBN82MY/04xLoP8X/ynibrwnqmZBHr7ws66+6eI=
x-evy-trace-route-configuration: listener_https/all
x-request-id: bc2d1bb9-566f-4717-92ea-94e9ed194c82
last-modified: Tue, 11 Apr 2023 17:19:55 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKRFAUo5HvfDzxWNgioNWtI3a1pvarU3mpgnabkA5%2FxvFUO%2Fmuun8H8yr6XWKlL2Lxtqi5%2FWf38j4G7H6ei%2FQK6sFTcvoxkNMDKIHWH0oKIUQ1ghs5CdFzEGTs%2Bn8s36"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-54d77d98d9-bz2xv
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 831f362098883905-YYZ
x-amz-cf-id: zn__3D3rAYWJN1IerDntMoD03bv-4EQxifeE23eHESagizgpFxaNCQ==

GET
H3 200 module_10828273430_updated-blog-footer.min.css
www.avanan.com/hs-fs/hub/1835778/hub_generated/module_assets/10828273430/1681233744378/ 1022 B
2 KB 88ms
83ms Stylesheet
text/css 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hs-fs/hub/1835778/hub_generated/module_assets/10828273430/1681233744378/module_10828273430_updated-blog-footer.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a6284f5e68fe70bb17c9aecb532fdb513b37ec0096d21e9a7231fbcfeda6794

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 3596
x-amz-request-id: GBTFRA2RBA1D0WQ5
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"0db2aa71f1f3b6937b6f53dfa6ff0be5"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1681233744378
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 0ebe6e1aeade584a38f4b98aa3f2014a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: t.xmjVBLpB.BylnQD5kN_qjPsk0xLKEI
x-amz-cf-pop: IAD61-P1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: c71b5856-c21d-4e85-9935-ffbf264177e0
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 424
alt-svc: h3=":443"; ma=86400
x-amz-id-2: i63cYN6oMq8kAGN0Z361Q2TaZNYzsfQK5wMQJljlGf/IUddomNrP0wdOpN2RNUayUr73StZF+E0=
x-evy-trace-route-configuration: listener_https/all
x-request-id: c71b5856-c21d-4e85-9935-ffbf264177e0
last-modified: Tue, 11 Apr 2023 17:22:25 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2BA2KkM42%2ByHqQpjK%2FtBWZEc34mC5X1FplznjlKIGGdbd0a1t9Xs%2BSabWY7v%2FcpqjsW9Madhh1jA%2BUyc0yWq14ZTJ4KUzXpNlT%2F3CW4HZZXv4KVJvDOBozTM74NqTAVA"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-vbm4n
access-control-allow-credentials: false
cf-ray: 831f362098893905-YYZ
x-amz-cf-id: jM_fGJ-easSekflnggB3vhzBUrhqueUmEFGr5r7OzRf-KgFaXfmogA==

GET
H2 200 all.css
use.fontawesome.com/releases/v5.2.0/css/ 46 KB
10 KB 131ms
49ms Stylesheet
text/css 172.64.141.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Requested by: Host: www.avanan.com
URL: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.141.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984

Request headers

Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
Origin: https://www.avanan.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 826491
etag: W/"20a9ce516eaea76da29a23adc43e8998"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1SKvXIB%2BueD4WZYzuaIf5nTSzs5eI9nj4Bl51Ft70NQGg3sslg584fbtfiKzdf11L5GG0IjjCGcQ3bZ3hHd0g8TcT2UOhgBPQU%2BPs8wpqE1YYo7VvFA0ORg44V09K6Fv9V%2BnjH%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 831f36211ac10cb8-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 19 KB
964 B 129ms
49ms Stylesheet
text/css 172.253.122.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900idisplay=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f95.1e100.net

Software

ESF /

Resource Hash

3726f6f71175b54abf48e8863b8634461bcbf34831f7c1b0a1d11e2604782b3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Dec 2023 19:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 19:35:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Dec 2023 19:35:23 GMT

GET
H2 200 js.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.1.4/ 2 KB
1 KB 81ms
34ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.1.4/js.cookie.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3636e8810aa8b16828af450174251147977372f0201e77d464c719f110b0924f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 821193
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 767
last-modified: Mon, 04 May 2020 16:11:49 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec5-6c8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2BmaI6XT7St9bHI12mcJToqihizD7aR7fih4xnVD%2Fp6eIm%2BVhPF%2FhgLOoiarKii1%2FT4ThTEkNTNK6tbXNmYv60wntf9B92VEIL0qUQbB%2FBXln8U41pxYCTRwY4BpLyMk1hvgDC%2BL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 831f3620ddf336f9-YYZ
expires: Tue, 26 Nov 2024 19:35:23 GMT

GET
H2 200 in.js Show response
platform.linkedin.com/ 510 KB
160 KB 166ms
54ms Script
text/javascript 23.218.218.191
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.linkedin.com/in.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.218.191 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-218-191.deploy.static.akamaitechnologies.com

Software

Play /

Resource Hash

6770cd1c29b91775d780257571a50a97941cf0bf8b93f62d29691c502df96dee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn-client-ip-version: IPV4
server: Play
x-li-pop: prod-lva1-x
x-cdn: AKAM
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
x-li-fabric: prod-lva1
cache-control: public, max-age=3600
x-li-proto: http/1.1
content-length: 163638
x-li-uuid: AAYL7+2f8FBEXtEwzm8vXQ==
expires: Thu, 7 Dec 2023 19:49:32 GMT

GET
H2 200 layout.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1701955763068/hubspot/hubspot_default/shared/responsive/ 4 KB
2 KB 120ms
73ms Stylesheet
text/css 104.16.109.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1701955763068/hubspot/hubspot_default/shared/responsive/layout.min.css
Requested by: Host: www.avanan.com
URL: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.109.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 257855f4e23a1e3d382077b15bfc30971c9c261fc23512c88abfdcda05f28bc4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-encoding: br
age: 21925
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"94daf62e7e6df83595c6251fb0c7c055"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1701955763723
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Thu, 07 Dec 2023 19:35:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: beb36258-db10-4f1f-9409-911820aedbac
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 171
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: beb36258-db10-4f1f-9409-911820aedbac
last-modified: Thu, 07 Dec 2023 13:29:24 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bf%2FwsTrUez6RYxyLZPy%2BBSXqISDLxzBO6B6AplbKTW5drZophY6WTy%2F0B5FQf0l68G%2FVkdiT16DjZPYTRlzRybtrCOkUpBCP0zFjFUKnFvKPIK%2FTqEVXSa8awPZbq2EBcNM%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-57c4dd85ff-r2nf9
cf-ray: 831f3620de815497-YYZ

GET
H3 200 gradient.min.css
www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/5097885803/1577975559034/Custom/system/default/ 120 KB
20 KB 108ms
105ms Stylesheet
text/css 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/5097885803/1577975559034/Custom/system/default/gradient.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

08deb5fb8e8a49d3e598cab0f6c178154648cd6234894569a0987812b19475f3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 3596
x-amz-request-id: 5TMG5P6H5V4X69BW
x-evy-trace-route-service-name: envoyset-translator
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"336dca61498fc7140b09ba03ed7bf73f"
vary: origin, Accept-Encoding
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 7c4bbd97f5be908e33f403c3794f629a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: Np0IHzSsaoWIRo2pA7QSOE6GTgUdVUIS
x-amz-cf-pop: IAD89-C1
x-hubspot-correlation-id: 7fb9849e-5219-4c38-835a-134041195ef6
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 201
alt-svc: h3=":443"; ma=86400
x-amz-id-2: CWQhdzDMq5ciyl5zjVtcs9da5jkVMfsVW8yGzy41N0X8yqYtyig5j3LgtwSYZ4PVOazV/sL2kbA=
x-request-id: 7fb9849e-5219-4c38-835a-134041195ef6
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 02 Jan 2020 14:32:40 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tq1QkE5VS2U6FTGwElUOX9IbiTrVqmH0U%2FWxHfO6D%2FXPUH5DdTbKgWD%2F9P5iCBdLFMeUo1jYpWvDaWd5h199YM%2BDwEGtyb1z9clo6QKGArLgq13U%2FkVI6IIT5Yti1CmP"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-54d77d98d9-bz2xv
access-control-allow-credentials: false
cf-ray: 831f3620988c3905-YYZ
x-amz-cf-id: BWZRdrUlliE65oJ-oZU87HYDfUXPgKgRHQjCOgRkAieWFXShtSFUIA==

GET
H3 200 template.min.css
www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/6073351973/1693338321987/Custom/jacob_redesign/css/ 193 KB
34 KB 126ms
123ms Stylesheet
text/css 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/6073351973/1693338321987/Custom/jacob_redesign/css/template.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

92544ed57b172f513a507fe6d3e09d763bc23c413e47d110d8dc03ef896490dd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: 09X9GWXJMJRFD0DY
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"c532cb73709fa483616feef093f4d595"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1693338323621
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 7b32163caf7e91fe96df7bbeaa58c0f8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: V4U7qS8p16YQ5afAoV9tdACdkHL_IvNE
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: d5f4ee84-f12f-4ece-a2a4-f4f9902ed8a9
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 369
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 7E7RNd7EXN8EjQzv+0A8f7i8hiwtgzaf0QXebm5H1mgi01sUf2P4fF0aULeJknqrA+rba6PQqoM=
x-evy-trace-route-configuration: listener_https/all
x-request-id: d5f4ee84-f12f-4ece-a2a4-f4f9902ed8a9
last-modified: Tue, 29 Aug 2023 19:45:24 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4xp%2F5BtaeVBd5EsvCJgG8L62xz9hu3vKUj%2FSWG%2B8sVikLIeRCqg4FUszxypWGd2NBnNVdJrHWBMBxkombvlaslWa7%2FxTbJsO8Vl6khi%2Btf9D%2FxzJVy2x%2B57zaQmjvLym"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-5d487f56c7-v96mf
access-control-allow-credentials: false
cf-ray: 831f3620988d3905-YYZ
x-amz-cf-id: z02pdxqnLx3QI0jWCjWQlqDQLmEMJSu4AmfVWrdxVOvrBOV_EXkUMw==

GET
H3 200 animate.css
www.avanan.com/hubfs/website/code/css/vendor/ 76 KB
6 KB 82ms
79ms Stylesheet
text/css 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/css/vendor/animate.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8150a6e66442996f64560b128d0effe532ed5eabdf0a8c6176c8c4e8ed502e6f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 7f6b04942f28195d41e126f3dad955c6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-10555715886,FD-10555825155,P-1835778,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 638532
x-amz-cf-pop: YTO50-C2
x-amz-request-id: 1PH7N0MXSBJGFW8E
content-encoding: br
edge-cache-tag: F-10555715886,FD-10555825155,P-1835778,FLS-ALL
cache-tag: F-10555715886,FD-10555825155,P-1835778,FLS-ALL
x-amz-version-id: DNimaXPyQx0q8PYRQbkCSZdSE0X.bmnJ
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 9JU2cxMzTIedH8orNklCTMYJCo6Hj2RHcD9PYSgI5fb2oe/4j6f7dX1mH/iFx2xpvICkiNP1+2Y=
last-modified: Tue, 18 Jun 2019 07:24:00 GMT
server: cloudflare
etag: W/"d96b2083b0acbb11911bb4f068158299"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PoP4a7zggAOUMjbd7jN8AA9zMTnveI7hnDrSzproMScqMHIXNDzhmo5g24mAJSXF80bFa9i6XK5AZEPllU6rwUw9zt%2FzRTxNrmPch8oBIELwDRxkrq5NiH18wsLeHHvo"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 831f3620988f3905-YYZ
x-amz-cf-id: bE6KGnBf0YJ6tWVMAt9InOlB2aoV8GQTF6iC3hV0YpJHysw8ZusImA==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 hs.megamenu.css
www.avanan.com/hubfs/website/code/css/vendor/ 4 KB
2 KB 140ms
137ms Stylesheet
text/css 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/css/vendor/hs.megamenu.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4eed62e19ef261a18dade30aac09258399bbead589a04d061bce834f0d5a2bcd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 f8d2e956e186aef5f6c9bb38469c0bc4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-10555715922,FD-10555825155,P-1835778,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 626633
x-amz-cf-pop: YTO50-C2
x-amz-request-id: XM1V1KC032NY8Z40
content-encoding: br
edge-cache-tag: F-10555715922,FD-10555825155,P-1835778,FLS-ALL
cache-tag: F-10555715922,FD-10555825155,P-1835778,FLS-ALL
x-amz-version-id: xY1xlt9wqfq8h7_kClSamJ0VluM_5ZF9
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 4GKegjdHxBMALcuIhf9Zp90CGszcRrh0Zg3aKv7g40Pjk7E5PjFGTBg9z0Hj3tsffB4xD4BTMEnsm23oA6U2mUHbIlXojgSWLfXMY5nT/IM=
last-modified: Tue, 18 Jun 2019 07:24:00 GMT
server: cloudflare
etag: W/"c46d4ef35d114216ae8c0fe4137c84d5"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xiVHUjIuz1o51jsk9JmUQlHYrqrJQKGsZnPIsPxUTep46Ln1t4sG87JYWrw3oF6fDkxD0Sga9caYshBgrMItKSZC3hcDdYoL9%2Bbrsl51FYe7mGiniNyC5LOjHWYEmU%2F"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 831f362098903905-YYZ
x-amz-cf-id: P4ZUgjOOpvFmnnG__zWiZa-hBFkYwlGPJDzADMncfgGv8U2cIK-vTA==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 dzsparallaxer.css
www.avanan.com/hubfs/website/code/css/vendor/ 19 KB
5 KB 143ms
140ms Stylesheet
text/css 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/css/vendor/dzsparallaxer.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a62430c1506f9d9ecc0bca9ffa39a073d5148f07be4aa54ed4532f9650caf56a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 fb9ce5ade4fc6d73adc1e5a3c12522de.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-10555715948,FD-10555825155,P-1835778,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 724552
x-amz-cf-pop: YTO50-C2
x-amz-request-id: TBHYT4018AMDN7BD
content-encoding: br
edge-cache-tag: F-10555715948,FD-10555825155,P-1835778,FLS-ALL
cache-tag: F-10555715948,FD-10555825155,P-1835778,FLS-ALL
x-amz-version-id: OQfzSS0e1XiUHyu7fgd1SQC64WCGDBlx
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 4q85tWIdZiy7VIlW9wXZmX/sZvCljarreW3B6XGA6lmZcv88C16L2JTm5oDMRhAC/Sl4BNkIXwNyEhRQyHkxh7RChkudUJVEgAqz34miFeY=
last-modified: Tue, 18 Jun 2019 07:24:00 GMT
server: cloudflare
etag: W/"319d193fcbeb97bbd3c83a72ee3dac65"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4b1DehsnHE5IrdUHv02YejBOLW%2FMfw7ON0oHrQUletC8SLO4uJgREG5P7930SyFEhJ4NZJx4esEC30PO%2BU5KbWXXpRatzml%2FgYnAvVjnAjga8sSyu98lGdzRjb%2BUleAa"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 831f362098923905-YYZ
x-amz-cf-id: aqI7e3hrzvCCJBOZnpBuhk_ywXsNots12CfcQps5slPYKR22jDQr6g==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 custombox.min.css
www.avanan.com/hubfs/website/code/css/vendor/ 41 KB
5 KB 144ms
141ms Stylesheet
text/css 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/css/vendor/custombox.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

deb3d40a52e939dc606cacea278753f149b56d19b6619994069659687e3a7728

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 5e2f1ed3ba0ab1e08304bb3d134360de.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-12524627747,FD-10555825155,P-1835778,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 803821
x-amz-cf-pop: YTO50-P2
x-amz-request-id: AJE466MSJ7XBV6SF
content-encoding: br
edge-cache-tag: F-12524627747,FD-10555825155,P-1835778,FLS-ALL
cache-tag: F-12524627747,FD-10555825155,P-1835778,FLS-ALL
x-amz-version-id: 7rgoaYxL_.zq0Q9pSWvug18ufCSiqriy
x-cache: Miss from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ufTLqWP4AuOWBmP4bqwnTaPYcrTB2vOGxSaI9Der0TPs8462dqORdb2nrYkmh3dyrNhzS/q1y6PKUkmTWxsHFGfPnyXlUBUOGz+bTRZd7r4=
last-modified: Thu, 29 Aug 2019 14:21:43 GMT
server: cloudflare
etag: W/"3546f0274dff535bcf97625374c1c7cf"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8y%2FBVh1kHSV%2B9zczMU%2B2MV0oynXphKXmFdnjBKE1L8NFKspslCw25tB7r1%2F%2F0jOawEM24lJK%2BArqUPCg6cxL%2BTbpoI056QGSxHIHUNOIyHej4J7RH1hs8BmYOhPqRsbu"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 831f362098943905-YYZ
x-amz-cf-id: 6uxiMPu0qeZykLix5b6sn7JwoSh6YGPVmZW_al5PaGsAhf_I-Lvlhw==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 theme.css
www.avanan.com/hubfs/website/code/css/ 393 KB
55 KB 87ms
85ms Stylesheet
text/css 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/css/theme.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf53806c2a4cef2c89a8502411683c83162fe73859d7d24244259e7e793df68a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-12350310726,FD-10555529544,P-1835778,FLS-ALL
age: 724552
x-amz-request-id: AJE88CFPW5XBAGHE
x-amz-server-side-encryption: AES256
edge-cache-tag: F-12350310726,FD-10555529544,P-1835778,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"dd24981f95399e7f2d5674114004c268"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1566500436528
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 e6bfe249d47d39a52673337cf444c9ce.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: .VuZQK18yvpctq7eWnfEjZ9JXuCTwHN5
x-amz-cf-pop: YTO50-P2
x-cache: Miss from cloudfront
cache-tag: F-12350310726,FD-10555529544,P-1835778,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: dJFu9UJzViOrCwS4DD8Ck6Hj20IwE8BWSCEVbCD6KVfpMCPuoSVXATtEr0vefTS7ipB0jFgeOCo=
last-modified: Tue, 29 Aug 2023 17:12:22 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpWbuN7mzcn5e4bFTWFBUUFi3F5C2DDKnoYv%2Bh0ce7FgNr1Qb7zacI1I56GzPhcdlgQWYM6D7nEF4%2BKtzlp%2F2lpUHRd9DI6qHFmnDORtuf7zfe717PpcNp%2Fub80mz5YH"}],"group":"cf-nel","max_age":604800}
cf-ray: 831f362098993905-YYZ
x-amz-cf-id: 9tMRmu_3UJJODLcjFmvJ5NTyR5JSebZxnCjQm0ShXC8pKJv_PS7kkQ==

GET
H3 200 header-slim.css
www.avanan.com/hubfs/website/code/css/components/ 84 KB
10 KB 84ms
81ms Stylesheet
text/css 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/css/components/header-slim.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f54ad99ac9b8bf0271cc6d19132826863aa3dc7077b4d5c586f99c46130efb30

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-29822257866,FD-10639271059,P-1835778,FLS-ALL
age: 724552
x-amz-request-id: AJE75FVM6JSYVFCA
x-amz-server-side-encryption: AES256
edge-cache-tag: F-29822257866,FD-10639271059,P-1835778,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"b144dc1e3369574aa43f95d44261c80b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1590586777336
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 6889869bf680fe34cca722f0a05e1106.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 42YSFG0lTWtnZ.W1lT05OT2Zcvw1os6c
x-amz-cf-pop: YTO50-P2
x-cache: Miss from cloudfront
cache-tag: F-29822257866,FD-10639271059,P-1835778,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
x-amz-id-2: TtCvYJ0JkGPbw5Tf6b/jsMUpyj0aPHDihMy35vYX+fn5evtFBQhhmVUHqtvftfJZdQn1PbOSGz8=
last-modified: Fri, 08 Oct 2021 20:18:11 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DpfjzF%2BzuOl9I2x4PwgXEbADO7DyW%2BtwS%2FfesFoH7XRpEFzgQ30iy1cWH43C38k4hvPJ0e%2FNSqaRqKVfonB9DexHw6kDXhmcZQbKPFDFej5%2Bh3VP1YPYaB0E%2F5s7C6Kq"}],"group":"cf-nel","max_age":604800}
cf-ray: 831f3620989a3905-YYZ
x-amz-cf-id: uyfhs5LfjfdBmN_XdyqBjmZLiyWtKeVChik9OsvxEPPcMhSF9EsSsg==

GET
H2 200 css
fonts.googleapis.com/ 5 KB
956 B 126ms
48ms Stylesheet
text/css 172.253.122.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cabin:400,500,600,700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f95.1e100.net

Software

ESF /

Resource Hash

221a2d2c81d6c147efa694dd73f51bdcb8ecf509826457780c44f5026b6d5a71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Dec 2023 19:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 19:30:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Dec 2023 19:35:23 GMT

GET
H3 200 How-Safe-Are-Your-Emails-featured.png
www.avanan.com/hubfs/website/img/infographics/ 621 KB
622 KB 145ms
143ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avanan.com/hubfs/website/img/infographics/How-Safe-Are-Your-Emails-featured.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8deb475ac50713a43d3cf93fb2579f1badda5b9dee5704850b032f0f25564895

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-52270339845,FD-10949243896,P-1835778,FLS-ALL
age: 803821
x-amz-request-id: AJE736NPEQWFP8QR
x-amz-server-side-encryption: AES256
edge-cache-tag: F-52270339845,FD-10949243896,P-1835778,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="How-Safe-Are-Your-Emails-featured.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "c633bdada0f0b6b3a8ed9923b6fb540b"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1628160146967
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 890304274d84dce52c3c8a65cb402758.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: .d7FqQt._o1Rnh6A1lokFj0_Ws48Edpl
x-amz-cf-pop: YTO50-P2
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=866167
x-cache: Miss from cloudfront
cache-tag: F-52270339845,FD-10949243896,P-1835778,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 635542
x-amz-id-2: 5brCUFO9Kh+VwHcHYNJ+vj1l04AhC97rY4oU61MXMAXMfX8HL3NYqtw+8HkFLULhVbGaMfECdCw=
last-modified: Thu, 05 Aug 2021 10:42:28 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=22Uvm3YK6mo6OV6zD8KpUI1P7seTgSjlrvE9z2bQPUsJBU5UMzoMveGC%2BtdhKvHeQvy2iOYDdZvYcLRxpOZHiDxbYacVCfGqorSVeqX12An2VPMxcA%2BexNLAPzOY65rh"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 831f3620989b3905-YYZ
x-amz-cf-id: Z3Wd-AV5MCr-gZse5ZKyeYuok83cIZY2ES-FPsrZGgsi3aky8eKWww==

GET
H3 200 av-cp-logo.png
www.avanan.com/hubfs/website/img/nav/ 26 KB
28 KB 203ms
201ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avanan.com/hubfs/website/img/nav/av-cp-logo.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a87eea0ed4667d6241611511e68dce431477cbd9a06c9482b01323d6a0b972f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-57079767617,FD-21136118110,P-1835778,FLS-ALL
age: 724628
x-amz-request-id: PK1X9D960WCK22AP
x-amz-server-side-encryption: AES256
edge-cache-tag: F-57079767617,FD-21136118110,P-1835778,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="av-cp-logo.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "54f8e06ea392f631745f18834b4f75fc"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1633720390182
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 4e4d9ea09cd9de42a68977a2ab50f752.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: ihC_xVZudFnTMh6T1X7C3_Yl8xLb15Oa
x-amz-cf-pop: YUL62-P2
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=45855
x-cache: RefreshHit from cloudfront
cache-tag: F-57079767617,FD-21136118110,P-1835778,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 27014
x-amz-id-2: JIdczl7wXqJbRbVfor4S/i90QSAggZMmbDsw4v5iDnrNo+y3RsSLPhvDdxmTlMJ5lL7obQTN1XQ=
last-modified: Fri, 08 Oct 2021 19:13:11 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dD27kDxi6w%2Bztiha0C9iAwya3JvPaKkngIaEfYqSvLkL7gh3RD5Ms9XtzI%2BWSuBIxRuvGEfrUAB72VxlhVhAEwE31qqeesgc5QGLRxbej8%2FO6Q2FKciFYPxUHhzcZJnn"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 831f3620989d3905-YYZ
x-amz-cf-id: XjVqXc4bUsj1hv321dK_tGzXU-288ArIWu6yr-yF03b3hMBtrv9_Cw==

GET
H3 200 documentation.png
www.avanan.com/hubfs/website/img/nav/ 868 B
2 KB 72ms
70ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avanan.com/hubfs/website/img/nav/documentation.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e94bb9eafa09b4181f7208f1466552561329b27bc870ea785be1fbbeb32661d8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-21241301263,FD-21136118110,P-1835778,FLS-ALL
age: 820210
x-amz-request-id: AJEBM9JYS9ANH1ZX
edge-cache-tag: F-21241301263,FD-21136118110,P-1835778,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="documentation.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "f4d503cd55e042264b3bbd74f58ac560"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 5fef2688877996791689cf17ab2832d0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: V87Vzt5MSqkUDoZ5asBko88rN0wJ5iGd
x-amz-cf-pop: YTO50-P2
cf-polished: origFmt=png, origSize=3416
x-cache: Miss from cloudfront
cache-tag: F-21241301263,FD-21136118110,P-1835778,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 868
x-amz-id-2: uPKHKKfDb9qzETFIqXcbMTRmCOh6eRrZY+hvj6tMMNI9izLYPqBrxqK4n3ulQb2M7t87VVkbX7I=
last-modified: Thu, 14 Nov 2019 20:20:22 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iYN8ySLyMhPWyk4HBV0xNYhyD0GpFA2IDiQ0nvix8ZVxpaP7nmcxpp%2FBeNHJx9LquseDo91aleFDbKuoBeltNeDOKbdi1zeuWegj%2BW8eg1O40x6gXYkIONR619cABweL"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 831f3621dac33905-YYZ
x-amz-cf-id: oRDFiEJQMTScCxBGyRY1LGz2paB45eTZCc_UvwJsL1b4qOTNQaE2OA==

GET
H3 200 open-ticket.png
www.avanan.com/hubfs/website/img/nav/ 700 B
2 KB 56ms
55ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avanan.com/hubfs/website/img/nav/open-ticket.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

03817f3f6505178f6f24ef977ac8cd844ba3427f0353759e41bea905c565020a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-21241291417,FD-21136118110,P-1835778,FLS-ALL
age: 724628
x-amz-request-id: AJEBMHSE2H6BPQBY
edge-cache-tag: F-21241291417,FD-21136118110,P-1835778,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="open-ticket.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "9034a241fdd02e0d9dc532075852965e"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 04fa8a9e73b27e301fb4b6d36f313186.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 0c9cY9eUX.md23IeRyXXqhmeaLhfDOS6
x-amz-cf-pop: YTO50-P2
cf-polished: origFmt=png, origSize=3180
x-cache: Miss from cloudfront
cache-tag: F-21241291417,FD-21136118110,P-1835778,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 700
x-amz-id-2: 6mCP9kAXKguPmS5ICXnEFQISTqSnyN4aXl5nr5o6r/H43FkUOpKF2eSpmj2B6XAHUJSkCigfUbg=
last-modified: Thu, 14 Nov 2019 20:20:22 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2aRw3ZdJHvEZjlvHI5oXFWm%2FxBPHMW%2FACujy3V2jK8WpsuqtBUrKd7WY4FyIjZ%2FS6LcOzNMa9umXo9NE6nPXHA7HImcf5JyD%2FjD9I2n8Fq9T70REnAhwLY0RdwaS%2B2A"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 831f3621eae13905-YYZ
x-amz-cf-id: AgdG-5R0TyNce_i0kxut4d2XvlOi-ECSwPnH09NCiFn2YUS1RpwcwA==

GET
H3 200 jeremy_fuchs-1.png
www.avanan.com/hubfs/website/img/people/ 1009 KB
1011 KB 86ms
84ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avanan.com/hubfs/website/img/people/jeremy_fuchs-1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c31f9221454873de9c5bc222c2b5c97f216d3b21b0a3589f77f49fbcacf4a0d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-27817468088,FD-26510702723,P-1835778,FLS-ALL
age: 273901
x-amz-request-id: SQP5FDD3DQCPNDGG
x-amz-server-side-encryption: AES256
edge-cache-tag: F-27817468088,FD-26510702723,P-1835778,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="jeremy_fuchs-1.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "f708d6febff5bc6d07172bd7465dd726"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 1f0f1388abc5c7a2f1935aa322216120.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: nQ.kuHwFXuupsUc1qfCvxdS2PMk7c1js
x-amz-cf-pop: YUL62-P2
cf-polished: origFmt=png, origSize=1632605
x-cache: RefreshHit from cloudfront
cache-tag: F-27817468088,FD-26510702723,P-1835778,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 1033412
x-amz-id-2: AWh5oMEx55CZvSzcj/5O5L6GRLHKVMIG/1yOJBV3nJl2kwYmTZisC28AEY+wPZrSCaUKjGWkmb4=
last-modified: Tue, 31 Mar 2020 14:03:42 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=khZbjsATZcct1Zk4rTQBU21DlNFamMQIh4U60hFOCm0ZmAEBA1ITo5ZYYKkyFwN3%2Bg%2Fih1e%2B6hIgzd%2FX2obHYY0ua8nDY8qmAnWnpIRRUHt33D3%2FTDCxUgMOZTzt4y51"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 831f36223b793905-YYZ
x-amz-cf-id: OcrucXq7j6jHm3SHvfZ656skdHkecW0H5qXoKnkVcUiYNBvGJY-UGQ==

GET
H3 200 Featured%20Images%20%282%29.png
www.avanan.com/hubfs/ 29 KB
30 KB 63ms
60ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avanan.com/hubfs/Featured%20Images%20%282%29.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebd811addff53145da623fb3ceec50819469d1bef75de7e16cbcd613623015ab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-147474802009,P-1835778,FLS-ALL
age: 19385
x-amz-request-id: NZVBAR5X3XKR7AM4
x-amz-server-side-encryption: AES256
edge-cache-tag: F-147474802009,P-1835778,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Featured%20Images%20%282%29.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "a99f3d21b67a304697e028243eba4cb5"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1701117395403
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 4e4d9ea09cd9de42a68977a2ab50f752.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: xQINAWvgUcJWNOmiyDzDQWAcBTJ5L3Cc
x-amz-cf-pop: YUL62-P2
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=56715
x-cache: RefreshHit from cloudfront
cache-tag: F-147474802009,P-1835778,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 29230
x-amz-id-2: WpD/p3CiIBa8iScZgFc7xdzjjnoMTQD3GnG69QdSVhRnHUy9yUiutxZiWZf8q/FE57qCT9VZC9CPZ6amkrd2yA==
last-modified: Mon, 27 Nov 2023 20:36:36 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xk0iup%2FaERjJ2xVt7Lp5g%2Bv0rVv4OZJWx2CO40c%2FEi3ZeX0HnyDQP9USvhzXO0v0mqLPBNArMD8shMY9%2BXZ%2FxEE%2BpTcmdVxX%2Bn2MW3Qid6myg7XG7sVd7VhPkn4uotxK"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 831f36223ba13905-YYZ
x-amz-cf-id: fsqEO9sqlg7C_boytG_AVLak78xnyUuX9aw8LyZVRYIJ48kbS1sEYg==

GET
H2 200 c953fa87-efa0-494e-9947-98ffe764fcd8.png
no-cache.hubspot.com/cta/default/1835778/ 1 KB
2 KB 452ms
148ms Image
image/png 104.19.155.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://no-cache.hubspot.com/cta/default/1835778/c953fa87-efa0-494e-9947-98ffe764fcd8.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.155.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf6f2ddd3a93cfc831316931e733e85bfa4d344c33398e6c32115761bec7ba69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:23 GMT
x-amz-version-id: null
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-request-id: W4G9WDA2GACFXGJM
x-amz-server-side-encryption: AES256
content-length: 1111
x-amz-id-2: Te26JEaQbQCZHXVfPjqGEZFDRjZSAynJy9XriGNkeORGaCpxd/tkCDcfsUAj99lDnRdXejOx1QI=
last-modified: Fri, 24 Jul 2020 18:46:48 GMT
server: cloudflare
etag: "af14e3eef5578014fe49b0f4a662ac5c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qu%2FMVcwnIJN284JdnJogrBc9ItgMv%2FApHxXYV5fR%2B5J6PpXBdEPixr3xZdiYXxFu%2FSsGxJMld63ITQuOgWnf362GxbLYyNuX%2BW9hwMcAWekqildwNSuuTjc9408%2Fr%2BuVQdGycCpj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: no-cache, no-store
accept-ranges: bytes
cf-ray: 831f36241c083987-YYZ

GET
H2 200 current.js Show response
js.hscta.net/cta/ 18 KB
7 KB 89ms
34ms Script
application/javascript 104.18.209.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscta.net/cta/current.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.209.51 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8abf600128e431bb9631811f74561e1bab28dabc060b06ac5cf66b3a6c80f086

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-encoding: br
age: 82
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=cta-embed-js/static-1.233/bundles/current.js&cfRay=831f34221cb13987-YYZ
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"d113346227aa04edafd99372bf067e3c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: cta-embed-js/static-1.233/bundles/current.js
date: Thu, 07 Dec 2023 19:35:23 GMT
x-amz-version-id: ALEtPa4hlugPCiR6t967Oz5k.P8m3vSN
via: 1.1 caafbc8a9aa04b09dd564a3ddef60622.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 31dd92fd-5bc6-424c-876e-97b679802280
x-cache: Hit from cloudfront
cache-tag: staticjsapp-CtaEmbed-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
x-evy-trace-route-configuration: listener_https/all
x-request-id: 31dd92fd-5bc6-424c-876e-97b679802280
last-modified: Wed, 22 Nov 2023 15:38:54 UTC
server: cloudflare
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-b78fbd96d-rjqc8
cf-ray: 831f36228e0139cb-YYZ
x-amz-cf-id: lnveS59PgcRfTEJnImCP1D_YiTMgEe74LtfWk1DtQBfFZZA9bAsbmA==

GET
H2 200 widget.js Show response
www.gartner.com/reviews/public/Widget/js/ 9 KB
3 KB 1161ms
38ms Script
application/javascript 99.86.229.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gartner.com/reviews/public/Widget/js/widget.js
Requested by: Host: www.avanan.com
URL: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.229.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-229-18.iad79.r.cloudfront.net
Software: Apache / Express
Resource Hash: 6337931044ffad3ef0a3b4382b0f098e7c242d5b1ce424b0ee88f2d0daf1f474

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 14:53:46 GMT
content-encoding: gzip
via: 1.1 fed66e6ba2cb68c8ee66c75c4798daf8.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C3
age: 16898
x-powered-by: Express
x-cache: Hit from cloudfront
last-modified: Mon, 04 Dec 2023 09:24:54 GMT
server: Apache
etag: W/"231f-18c34251270"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: 7gU_EImB4zRskXYGazXHhR02GNJ9C8wGRvUCz4M__Bq-if78LcUVwg==

GET
H3 200 av-cp-logo-wht.png
www.avanan.com/hubfs/website/img/nav/ 26 KB
28 KB 75ms
71ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avanan.com/hubfs/website/img/nav/av-cp-logo-wht.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe5f4af17be162aaf3e1dadbc08fe06e678c87620a221b3fef8e2ca7a779986d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-58090235831,FD-21136118110,P-1835778,FLS-ALL
age: 710324
x-amz-request-id: FWV3909TQNA8H6G9
x-amz-server-side-encryption: AES256
edge-cache-tag: F-58090235831,FD-21136118110,P-1835778,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="av-cp-logo-wht.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "6b25c756c0ec059c8b971ac07c1a44e2"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1634845767354
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 cfcfb1d8fbf5ce2b107182799687a614.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: r2zJbm9CEK3FOJ9Q8VqLC35kT_FW.6aY
x-amz-cf-pop: YTO50-P2
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=46170
x-cache: RefreshHit from cloudfront
cache-tag: F-58090235831,FD-21136118110,P-1835778,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 27120
x-amz-id-2: rbQWeDZDDJFziezy8JCYNnfjk3E6czRvk1+l7jp12sALqkBMMCvHiUn2Jc5ou8b32wgSah9wAGoTVEtLvKOY4kqZLwlE5DeyPB3p4Zh8fNo=
last-modified: Thu, 21 Oct 2021 19:49:28 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IuYN0xSVc9rTVd%2BHdF2OM5tzUksOlwgliBL4DFflES55KlrgSoH0wdzGtpEk0ogRV5pFIgjxAZGX%2BECJGNt8LSC7UWmwO1AXNB4Z1THKGvEabNn7MzBrZSSElFawwq9X"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 831f36223ba33905-YYZ
x-amz-cf-id: wxdM34poTnPAEt9-l2HRQZulJ_t2jdFRmB-OqI8JBJYIVUtpZDmLgA==

GET
H3 200 soc-2-cert.png
www.avanan.com/hubfs/website/img/icons/ 27 KB
28 KB 129ms
126ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avanan.com/hubfs/website/img/icons/soc-2-cert.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

49c8d692cb67ec3cc5b35e839c50c5c9eea05fe3ce82894eb02d22240554a0aa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-24177175536,FD-10543955849,P-1835778,FLS-ALL
age: 626632
x-amz-request-id: KBA1QTYY05J3Z9MJ
edge-cache-tag: F-24177175536,FD-10543955849,P-1835778,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="soc-2-cert.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "2242d63f47a733e65cdebd6f3be3a08a"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 dd96101693c9f13a5efc3b0280199938.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: ENN2NKV.l.gZzdTLCJgVyrfErf7Uu3mK
x-amz-cf-pop: YTO50-C2
cf-polished: origFmt=png, origSize=44339
x-cache: RefreshHit from cloudfront
cache-tag: F-24177175536,FD-10543955849,P-1835778,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 27216
x-amz-id-2: ky/+a9EHNu8SWZBfREri308QfBYShablqohYvRWVVGwPduCyF4nNgby7YhJhVT0Kg05I+2D+j1E=
last-modified: Wed, 08 Jan 2020 19:24:41 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gL549IhJXy7FLUO25BRTKFzfBf4lAdZaEV4uASl%2BumZTOjMwMsCmJ1QWxsWMH2azClziJyPz%2Fwy1S%2BZmN5YBXrXaFdBv4Aw3m5FZqNMJFRjAGByfyvQKpTj5J7k6AbYS"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 831f36223ba43905-YYZ
x-amz-cf-id: mIyJnNNjjh9cJgVfwjsf451Ss3GJJNuFTHkKYRXFGkK639N1kbBoOg==

GET
H2 200 embed.js Show response
static.hsappstatic.net/content-cwv-embed/static-1.388/ 14 KB
6 KB 86ms
41ms Script
application/javascript 104.17.192.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/content-cwv-embed/static-1.388/embed.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.192.96 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34942d531ecf961a2a6777526aef0c7d17f28a4ce9afcac868eb132c700bfe5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:23 GMT
x-amz-version-id: GNgANes_HpxlXMl5IDFfVeYnBgfaeeYN
via: 1.1 2cf47d29654db45db9bba43a6d5a68e0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: YTO50-P1
age: 722716
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 15 Aug 2023 19:48:57 GMT
server: cloudflare
etag: W/"8741985292d64b839be39c64b14f3783"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZrCXLPF%2F9YqtyD00phWb5gP8dvlM8%2Be6MqrFPKYb%2FK%2FRVu8%2BCjOfmGP8Uxew%2B7jSTXohZQLLRR%2Bt7fN7Wzs8FbPp50WmGiRsXHvYcEc8AaTqIhaoJIlPIF6T9LZnDniFlYIpGjwhUA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 831f3622890c53e9-YYZ
x-amz-cf-id: tBHkRrFKz_CdpS4TT3z2zDOFhMMQ0iJhJurHAQYei-UNXrCmNF24Ow==
expires: Fri, 06 Dec 2024 19:35:23 GMT

GET
H3 200 jquery.js Show response
www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/6476923280/1577975561851/Custom/jacob_redesign/js/ 142 KB
38 KB 80ms
74ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/6476923280/1577975561851/Custom/jacob_redesign/js/jquery.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

057d87ec0edbdb5fe7d60d32da4c3abfe1dc2e6a0aacd6543a5e9dabb7bbd21b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: Z7EYTPK915ZJ0752
x-evy-trace-route-service-name: envoyset-translator
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"58abfaae2dedf59326b2ea681f828a06"
vary: origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 041a4887d523cabe8177e269cc358162.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: ebM6Jbr9unIlIJHsCtn.BkHxdP32W5Tn
x-amz-cf-pop: IAD89-C1
x-hubspot-correlation-id: 6572364e-04e8-471d-a46f-7b60f7a654c5
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 164
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ysHxqOc2hHpQGDfK26HUoZ265IIblyfcVOJUDbS4eH3+OStSY4tlTsKGp6Asqys0S9FkTZ48JuU=
x-request-id: 6572364e-04e8-471d-a46f-7b60f7a654c5
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 02 Jan 2020 14:32:42 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5omkW1MvUOmpRLpOYcm7vzMLS2ZF9gWhSgrW3g7sS2CXSAR8m4jATeNqJipJZ1COXgrjtYShxbiV62RyDFlAmK0rxv7VDZ9CaQCujOBgqLCxqlwVxLxribIdZTjSKfjM"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-54d77d98d9-mdhhg
access-control-allow-credentials: false
cf-ray: 831f36223b883905-YYZ
x-amz-cf-id: vNwyiQFCx39j2aGizPDWEo-gT6qLZnQ31VR9DWGKsslnGEN80726jQ==

GET
H3 200 bootstrap.js Show response
www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/6073918834/1577975558617/Custom/jacob_redesign/js/ 112 KB
22 KB 121ms
115ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/6073918834/1577975558617/Custom/jacob_redesign/js/bootstrap.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

71577fb46a22fa031506bab9c5ddb4640e38ef10a1b4959a11288b41ce4b0757

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: JY37TF3662BFF3H9
x-evy-trace-route-service-name: envoyset-translator
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"d810a38ca2781735a27cba0625a027db"
vary: origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 d2e1e0faea045dae6d3b3de4549846ee.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 3IDp6mXhqSOlZQ4n6QKdC4Peyv0EBjJp
x-amz-cf-pop: IAD55-P1
x-hubspot-correlation-id: 28635c1f-f887-453b-8863-a1bd92e3591f
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 167
alt-svc: h3=":443"; ma=86400
x-amz-id-2: b2g2FiTOenWhmyLC8p7eculxjiVtp+AhfZ63H/G6wOikTYsOiFYjFL7pRDcvhVP2/jAgdRst99A=
x-request-id: 28635c1f-f887-453b-8863-a1bd92e3591f
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 02 Jan 2020 14:32:39 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=amNCp0qtRUvgF4TlpHzvFGKLUkoV19VGP6BUXu50eC%2Fzh0HnBKZnxLFVnT1lUATWdbbN%2FzEG%2FnO4IaKywi2e98CzaBCXdUDHjYXIB7%2BWc7qDh3tRPadCcue%2BmwhaVT4o"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-2skps
access-control-allow-credentials: false
cf-ray: 831f36223b8a3905-YYZ
x-amz-cf-id: Yvr8CyIh1JdzQfqJr2Tn2duVydCdCvdiDzHb0UAI3w3_GdvrsTOUGw==

GET
H3 200 plugins.js Show response
www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/6084513730/1577975558722/Custom/jacob_redesign/js/ 508 KB
119 KB 122ms
117ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/6084513730/1577975558722/Custom/jacob_redesign/js/plugins.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a82df3611c2166b9b9e824830c57bc09ef40860b9dc83fb2897b9a2a3ab0b98

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: JET6SMFTR3N60JWX
x-evy-trace-route-service-name: envoyset-translator
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
x-evy-trace-listener: listener_https
etag: W/"c612fe430751a00bb8750c6601520596"
vary: origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 93db32d5347403a3ab35b40dbb40e860.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 7fqlaiSrobvA_myCcLItYFNxElIoA1r6
x-amz-cf-pop: IAD66-C1
x-hubspot-correlation-id: a035bd4a-cefb-4124-ab04-15d96901a414
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 142
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ddCoGY3mZExbLynw49W97PJJNgRAykJlaeuBFJLfsiFw6d6Ir6jdN+2B5aBD5ZrLxtMZ900IOxw=
x-request-id: a035bd4a-cefb-4124-ab04-15d96901a414
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 02 Jan 2020 14:32:39 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpq67oVYGK5fczwJ8PJ5dFO1FfRKaWG1qIlsnCrucGBk3OVc6fWB1x0l6nJeycaVYyy%2BPwDb%2F%2BjrUyd69zkRPjeU1oJy1syyFOnMBgWGW48e8FaCQn9NG3w0mlYaqU4V"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-pfskq
access-control-allow-credentials: false
cf-ray: 831f36223b8b3905-YYZ
x-amz-cf-id: 8ULYaZuCdhhRDTgy2bgiLysRvBaF43SOe4kHQe6SrzyPWOG71t3xTg==

GET
H3 200 module_11124227288_updated_blog_body.min.js Show response
www.avanan.com/hs-fs/hub/1835778/hub_generated/module_assets/11124227288/1683298027233/ 244 B
2 KB 125ms
120ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hs-fs/hub/1835778/hub_generated/module_assets/11124227288/1683298027233/module_11124227288_updated_blog_body.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b057f4707a4e3bbf69647a669ebc4dbf35a9b5b25864b5fc63162e71f58621c8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: QMP6D35E71W29CJT
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"cf3f93254ba12a90654162233cedfbcf"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1683298027233
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 8fc9659fc06389e49927f68638e9bc94.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 2vRBYqYBKn.Un2cVRgM_9kk_TDebYnrs
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: e2fb8580-2db1-4a6d-b52c-48d3ea39dd02
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 145
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ZACg4BkGcTgh+mpiB5KitrRwZMsB6ozcjYK7LifWXQbuZ/+GcB1iO0t5SneMUHKJWfnHjsEXvMzH1/8ZvKn5Rg==
x-evy-trace-route-configuration: listener_https/all
x-request-id: e2fb8580-2db1-4a6d-b52c-48d3ea39dd02
last-modified: Fri, 05 May 2023 14:47:08 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=76SnRtYTdZztlVno64DmVqbHhkQJBPyode7ei4XLDWFxyUKvjmmtW6zA21U856dV2u4nygSEGTchIUr79xIIfYcF38tTgWZbHFu9NWQxtjBEil2nUqtc80lLdHU7wG1o"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-5d487f56c7-v96mf
access-control-allow-credentials: false
cf-ray: 831f36223b8f3905-YYZ
x-amz-cf-id: IsFtEiJnlSDRVEXjaXGWldaMgVo9m32S4VmfQFPUxVUPd_iiWkiwRQ==

GET
H3 200 1835778.js Show response
www.avanan.com/hs/scriptloader/ 2 KB
1 KB 133ms
130ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hs/scriptloader/1835778.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

01dc3c1a9cb4d6b8101f8b81973cc595d038184c30aea93d47c09da82454706d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: f7a422bc-8869-4e8e-98dd-6bb865e67b7b
content-encoding: br
x-envoy-upstream-service-time: 10
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f7a422bc-8869-4e8e-98dd-6bb865e67b7b
last-modified: Thu, 07 Dec 2023 18:28:45 GMT
server: cloudflare
x-trace: 2B792029F7F206A1F4D1164F18130BDC951D902BD6000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.avanan.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-6ffdd984b9-bmbqn
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OxNih3fzkzjdKGk2vgzL%2Bm33PZ4iiRDqpHc3oj9sgTD2FxjjBTHVnY83OIQYbBMafsug8jAYvqV01OZW%2FJN%2FVP2%2FK%2F22IdXawJgHBG8Ro2rY7OlkIbOgcPzVAkMosyo%2B"}],"group":"cf-nel","max_age":604800}
cf-ray: 831f36223ba53905-YYZ
expires: Thu, 07 Dec 2023 19:36:23 GMT

GET
H3 200 index.js Show response
www.avanan.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/ 11 KB
5 KB 133ms
130ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd5e0c3a0682f03217f201588e51e77bf778d5506224074918f505423f0e25a2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 ede5c8e7b29cc9290d2f384042d78428.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 559911
x-amz-cf-pop: YTO50-P3
x-amz-server-side-encryption: AES256
x-amz-version-id: inhS2tX2f2C4tITR3p2haS.uhsvA9eGz
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 21 Apr 2023 15:17:56 GMT
server: cloudflare
etag: W/"0bbd63c0750f141fd5cec04a9393647e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CIp4F8V9S3muRe4tcdfi6jSphDPXiBhYmGT9%2BI6RUuazE%2BYXkkMFSx2pI5HuF5hf4UU0XLvaclfbJ2wNAGOo4YVh030J2flTQVXPrjsL7Vsg5i5L87puijzSrq67aMCr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 831f36223ba63905-YYZ
x-amz-cf-id: B9NKkPEA1HVSdIbIa2Y5IpCZlouDxMjAz0GNxQcPZO7bFLLArm8HTA==
expires: Fri, 06 Dec 2024 19:35:23 GMT

GET
H3 200 popper.js Show response
www.avanan.com/hubfs/website/code/js/vendor/ 80 KB
23 KB 125ms
120ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/js/vendor/popper.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

94b9164549fba805d07a371447577e77ca7d335fb19f9eaf978209851969cf08

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 b6b3763e07a2a3280ef90f8be16c62e2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-11719670560,FD-10555825718,P-1835778,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 638532
x-amz-cf-pop: YTO50-C2
x-amz-request-id: P803JEAM2E1P95XW
content-encoding: br
edge-cache-tag: F-11719670560,FD-10555825718,P-1835778,FLS-ALL
cache-tag: F-11719670560,FD-10555825718,P-1835778,FLS-ALL
x-amz-version-id: OME08B.rG6TRAJ7DDfxDoqg2ImFXjByx
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: /hw5OnSgEMGGOBQRYhJGKSvIUNn50N4nEU5aGDcrcikK1cbE8O9c46HQ8JOLtowcL2rz1ocUE0E=
last-modified: Tue, 30 Jul 2019 21:08:51 GMT
server: cloudflare
etag: W/"18977fcc54cc90302580895825f739ec"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zGDXJT9YyLa5gJBpFPGaMUHbKKhmPcOQvWCiBiStearj7Gbqwr6EYH54ja%2B7a7VKv%2FcRid4z97EU%2B234D8RHLjjztY8Iyd4Znhr14%2FIaVuTiC7mHoXlXSX%2FO2fmLAzP1"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 831f36223b923905-YYZ
x-amz-cf-id: hjl-FBH2tm-_Os-c-mio0wOpDnIFV3Ot18YhEFyBCpem_iaZHxzUiQ==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 jquery-migrate.js Show response
www.avanan.com/hubfs/website/code/js/ 17 KB
7 KB 78ms
73ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/js/jquery-migrate.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

56f9c5f99829774d0b2fbdcfd9750b617127e913afa0569afef6dfa22165659e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 b90bbd3e21074296bb0c0cac8328de62.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-10555716746,FD-10555648234,P-1835778,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 564151
x-amz-cf-pop: YTO50-C2
x-amz-request-id: NW5GM3JRMQF1EC1M
content-encoding: br
edge-cache-tag: F-10555716746,FD-10555648234,P-1835778,FLS-ALL
cache-tag: F-10555716746,FD-10555648234,P-1835778,FLS-ALL
x-amz-version-id: O.IWEvWv.S2HIJh2gVb3UjxcZN2zO5t0
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: vHaVhuLsV+7R899e5JqBBJCHMPhOncL3gJOIvRcWM0akBaxtdfwajf/G5ZSuSNLfAwT1Vsacqf1Aszt+RBA5Uw==
last-modified: Tue, 18 Jun 2019 07:39:43 GMT
server: cloudflare
etag: W/"e16bb3f1cf4b40a9e4de0cf7d4950cb3"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=14zfwDD2hjcsWoO%2FujcOHjIWH%2B2dkOECqnQ0%2FeI6V2nPpn9V7VpGjVQ2JEHKnGC%2Fdbq8wp1qr1JZ1dEFgaGk6sUW5Ocy6wx94%2FtzUrOEtuK5yCXdf1LNfxoDT4GpRDnW"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 831f36223b933905-YYZ
x-amz-cf-id: wssygYEC8YemdLBPI4Emovrn7kRe_VsfeWDo49GgyX1tn77NIxECjg==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 hs.megamenu.js Show response
www.avanan.com/hubfs/website/code/js/vendor/ 22 KB
6 KB 69ms
65ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/js/vendor/hs.megamenu.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3640c9e176b212640e5d1ba0e522d80ebe382b5a18fc55ae4f7be28d1b138be

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 1fe7bb95d844b878ec715df0cbc00f96.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-10555716444,FD-10555825718,P-1835778,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 557663
x-amz-cf-pop: YTO50-C2
x-amz-request-id: 2EAY2TNEEHSW1ZJ1
content-encoding: br
edge-cache-tag: F-10555716444,FD-10555825718,P-1835778,FLS-ALL
cache-tag: F-10555716444,FD-10555825718,P-1835778,FLS-ALL
x-amz-version-id: Tr8ZpL3KcSID6jBFr2cCd_jZ2gEqr8QS
x-cache: Miss from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: KOUVf2nwtUj59FxC6Sz6wVaotOrdzyM6Cwmqn6IMFwVyTy/OimxEdlpDW5hfkijg+/oX22J4UnQ=
last-modified: Tue, 18 Jun 2019 07:33:15 GMT
server: cloudflare
etag: W/"26676e58c4eb0c77a8d2c99b4bd1ad43"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2yedhDkdVmshUZk1NpyBvMsmGl3iLVGOIpNHX1LdjIK0JwYska7VY0vaHLOvBMhT5yUTlRDKosPTiqkjgE17Q%2BXwwG0RuxTRywR3I2TZ4yif53PalCwS1tFaPUhSob1A"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 831f36223b953905-YYZ
x-amz-cf-id: iQmbrOq-xv5vbfhcHvMAhzpHY_BJM-Ezf95h0KzmFZnadA-mB0AmYg==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 custombox.min.js Show response
www.avanan.com/hubfs/website/code/js/vendor/ 15 KB
5 KB 126ms
122ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/js/vendor/custombox.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd0af87d02bf88046acaf36141538c4852763b37b99ad5ea41ab6b07829818f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 44500049c6ef1f11906a2f915943ffbe.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-12524627223,FD-10555825718,P-1835778,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 638532
x-amz-cf-pop: YTO50-C2
x-amz-request-id: KTDR9GCC5Z4EAR71
content-encoding: br
edge-cache-tag: F-12524627223,FD-10555825718,P-1835778,FLS-ALL
cache-tag: F-12524627223,FD-10555825718,P-1835778,FLS-ALL
x-amz-version-id: Tm64yWHx4y9EpRwZ0oVdBIU91wzQQVgx
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Gb+0vjPv25n8JQvGwF/9abaKBq6PyuIZ1RWwlJdJ5vF7vmsVCg7x6tXK59y4Tamge6Ee2ZaRfM0=
last-modified: Thu, 29 Aug 2019 14:19:27 GMT
server: cloudflare
etag: W/"a99f3446cf6471542e7b5103c1e0ad26"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=beGJK%2F6PdoCCBYZuETLswKuNzs22L%2F6qnPcfQuYhq47puO68Zia4OGqANqzyV%2FONb1Bx9CW9PcoZ%2B1lRVYAHYFQcxm2LX36j76Rtd64xJFtd7hobZDwVH3Q2RHEpAE%2FS"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 831f36223b963905-YYZ
x-amz-cf-id: 8501GXP8W9EE1C4L8pkr4Yols6erGvEXFy6B0FQ_8EngPgvJZFNPgg==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 custombox.legacy.min.js Show response
www.avanan.com/hubfs/website/code/js/vendor/ 102 KB
36 KB 126ms
122ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/js/vendor/custombox.legacy.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b4c6df43d8be2860c107af980f4ae9c27dea1b14e0112921c3aef511bb29b07

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 7c892814cd49a1aa7218fdfabfbac856.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-12524756578,FD-10555825718,P-1835778,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 724628
x-amz-cf-pop: YTO50-C2
x-amz-request-id: FAF4MPT5MD0J2QJ4
content-encoding: br
edge-cache-tag: F-12524756578,FD-10555825718,P-1835778,FLS-ALL
cache-tag: F-12524756578,FD-10555825718,P-1835778,FLS-ALL
x-amz-version-id: CNtvX5bcEOKz8jLqkiPSkGvNd2dpptBk
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Yzy5Rsm9jTae380XjwErsUbrLTcdbWSjPCodPbuRFZgngkcRJHgs4BJiaoDYoDz1W2eyCd/Fdy4=
last-modified: Thu, 29 Aug 2019 14:19:27 GMT
server: cloudflare
etag: W/"626f9c989ad909171b9c7e56dccfadd0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e6EpdyifmvKDyzXVMjFK72ttMPnjkzhASi52kWkJTDJXs5O185HkYX%2FvLfNZKHhh82%2FplshgOIn1yu1RaaEBSOFsO8Cx81vC%2B0upD3%2Fp7osamoCqTsrBP1Te81MtGEr7"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 831f36223b973905-YYZ
x-amz-cf-id: q4S-8Eb5yQ4QeHflBxMqmpXA_tPyiHUH7cP0rlBz8UhmMQnvT2GJDg==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 hs.core.js Show response
www.avanan.com/hubfs/website/code/js/vendor/ 4 KB
2 KB 129ms
125ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/js/vendor/hs.core.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

87d6c8ca2c4746ba9c42bd4b56b9f8dcb23dc4f4c8a5e338039a915eddbb4cfb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 4074a79e28cc4b1a455d24b3546c6c94.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-10555648509,FD-10555825718,P-1835778,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 638532
x-amz-cf-pop: YTO50-C2
x-amz-request-id: 8NT3P0P77DRPHJMM
content-encoding: br
edge-cache-tag: F-10555648509,FD-10555825718,P-1835778,FLS-ALL
cache-tag: F-10555648509,FD-10555825718,P-1835778,FLS-ALL
x-amz-version-id: t39fon58.c8wnVn0KiTmU6Cnt0f.z3k5
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: t36yd35IUgOnUYVYMq7KqW+wqMDi+S44mJ22ZfeV9xmSc25vkgJHhjiDU8eJS8WglUkWIDhmZGA=
last-modified: Tue, 18 Jun 2019 07:35:47 GMT
server: cloudflare
etag: W/"ad96a1d08e41474de9b172376ad8f2a6"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jh%2B47l0E9MDwrXiOh%2FI1%2BcviLl2pcpBZ9%2Bxnhf%2BlltVtHUl%2FOCWGH9ZsFuP1A35q7BaPCuP3Dil2LGv8ZvQc8Ox1BpSgH4BItaEGohQxBlUU8J18haFZgeqSWZKEn4BR"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 831f36223b993905-YYZ
x-amz-cf-id: gDIA7Cn12dmElB19lq2AVPK1JqLqr8HTeE3r2HkKaLMPojDPjMBrog==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 hs.header.js Show response
www.avanan.com/hubfs/website/code/js/vendor/ 45 KB
6 KB 129ms
125ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/js/vendor/hs.header.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

327f498e13e0a8166699d8d770f3806775c2707dd893d18f0139b84b0b9d8576

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 bccdd9eb44a87c0c46b5374545a79a04.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-10658801982,FD-10555825718,P-1835778,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 418352
x-amz-cf-pop: YUL62-P2
x-amz-request-id: DRFJTNW9YGZNF4PW
content-encoding: br
edge-cache-tag: F-10658801982,FD-10555825718,P-1835778,FLS-ALL
cache-tag: F-10658801982,FD-10555825718,P-1835778,FLS-ALL
x-amz-version-id: sLoBYokxi8ZRjPnVZWHiocCdDukS9g6O
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: AUGWHL/DH+dqNcHiGf0pRCRzROUc27HBV3w2+5euLW4I8OrHqOda1BK4pwJhsE5ubUQFjeHcBr8=
last-modified: Fri, 21 Jun 2019 15:22:17 GMT
server: cloudflare
etag: W/"da8e6062fc6df06d66405f3894ac0090"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2BcF0DcvlLfSLtM7aZFICAoxDilQ67Abe32SrnYTit%2F%2BAVUAGJ%2FK3hvLYB824KfMIgso5d%2FUIeDwGIMtlZukO%2BrwIBpgNTarEpEIDz9M7T8EMHvdZBalgk3xJb%2FK%2BJ3N"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 831f36223b9b3905-YYZ
x-amz-cf-id: 6PpAW5BYCCBQA2Mf7zxsDfNA0fnDFri7K_uqpZZrM9NCKVq5Pc_-Cw==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 hs.unfold.js Show response
www.avanan.com/hubfs/website/code/js/vendor/ 16 KB
4 KB 71ms
67ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/js/vendor/hs.unfold.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd6aef7e70901bd5018e23bf8f366b1363e27c9263a2e058df2ca725cf81aab5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 74797197cacba7d22a7c3a7685b38272.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-12349469375,FD-10555825718,P-1835778,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 789685
x-amz-cf-pop: YTO50-P2
x-amz-request-id: AJEFMFK53GSRJX7P
content-encoding: br
edge-cache-tag: F-12349469375,FD-10555825718,P-1835778,FLS-ALL
cache-tag: F-12349469375,FD-10555825718,P-1835778,FLS-ALL
x-amz-version-id: jtHI_y0b8Eo2FGwKdP6LEhiHSwPKnVW3
x-cache: Miss from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: RozKeRihefbOfsP9V6N021Q4Uv0eJjtIWRA1tSqixr2nhaQeb2XsJxem63zCYCKApeIJIiu9awU=
last-modified: Thu, 22 Aug 2019 18:14:11 GMT
server: cloudflare
etag: W/"cd7294af40bf5e701ac6f8cca4a7ebcc"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5Ub%2BYhyN8VGzyysjzPyRnyf0rWRjCCut%2FMrQEROJevG%2FinrRWdPHeHLpxXvPSXt0KR1uxabVH2J7RLkCIMirFhxkxEGlOAncWk9K%2FYp1G7nVJb7nolHzib5STrkOiN2"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 831f36223b9c3905-YYZ
x-amz-cf-id: FMaXyu55OsrqqZpbyuCuV3GzgqGP79xOOM7qcU9ocAGsH03tCCnanA==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 hs.slick-carousel.js Show response
www.avanan.com/hubfs/website/code/js/vendor/ 13 KB
4 KB 129ms
125ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/js/vendor/hs.slick-carousel.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

081d08f71fb7a07fd5247ce2d20af91a41899fd4ee1b129c18fedf8a04b5bbae

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 141b2a0bfdcf3225afbe04affb901120.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-12709649959,FD-10555825718,P-1835778,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 273901
x-amz-cf-pop: YUL62-P2
x-amz-request-id: 8M1K0RSYXSC65MSD
content-encoding: br
edge-cache-tag: F-12709649959,FD-10555825718,P-1835778,FLS-ALL
cache-tag: F-12709649959,FD-10555825718,P-1835778,FLS-ALL
x-amz-version-id: 47mSAiAgQ_ZLSqVaPMk.x.DaEXQJE5Q1
x-cache: Miss from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: sYvwHgOetMgfFeaKiUJ0PaCkRW44BgKmQxPU3dbbCmF6/AJMPi5No1UP+YH2uQ7evkNNpNoMa6I=
last-modified: Thu, 05 Sep 2019 14:38:09 GMT
server: cloudflare
etag: W/"333f5cba208ba8133a37ded8fbd1d4df"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GalMqGq4DCZVa7DXQxPx5QmP9qNr6WU6ZJDpRmuMxdtDWH8M3v8v8gSQOH9NKTGRGT%2FXdkRMjWnFKe%2FW2nKL%2BV2T5R%2FGWpjr7PtVL%2B%2BqM8ZT9PaE3XxjDrjgxpcZGIM4"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 831f36223b9d3905-YYZ
x-amz-cf-id: Gwny4DvWlErXTlzy0uPN5H1c5cvkaJVhPI7k8AdGK3C1XnoU9lYBjA==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 hs.modal-window.js Show response
www.avanan.com/hubfs/website/code/js/vendor/ 9 KB
3 KB 69ms
65ms Script
application/javascript 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/js/vendor/hs.modal-window.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6713fb9ddf25585f97a9c877f75edbb8b2c0d0691c1402fe85c145a9098527d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 d03af248468c898a111754f0666c2316.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-12524633360,FD-10555825718,P-1835778,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 803821
x-amz-cf-pop: YTO50-P2
x-amz-request-id: GF6C1HC3YYHR2SVX
content-encoding: br
edge-cache-tag: F-12524633360,FD-10555825718,P-1835778,FLS-ALL
cache-tag: F-12524633360,FD-10555825718,P-1835778,FLS-ALL
x-amz-version-id: 37fiNFmrqmELkFKd5Hej0YGO_cs4_PVG
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Qqb9bUrsgcMZOaFenfLK3RlElNT7TfCmeCPFmRoojt2UgBruJgMl/SHxMO9poY/xzP6sxJvlwH8=
last-modified: Thu, 29 Aug 2019 14:15:34 GMT
server: cloudflare
etag: W/"e835fc393be7df8bc21680227886c2a8"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J0iyzTSzyMG9cnLxeAbZcTzfpwdzR8zYYrejNSBjHbrGsTe9Nj5uoWR%2F8BooMqbSiZrWMJaSxQhOrqyCl9IIY2wfa5k4UfIVH9JPKmMieqHDK3KNCuqmZO8fgW5kWC9%2B"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 831f36223ba03905-YYZ
x-amz-cf-id: F8iz-NcnjDfJqS-X9VNpCLtbPOtLTzSYLZQl_eqoK4ZUTPnr6emoPw==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 301 KB
101 KB 144ms
60ms Script
application/javascript 172.253.63.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

a0b0b578469be2bde696c6e336be5d0c04ab54fe568b3f6bbb2e75663b58be26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102668
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 07 Dec 2023 19:35:23 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 418 KB
116 KB 194ms
110ms Script
application/javascript 172.253.63.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

a9cbc5941c408933f9aa1551c27461fbb300cf3881173f9ba3d9173f46829ab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119019
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 07 Dec 2023 19:35:23 GMT

GET
H2 200 lftracker_v1_OKM7ZEDV9rXg2zo4.js Show response
lftracker.leadfeeder.com/ 31 KB
11 KB 382ms
42ms Script
application/javascript 13.249.39.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lftracker.leadfeeder.com/lftracker_v1_OKM7ZEDV9rXg2zo4.js
Requested by: Host: www.avanan.com
URL: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.249.39.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-249-39-43.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6ce8b6777d90b50ec4183fac7c948902229a7b8427e2e63008c52e769ec0c2d4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: FZ6sGYjpwdKGuBK1HRn3uy5h.PKBA7tx
content-encoding: br
via: 1.1 50f5f6b4e0025748bb74dce1db44c750.cloudfront.net (CloudFront)
date: Thu, 07 Dec 2023 19:19:52 GMT
last-modified: Thu, 05 Oct 2023 07:00:59 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C1
age: 932
x-amz-server-side-encryption: AES256
etag: W/"d87766f57a5bea189c787c89be51fb5c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: FyhXX4nWs_M8P6yoqVkbtkovdGHI2BqdxFHzkz2u8IczH9BDYxBQFg==

GET
H2 200 css
fonts.googleapis.com/ 4 KB
752 B 48ms
47ms Stylesheet
text/css 172.253.122.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto|Montserrat

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/5097885803/1577975559034/Custom/system/default/gradient.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f95.1e100.net

Software

ESF /

Resource Hash

bb040b98adabb6b07aecd7250591fa9ba53843c05527fec90009bf414007ea08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/5097885803/1577975559034/Custom/system/default/gradient.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Dec 2023 19:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 17:35:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Dec 2023 19:35:23 GMT

GET
H3 200 close.svg
www.avanan.com/hubfs/jacob_redesign/page_icons/ 513 B
1 KB 88ms
86ms Image
image/svg+xml 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avanan.com/hubfs/jacob_redesign/page_icons/close.svg

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/6073351973/1693338321987/Custom/jacob_redesign/css/template.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a3a9ccca4cde6a90f28a96467b83fcc8e8b02ae532b85c46d45514e98c9dc9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/6073351973/1693338321987/Custom/jacob_redesign/css/template.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 74797197cacba7d22a7c3a7685b38272.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6129363300,FD-6106722142,P-1835778,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 724628
x-amz-cf-pop: YTO50-P2
x-amz-request-id: H7FY3BBSC7RAX3EM
content-encoding: br
edge-cache-tag: F-6129363300,FD-6106722142,P-1835778,FLS-ALL
cache-tag: F-6129363300,FD-6106722142,P-1835778,FLS-ALL
x-amz-version-id: aGBLOARAtDK9aU8eL5GIguuA_ii6l6Ic
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: mvy8W5Y9EE7V3k+/oUVUE+C3RH0NfR9QKVQSWlENtUXIZd3H38MvscQLHjwn49yweqzjcNm0eSTc/bhOprztJ/PG/HtRuqKw
last-modified: Wed, 14 Aug 2019 14:58:10 GMT
server: cloudflare
etag: W/"cad7540d366ad86e66ac89079055b4b9"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oaV1lJoxHahrnpSXduzmkln9M8i4nhGoVWbX8iuf55H%2B6dIIis2H38WPA6bgmSZb0IyPN8cIZV8PojfGmkV9NU3vMVffYGOidZEWTB08YsatfIzBSs7r5tKz0y%2BFz8Yd"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 831f36227c093905-YYZ
x-amz-cf-id: rSMi8WGSan9_6o3ENXerpPrNBiFKhV8ThF_CQmbs82keR03hDiwaaQ==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.2.0/webfonts/ 61 KB
61 KB 47ms
45ms Font
font/woff2 172.64.141.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.141.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f

Request headers

Referer: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Origin: https://www.avanan.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 820267
alt-svc: h3=":443"; ma=86400
content-length: 62472
last-modified: Fri, 22 Sep 2023 01:45:27 GMT
server: cloudflare
etag: "b75b4bfe0d58faeced5006c785eaae23"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7OWP7R0iW1ngVMNce%2Bh%2BDqO0aQUEIGrgaCl2fjvtPYYxDwOEe%2FQ8cJu5yJLw4yWPeZD3ehLsScfamd5JJXEqnt8HTpyadKbjGQHrcXo3QNOb1%2FFAImLsmrmrLyfRU9fGQ70LFsdq"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 831f36228c9e0cb8-EWR

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 213ms
72ms Font
font/woff2 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900idisplay=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.avanan.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:08:00 GMT
x-content-type-options: nosniff
age: 5243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 18:08:00 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 218ms
77ms Font
font/woff2 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900idisplay=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.avanan.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 17:48:55 GMT
x-content-type-options: nosniff
age: 6388
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 17:48:55 GMT

GET
H2 200 u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
fonts.gstatic.com/s/cabin/v27/ 27 KB
28 KB 184ms
43ms Font
font/woff2 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cabin/v27/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

dcb085ad0fca889c4a1b898ccc7458c5d586e5740e7b7bffe065ac6a5e247ada

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.avanan.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:22:57 GMT
x-content-type-options: nosniff
age: 4346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28076
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:14:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 18:22:57 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 215ms
75ms Font
font/woff2 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900idisplay=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.avanan.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:16:02 GMT
x-content-type-options: nosniff
age: 4761
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 18:16:02 GMT

GET
H3 200 undefined-Nov-27-2023-08-31-02-3972-PM.png
www.avanan.com/hs-fs/hubfs/ 77 KB
78 KB 67ms
67ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avanan.com/hs-fs/hubfs/undefined-Nov-27-2023-08-31-02-3972-PM.png?width=1600&height=689&name=undefined-Nov-27-2023-08-31-02-3972-PM.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bb9a2c2d013c9818f8cc463b3571aa13db5d6d75f99b851c7dc7e4321b39168

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:23 GMT
strict-transport-security: max-age=31536000
via: 1.1 2abaa6585800272f03e152fa41c7b7b6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-147475552295,P-1835778,FLS-ALL
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
content-length: 79048
cf-resized: internal=ok/m q=0 n=291+411 c=0+0 v=2023.9.8 l=79048
last-modified: Mon, 27 Nov 2023 20:31:03 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cf11Cxucwgkx-4-VQ20Yq6-UqNQHe-y9XEUoFvcu7qDQ:b0eeca4a608dd1b4b6f58f0df0e4969b"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hpo9UFOk5pdQQoP8bJbFh5R2h26aIgpBzF07eDc7BgzwZxxWcSy2YJv0owpwekkfmsPA%2FrG%2BpU0U5LOnpGDXET4DX5BMFZylOHY7tRQbZlKZpko9IbI7FetSkPYY%2BRqZ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 831f36229c383905-YYZ

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 118ms
39ms Font
font/woff2 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900idisplay=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.avanan.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 17:51:30 GMT
x-content-type-options: nosniff
age: 6233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 17:51:30 GMT

GET
H2 200 JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ 15 KB
15 KB 141ms
65ms Font
font/woff2 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Montserrat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.avanan.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:15:18 GMT
x-content-type-options: nosniff
age: 4805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14940
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:46:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 18:15:18 GMT

GET
H2 200 /
tr.lfeeder.com/ 43 B
293 B 174ms
70ms Image
image/gif 3.162.112.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.lfeeder.com/?sid=OKM7ZEDV9rXg2zo4&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6W10sImdhQ2xpZW50SWRzIjpbXSwiY29udGV4dCI6eyJsaWJyYXJ5Ijp7Im5hbWUiOiJsZnRyYWNrZXIiLCJ2ZXJzaW9uIjoiMi42MS4zIn0sInBhZ2VVcmwiOiJodHRwczovL3d3dy5hdmFuYW4uY29tL2Jsb2cvcGhpc2hpbmctdmlhLWdlbmlhbC5seT91dG1fbWVkaXVtPWVtYWlsJl9oc21pPTI4NTYwNDU0NSZfaHNlbmM9cDJBTnF0ei04VnJhYWV3OEVVVVNqVUtCendHLXZKNV9SaDh4WVI2b1g5LXVqdUdHbTVCUGhDV1k1LUxiU3VQSVh1WHFIdmppN1pBRHlUcS0xRlVBTXNMOVhlSjVDVzdyREFkRFJUblF3Y0RUZFRNNkNDc21mZzNPUSZ1dG1fY29udGVudD0yODU2MDQ1NDUmdXRtX3NvdXJjZT1oc19lbWFpbCIsInBhZ2VUaXRsZSI6IlBoaXNoaW5nIHZpYSBHZW5pYWwubHkiLCJyZWZlcnJlciI6IiJ9LCJldmVudCI6InRyYWNraW5nLWV2ZW50IiwiY2xpZW50RXZlbnRJZCI6IjJkYWNhZGRmOGQ3MWE4YTgiLCJzY3JpcHRJZCI6Ik9LTTdaRURWOXJYZzJ6bzQiLCJjb29raWVzRW5hYmxlZCI6dHJ1ZSwiY29uc2VudExldmVsIjoibm9uZSIsImFub255bWl6ZUlwIjp0cnVlLCJsZkNsaWVudElkIjoiTEYxLjEuMzRmNjUxMzNkMGEzYzA4Ny4xNzAxOTc3NzIzNzI5IiwiZm9yZWlnbkNvb2tpZXMiOltdLCJwcm9wZXJ0aWVzIjp7fSwiYXV0b1RyYWNraW5nRW5hYmxlZCI6dHJ1ZSwiYXV0b1RyYWNraW5nTW9kZSI6Im9uX3NjcmlwdF9sb2FkIn0=
Requested by: Host: www.avanan.com
URL: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.112.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-112-30.iad61.r.cloudfront.net
Software: CloudFront /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:23 GMT
via: 1.1 ee9b452ef78932123abe17295c8c65be.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: IAD61-P2
x-cache: LambdaGeneratedResponse from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: vjogJbIN4jn5RWsLnw31U7n-tSZ8m8pCGBRsFc98YHek9iwtJDcdeA==

GET
H2 200 purify.min.js Show response
cdnjs.cloudflare.com/ajax/libs/dompurify/2.4.3/ 21 KB
8 KB 28ms
27ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/dompurify/2.4.3/purify.min.js

Requested by

Host: www.gartner.com
URL: https://www.gartner.com/reviews/public/Widget/js/widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

265dc9381f2b760551a12eb31f4bbc194ea6609b90fd79a59fc53cb0e1210146

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 630721
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7628
last-modified: Fri, 06 Jan 2023 14:33:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "63b83136-1dcc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ak7%2B41PIWNwn6cEv8BF8D1eBK1OFQHGUvQOCUDiuxZt%2FjzqyLSzrKhLQ5QOr4vDfiGh0bggC4IFcKfZbGJuxSdhmM30bIviSHm6H18zAzSuVwCJuO5RdDva%2Brkd8k5WTLKnGmdFr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 831f3629780836f9-YYZ
expires: Tue, 26 Nov 2024 19:35:24 GMT

GET
H2 200 widget.css
www.gartner.com/reviews/public/Widget/css/ 155 KB
112 KB 48ms
48ms Stylesheet
text/css 99.86.229.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gartner.com/reviews/public/Widget/css/widget.css
Requested by: Host: www.gartner.com
URL: https://www.gartner.com/reviews/public/Widget/js/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.229.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-229-18.iad79.r.cloudfront.net
Software: Apache / Express
Resource Hash: 48069549555730d586f6b176fcd26ebd19349e9271acdc8e0474caa15501e542

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:07 GMT
content-encoding: gzip
via: 1.1 fed66e6ba2cb68c8ee66c75c4798daf8.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 09:29:59 GMT
server: Apache
x-amz-cf-pop: IAD79-C3
age: 14237
x-powered-by: Express
etag: W/"26a81-18c3429b9d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: IiFnPC4wj7Ki1vkX1qf4Uz0URYJdWx-zM49f26nS-EHRVxhxuwQsZQ==

GET
H2 200 data Show response
www.gartner.com/reviews/public/Widget/ Frame 6DDC 34 KB
14 KB 46ms
46ms Document
text/html 99.86.229.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gartner.com/reviews/public/Widget/data?widget_id=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy&size=large
Requested by: Host: www.gartner.com
URL: https://www.gartner.com/reviews/public/Widget/js/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.229.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-229-18.iad79.r.cloudfront.net
Software: Apache / Express
Resource Hash: 80bd5fb610c0aae4f80839cb8bb2dc58c8e569d0f26c51fe866eba6b57f48509

Request headers

Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 3595
cache-control: private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 07 Dec 2023 18:35:29 GMT
etag: W/"57f-sr923y4RyJqqcTbg3QoemUgdIRE:dtagent1024322060615355013ZP:dtagent1024322060615355013ZP"
server: Apache
vary: Accept-Encoding
via: 1.1 fed66e6ba2cb68c8ee66c75c4798daf8.cloudfront.net (CloudFront)
x-amz-cf-id: OEK6RZa2dqX7MSwJBtwVKO9Qp0RTxThvDM6FJpdferaPdHBcTTiNPg==
x-amz-cf-pop: IAD79-C3
x-cache: Hit from cloudfront
x-oneagent-js-injection: true
x-powered-by: Express
x-ruxit-js-agent: true

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.2.0/webfonts/ 63 KB
63 KB 73ms
71ms Font
font/woff2 172.64.141.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.141.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589

Request headers

Referer: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Origin: https://www.avanan.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 371665
alt-svc: h3=":443"; ma=86400
content-length: 64144
last-modified: Fri, 22 Sep 2023 01:45:27 GMT
server: cloudflare
etag: "6814d0e8136d34e313623eb7129d538e"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Clav%2BlFTj9G%2FZnbHnH3drmpbTE0GMadyoAswoUJe23oVWjQ6QXNLq2H2f6mJzKAM%2Bd3XCmAvFgWQnJYs8yiLvJp8WGYCEyc17qZHnGmMlSBWQRhHMDD9%2FC0cLsh7zr27kGykbAGY"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 831f36299ca40cb8-EWR

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 40ms
38ms Font
font/woff2 172.253.122.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900idisplay=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f94.1e100.net

Software

sffe /

Resource Hash

78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.avanan.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:32:50 GMT
x-content-type-options: nosniff
age: 3754
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7840
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 18:32:50 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 119ms
39ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

211021b7c09598e5138d4be18dbe9facfc025693e756ea1c7f6dac17a33cd39a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 19:35:24 GMT
content-md5: 9otPs7uH9oCKvghpmecQYA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1684
reporting-endpoints
x-fb-debug: 8uQawV9hZlZmUj+jIe4B7aoa327Q7z41LZEqv2bPAZc5nGmSOovBNEc/RwOJL+SBViMT4ZbJxZFVDMyOAsEkMQ==
x-fb-content-md5: 1ac01c36c8d2927c291620ba350754a2
cross-origin-opener-policy: same-origin-allow-popups
etag: "df4c5082f97f907e83102e96ec100a1f"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 07 Dec 2023 19:43:50 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 131ms
33ms Script
application/javascript 192.229.163.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.avanan.com
URL: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (cha/818F) /
Resource Hash: 9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 19:35:24 GMT
Content-Encoding: gzip
Age: 154
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27598
Last-Modified: Mon, 09 Oct 2023 20:29:49 GMT
Server: ECS (cha/818F)
Etag: "391b7fdf0c468036f27102529636f0ca+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 551 KB
88 KB 84ms
34ms Script
application/javascript 104.18.122.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/hs/scriptloader/1835778.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.122.12 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a59a536f6a35976c81d050cc1f734740643674e9736ae066f85213a5535e7a0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
Origin: https://www.avanan.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
age: 67729
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1291/bundle/main/lead-flows-release.js&cfRay=8318c09d0f9aa1db-YYZ
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"c314aa317d74a89c787c3c4a9d2fd97c"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1291/bundle/main/lead-flows-release.js
date: Thu, 07 Dec 2023 19:35:24 GMT
x-amz-version-id: QUNwK0xemzsIqupWMH2b5phjsLRnkTKD
via: 1.1 53b70ac9dc46d1c13992b291cf22a9aa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: bddd7086-7624-4c93-bf9b-f740b545c3f4
x-cache: RefreshHit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 42
x-evy-trace-route-configuration: listener_https/all
x-request-id: bddd7086-7624-4c93-bf9b-f740b545c3f4
last-modified: Mon, 04 Dec 2023 12:11:15 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-b78fbd96d-c7x79
cf-ray: 831f362a2a935491-YYZ
x-amz-cf-id: 8BU7Bg8mHnYLrtJfacxUZ2BHlkuMWnlMucoKRrm3ZyGUNSGqfD27bg==

GET
H2 200 1835778.js Show response
js.hs-analytics.net/analytics/1701977700000/ 66 KB
21 KB 134ms
85ms Script
text/javascript 104.16.77.186
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1701977700000/1835778.js
Requested by: Host: www.avanan.com
URL: https://www.avanan.com/hs/scriptloader/1835778.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.77.186 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98cf78561f0ca0eecebc62866dd85c70d0b2926a4c189dcc6802369920a2ef9e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:24 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: RC3XWJFG9X3RF9NQ
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: a4086b9f-6e53-48d2-8982-cfecee0cffd2
x-envoy-upstream-service-time: 26
x-amz-id-2: Yd9Ih7ukSNLyzj5hjZ7v9ZHt5uaX9G4QyLkSPzAdAh7xrb2D6TGe3NalwS/sylVe8DS/9wvyQ7VKtWIpOMaRBHXRuekTyhVl4mmURxgRFeY=
x-evy-trace-listener: listener_https
x-request-id: a4086b9f-6e53-48d2-8982-cfecee0cffd2
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 15 Nov 2023 17:13:24 GMT
server: cloudflare
etag: W/"251c8ffc1b6f37ce0b3f74262eadebf5"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-fd6fb8679-tlmd8
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 831f362a29caa1ed-YYZ
expires: Thu, 07 Dec 2023 19:40:24 GMT

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/1835778/ 66 KB
20 KB 127ms
77ms Script
text/javascript 104.18.34.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/1835778/banner.js
Requested by: Host: www.avanan.com
URL: https://www.avanan.com/hs/scriptloader/1835778.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a8dc37228486418b77d45135da96313f7d161c03609292464cc77d2a6634897

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:24 GMT
x-amz-version-id: jEau.0.ly2sxZj1oOOhLn3etp6dyULSX
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: MYYKEVH8QG8QRXB3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 30345daf-c616-44aa-9823-d3c6c58f1119
x-envoy-upstream-service-time: 37
x-amz-id-2: xlYYtq9UUWi94DRm9MKaDGgvub2wX/rLme6wHkxtPyF6iq8CqaXYB/sbT0L4/zzH7vijiBCov1k=
x-evy-trace-listener: listener_https
x-request-id: 30345daf-c616-44aa-9823-d3c6c58f1119
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 06 Nov 2023 18:21:08 GMT
server: cloudflare
etag: W/"87160b39b0617acbb75a42c167add512"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.avanan.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6849bc8697-vvl5l
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 831f362a29bc36db-YYZ
expires: Thu, 07 Dec 2023 19:40:24 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 81ms
32ms Script
application/javascript 104.17.229.163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/hs/scriptloader/1835778.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.229.163 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df998f2ab79818d229edfab989eb187dd3d94f0f40377fde4f5f97e08b691ecf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:24 GMT
x-amz-version-id: XlFw32Cnxu8ZjnNH.SH7ungVy3g8LtQG
via: 1.1 6b29c936420d116b13807604a0e67044.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 418
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.501/bundles/pixels-release.js&cfRay=831f2bf2ec2039ff-YYZ
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 1dcc7d46-3088-473b-a39a-d971cf7fc7d2
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1dcc7d46-3088-473b-a39a-d971cf7fc7d2
last-modified: Mon, 04 Dec 2023 14:19:28 UTC
server: cloudflare
etag: W/"ed930579444c6c7c0292363361667508"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-b78fbd96d-59k59
cf-ray: 831f362a29f636c1-YYZ
x-amz-cf-id: jlmUY9m9DAxz7d2T4W6tZNU28dC_bqLKq70B4VO56PJPJ2m0wb5WIA==
x-hs-target-asset: adsscriptloaderstatic/static-1.501/bundles/pixels-release.js

GET
H2 200 ruxitagentjs_A2NVfhjqru_10243220606153550.js Show response
www.gartner.com/ Frame 6DDC 170 KB
67 KB 39ms
38ms Script
text/javascript 99.86.229.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gartner.com/ruxitagentjs_A2NVfhjqru_10243220606153550.js
Requested by: Host: www.gartner.com
URL: https://www.gartner.com/reviews/public/Widget/data?widget_id=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy&size=large
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.229.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-229-18.iad79.r.cloudfront.net
Software: Apache /
Resource Hash: 21091df3e91e575d018aa5b94c490bc0921233e901913052ceec557a2f3537ae

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gartner.com/reviews/public/Widget/data?widget_id=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy&size=large
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 07:07:45 GMT
content-encoding: gzip
via: 1.1 fed66e6ba2cb68c8ee66c75c4798daf8.cloudfront.net (CloudFront)
last-modified: Wed, 03 Mar 2010 07:01:40 GMT
server: Apache
x-amz-cf-pop: IAD79-C3
age: 1600059
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
content-length: 67984
x-amz-cf-id: ivlun46XIMhG6Z1qafRTB4z475ngM8-Jkzn6xDy02wfI-Mr38ViY9g==
expires: Mon, 18 Nov 2024 07:07:45 GMT

GET
H2 200 data.js Show response
www.gartner.com/reviews/public/Widget/js/ Frame 6DDC 2 KB
1 KB 45ms
45ms Script
application/javascript 99.86.229.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gartner.com/reviews/public/Widget/js/data.js
Requested by: Host: www.gartner.com
URL: https://www.gartner.com/reviews/public/Widget/data?widget_id=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy&size=large
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.229.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-229-18.iad79.r.cloudfront.net
Software: Apache / Express
Resource Hash: 2ece63665d1c156d538ab3ab54b1239af56ceaa6d199d26580c877fefea8688d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gartner.com/reviews/public/Widget/data?widget_id=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy&size=large
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:38:07 GMT
content-encoding: gzip
via: 1.1 fed66e6ba2cb68c8ee66c75c4798daf8.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 09:24:54 GMT
server: Apache
x-amz-cf-pop: IAD79-C3
age: 14237
x-powered-by: Express
etag: W/"6d4-18c34251270"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
x-amz-cf-id: wZbf2sBrQh4Nz9Z0RrAEIX5UtSgnOBvgd39WIeX90n9SwIjAv8CZWw==

GET
H2 204 has-permission Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
421 B 112ms
107ms Script
text/plain 104.19.155.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=1835778&callback=jsonpHandler

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.155.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: no-sniff
cf-cache-status: DYNAMIC
x-hs-worker-debug-mode: false
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 4360b2e1-a449-4b2a-810a-a6166535e1dd
x-envoy-upstream-service-time: 8
x-evy-trace-route-configuration: listener_https/all
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=831f362a08a23987&resource=unknown"
x-evy-trace-listener: listener_https
x-request-id: 4360b2e1-a449-4b2a-810a-a6166535e1dd
server: cloudflare
x-trace: 2BC8DE14E27290115F02C883D02300D151C74C2932000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-b78fbd96d-5qxdk
x-evy-trace-virtual-host: all
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 831f362a08a23987-YYZ

GET
H3 200 postlisting Show response
www.avanan.com/_hcms/ 5 KB
2 KB 137ms
137ms XHR
application/json 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/_hcms/postlisting?blogId=4153530738&maxLinks=6&listingType=recent&orderByViews=false&hs-expires=1733494509&hs-version=2&hs-signature=AJ2IBuFRZgyIm8L9UiMV5T3FlmRvswxkRw&currentUrl=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/hs/hsstatic/AsyncSupport/static-1.122/js/post_listing_asset.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2de1183a6cc960087ab607946f4cc31f9d16c9871e21c2700506c769fe0fc378

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 54641719-2d7c-408d-ab34-a471f194b54a
content-encoding: br
x-envoy-upstream-service-time: 17
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 54641719-2d7c-408d-ab34-a471f194b54a
last-modified: Thu, 07 Dec 2023 19:35:24 GMT
server: cloudflare
x-trace: 2BABD8193D82CE60B72FDC7F3F4B001240F2B4CAE8000000000000000000
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VW3Fble7jMR5ywEcxncprVKlBxL3xulTh6avFSAedWnfN1n5D9UxFTrncfFbVip4RIaNG9J2%2B4ST3Dr1d6wFLaOL4LDqHCvLtSOB0%2FbK%2FytGpWkdABX78qN18EEQi4aJ"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
x-evy-trace-served-by-pod: iad02/cms-20-29-td/envoy-proxy-68d44bcc87-b5dsl
x-evy-trace-virtual-host: all
access-control-allow-credentials: false
cf-ray: 831f362a1b223905-YYZ
x-robots-tag: none

GET
H3 200 postlisting Show response
www.avanan.com/_hcms/ 7 KB
2 KB 134ms
134ms XHR
application/json 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/_hcms/postlisting?blogId=4153530738&maxLinks=6&listingType=popular_all_time&orderByViews=true&hs-expires=1733494509&hs-version=2&hs-signature=AJ2IBuGPMbYtqPpB_3Erx-EGh3toCrSeHQ&currentUrl=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/hs/hsstatic/AsyncSupport/static-1.122/js/post_listing_asset.js

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a4b92a1383a8445bd4fe352c9cfa28769e48d2bbd88899cfeec3b684edd3862

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 2c14d381-1c19-4d70-8088-b8229b33f682
content-encoding: br
x-envoy-upstream-service-time: 27
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2c14d381-1c19-4d70-8088-b8229b33f682
last-modified: Thu, 07 Dec 2023 19:35:24 GMT
server: cloudflare
x-trace: 2BE63BE86EEB9B329C8848D34DE11BF3F06AC24970000000000000000000
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=liu02CkcsRGUUgGrDuuPHTOi0lzgAZlCTf6Cp7dubNGCEhRvn7%2FEw5qws5ndiO5l34%2Berqb2ME5rquMiIFPHHI%2BMtOpGUGxqTi0sqbr9SSQF%2BUKnRIaasw5nqbwdwY15"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
x-evy-trace-served-by-pod: iad02/cms-20-29-td/envoy-proxy-68d44bcc87-jtj5w
x-evy-trace-virtual-host: all
access-control-allow-credentials: false
cf-ray: 831f362a1b273905-YYZ
x-robots-tag: none

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 87ms
41ms Script
application/javascript 104.18.130.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ea1823078c462969eaa59d6ef62623c19d77b72e25a103105b043aefaa0769a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 07 Dec 2023 19:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /EzX6ku1+i8ak28m1WuIrw==
age: 40333
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6841
x-ms-lease-status: unlocked
last-modified: Wed, 06 Dec 2023 13:01:09 GMT
server: cloudflare
etag: 0x8DBF65B6AE019D1
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: eeac1276-301e-0034-10ba-280a4b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 831f362a6cf83705-YYZ

GET
H2 200 cta-json Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 3 KB
2 KB 80ms
75ms XHR
application/json 104.19.155.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly&pageId=147462885790&pid=1835778&sv=cta-embed-js-static-1.233&utm_medium=email&rdy=1&cos=1&df=t&pg=c953fa87-efa0-494e-9947-98ffe764fcd8

Requested by

Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.155.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd7341ae1769c1caa0d2d277ced8c609a9e89d4a84084cec84ef96ede932b07e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-origin-hublet: na1
date: Thu, 07 Dec 2023 19:35:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 81f77572-2f7a-4875-a18d-c30088cbe886
content-encoding: br
x-envoy-upstream-service-time: 18
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 81f77572-2f7a-4875-a18d-c30088cbe886
server: cloudflare
x-trace: 2B6188771FE23C7E448D43187F6DDA6A9F73B00CD4000000000000000000
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.avanan.com
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-fc678f645-wsqx7
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYvRhxbE%2Fq5npvK98i38qX0idwCvus6SzrTWugDl4fp%2BMbsSNH2AOQQ00KyHQ2Z6kzCUFKaRJOygeoogs7Lz0ylSj5BHQg9y%2BfGcTFnX7lgEzvV9a4V7YJ50SC7Y4VkaEdH8CEooQiUHrgDF78A%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 831f362a38ef3987-YYZ

GET
H2 200 api Show response
www.gartner.com/reviews/ Frame 6DDC 6 KB
2 KB 119ms
118ms XHR
application/json 99.86.229.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gartner.com/reviews/api?apiKey=ZTU3MThjMWEtOTc1ZS00YzgwLWIzZGEtNDg0ODlkMDc0ODRk&paramsKey=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy
Requested by: Host: www.gartner.com
URL: https://www.gartner.com/reviews/public/Widget/js/data.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.229.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-229-18.iad79.r.cloudfront.net
Software: Apache / Express
Resource Hash: cfa3fb4e34da79495d2458277d739721419b3a2c0a4206a6bfc9a0e866ca4630

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gartner.com/reviews/public/Widget/data?widget_id=YjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy&size=large
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:24 GMT
content-encoding: gzip
via: 1.1 fed66e6ba2cb68c8ee66c75c4798daf8.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: IAD79-C3
x-powered-by: Express
etag: W/"177c-37qHscC41oGK7YIUtcdcWpIqubo:dtagent1024322060615355013ZP:dtagent1024322060615355013ZP"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
cache-control: private
server-timing: dtSInfo;desc="0", dtRpid;desc="1943242871"
x-amz-cf-id: L1REJ4evhmyhfnkDdtIJQdOy17hs8mVnAGiRbLxMv7qdsOOhypx5pg==

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 304 KB
86 KB 79ms
39ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=e54a96c91d1e4a159bbd1a3a6ee3d72a

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

bdabc041cb2fd7114647d7b429449165a450e2bf85e3c451b63d281cef26126a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
Origin: https://www.avanan.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 19:35:24 GMT
content-md5: zNqttq7AIPpUZ5VM62dhwg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87805
reporting-endpoints
x-fb-debug: 8hAB719OgP2YWf09oH9z82eht8KCgOrf1nNCK/QkNqMpNLM4XULNZWVOjCWJoIJ6atpKJK5Dk/6w37uSQk5Syw==
x-fb-content-md5: 504448aeeb354d375fbbc69b2e978ba6
cross-origin-opener-policy: same-origin-allow-popups
etag: "63c7ad5ed080f79a8b5e797089e7df30"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Fri, 06 Dec 2024 18:46:55 GMT

GET
H/1.1 200
OK widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html Show response
platform.twitter.com/widgets/ Frame 0A02 319 KB
104 KB 32ms
32ms Document
text/html 192.229.163.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fwww.avanan.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (cha/80E2) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 5094173
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Thu, 07 Dec 2023 19:35:24 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 09 Oct 2023 20:29:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (cha/80E2)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 cta-loaded.js Show response
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 0
593 B 106ms
106ms Script
application/javascript 104.19.155.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-loaded.js?pid=1835778&pg=c953fa87-efa0-494e-9947-98ffe764fcd8&lt=1701977723324&dt=1701977723325&at=1701977724594&an=1

Requested by

Host: js.hscta.net
URL: https://js.hscta.net/cta/current.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.155.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-origin-hublet: na1
date: Thu, 07 Dec 2023 19:35:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 3ef3b984-0d7c-4ae3-af09-30d337a94f26
x-envoy-upstream-service-time: 4
content-length: 0
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 3ef3b984-0d7c-4ae3-af09-30d337a94f26
last-modified: Thu, 07 Dec 2023 19:35:24 GMT
server: cloudflare
x-trace: 2BAED4F739418B7A249C064CC618F7C319D01FE7DA000000000000000000
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=awofBy5xJrlfuooNCAnZ%2BykAvxc3td1cbdC0pQI9pmL3j0DLDxDhw0UZkohpgFZuE7QZ%2FJqa9FsjqzdYdXwh9bRKc7U5DqDLMHatWgmU4SwKhIcCxTTdTZS%2Fuw4%2FRctHxjTbb7v6vq8Qt4F%2FdWw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-fc678f645-8mskj
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-robots-tag: noindex, follow
cf-ray: 831f362aca0c3987-YYZ

GET
H/1.1 200
OK counters.gif
perf.hsforms.com/embed/v3/ 35 B
1 KB 130ms
86ms Image
image/gif 104.17.207.249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-json-success&value=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.17.207.249 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 19:35:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 48a8f6b6-cdc5-4a73-bd6a-4c2fa0476ab5
x-envoy-upstream-service-time: 4
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 48a8f6b6-cdc5-4a73-bd6a-4c2fa0476ab5
Last-Modified: Thu, 07 Dec 2023 19:35:24 GMT
Server: cloudflare
X-Trace: 2B1770664643920561ACFD411A19737F7412F92F98000000000000000000
Vary: origin, Accept-Encoding
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-fc678f645-49z2w
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
X-Robots-Tag: none
CF-RAY: 831f362b0e64a222-YYZ

GET
H/1.1 200
OK counters.gif
perf.hsforms.com/embed/v3/ 35 B
1 KB 124ms
84ms Image
image/gif 104.17.207.249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-render-success&value=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

104.17.207.249 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 19:35:24 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: b8cfc08e-b887-4b59-aa68-d536bb5458fa
x-envoy-upstream-service-time: 11
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b8cfc08e-b887-4b59-aa68-d536bb5458fa
Last-Modified: Thu, 07 Dec 2023 19:35:24 GMT
Server: cloudflare
X-Trace: 2B1A0F760A95DBB05AE7BCBAF3E319F3FC550A7654000000000000000000
Vary: origin, Accept-Encoding
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-fc678f645-wsqx7
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
X-Robots-Tag: none
CF-RAY: 831f362b1e7636d2-YYZ

GET
H2 200 52127f8b-58c8-43a1-aff0-3c29a26e76d8-test.json Show response
cdn.cookielaw.org/consent/52127f8b-58c8-43a1-aff0-3c29a26e76d8-test/ 5 KB
2 KB 179ms
139ms XHR
application/x-javascript 104.18.130.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/52127f8b-58c8-43a1-aff0-3c29a26e76d8-test/52127f8b-58c8-43a1-aff0-3c29a26e76d8-test.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2f85bc03d72fdd58ac7fb2cb580914b4679bcf8c99533ba20743ee73d0e28ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 07 Dec 2023 19:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: zW+nmlOpfOHASPspd29pVQ==
content-length: 1806
x-ms-lease-status: unlocked
last-modified: Wed, 27 Sep 2023 17:33:01 GMT
server: cloudflare
etag: 0x8DBBF7FCC4B93BF
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 08c444fb-301e-00a2-4a44-29039a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 831f362b4ddb3700-YYZ

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 113 B
1 KB 119ms
71ms XHR
application/json 104.17.203.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=1835778

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.203.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

626e534b9a811f60a8aa88e463a0ffa75ea4d8ba7510ed6a15c267becf680394

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: ed99ff3d-f37f-4e02-84af-e7d251fe5082
content-encoding: br
x-envoy-upstream-service-time: 6
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ed99ff3d-f37f-4e02-84af-e7d251fe5082
server: cloudflare
x-trace: 2B14A1D94B6D23F75D05D01BE2C26464F0DF27B0DC000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.avanan.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-6ffdd984b9-99fwv
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GkO6mf481F3WoWZaV1l8gvD1L%2FIJsF80oRfO619t7qo1RxCusXkIP8gtA7ViDZ1Zm2KWCTfl8p8wQm2TUlQpSH%2F21QUvsmu1m5deGBgNOZR4srZu%2BTQ4hHUmroNt97MK"}],"group":"cf-nel","max_age":604800}
cf-ray: 831f362b6f1536cc-YYZ
access-control-allow-headers: *

GET
H3 200 4-Reasons-Microsoft-Safe-Links-Make-Office-365-Less-Safe-Featured.png
www.avanan.com/hubfs/website/img/blog/featured/ 13 KB
15 KB 87ms
86ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avanan.com/hubfs/website/img/blog/featured/4-Reasons-Microsoft-Safe-Links-Make-Office-365-Less-Safe-Featured.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4212a717b8d61a5ee679e86faef6b912c275aac5508f97350dac01bede075100

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-11280554758,FD-11279853394,P-1835778,FLS-ALL
age: 273902
x-amz-request-id: EVTCDNY7AJS0BHTD
edge-cache-tag: F-11280554758,FD-11279853394,P-1835778,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="4-Reasons-Microsoft-Safe-Links-Make-Office-365-Less-Safe-Featured.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "477b6391512f284fdb1b9be9e024d97f"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Thu, 07 Dec 2023 19:35:24 GMT
strict-transport-security: max-age=31536000
via: 1.1 b46ea00af935bf6290d93c76c66e0c8e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: ydaMoVEI3EqauKaA9V2_DbfLmkZ4PelZ
x-amz-cf-pop: YUL62-P2
cf-polished: origFmt=png, origSize=14729
x-cache: RefreshHit from cloudfront
cache-tag: F-11280554758,FD-11279853394,P-1835778,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 13698
x-amz-id-2: A/BznpTGMUQ7Od7JXP3PKkZHztegOwhfEZE28OQF/96uVN26Vc+3LnIKAejBxoJNlqu3wTj0oSc=
last-modified: Mon, 15 Jul 2019 15:27:08 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oqejvluCchJWHRHOTTlCi0MBGh2uEym%2BhiCf8FNtSopzyOnO7zkFzqNjAGrmDJX%2BR3B6AJgboPQ0dPkPppSNxt7y2W9UAz%2F%2BQ9WReyFCItSVk%2FGICVIlU1CGnXeaRpNU"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 831f362b1df23905-YYZ
x-amz-cf-id: Xt2vZffSl2PKC6CSJOSFkIueU0aouenTIU3GYPqBK-ZfdQYSInp8yQ==

GET
H3 200 Watch-Out-for-HTML-Attachments-the-Latest-Phishing-Trend-Targeting-Office-365-Featured.png
www.avanan.com/hubfs/website/img/blog/featured/ 6 KB
7 KB 77ms
75ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avanan.com/hubfs/website/img/blog/featured/Watch-Out-for-HTML-Attachments-the-Latest-Phishing-Trend-Targeting-Office-365-Featured.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

634cd6856c830752abf4b33133617045f344d5713d8fa567269172ed76d1cac3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-11279853502,FD-11279853394,P-1835778,FLS-ALL
age: 626629
x-amz-request-id: 5B4WXJK4KGMKVWVX
edge-cache-tag: F-11279853502,FD-11279853394,P-1835778,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="Watch-Out-for-HTML-Attachments-the-Latest-Phishing-Trend-Targeting-Office-365-Featured.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "8125afc7f8e4f6afcb3215c0f0838e9f"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Thu, 07 Dec 2023 19:35:24 GMT
strict-transport-security: max-age=31536000
via: 1.1 2abaa6585800272f03e152fa41c7b7b6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: yOBXxHcQhK5AkB0oyxYBslCmMPyxVN5L
x-amz-cf-pop: YTO50-C2
cf-polished: origFmt=png, origSize=7014
x-cache: RefreshHit from cloudfront
cache-tag: F-11279853502,FD-11279853394,P-1835778,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 5920
x-amz-id-2: ml8GVPNIkf5nE9vq2MmbIAy4liSu4bHmZlGGf+mPsHKnP67hwgUEWRQlt/V+WQ0TasnJrpcC/X0=
last-modified: Mon, 15 Jul 2019 15:09:16 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fjOujJT65ooNMeyS968lqq7qYZ1fhYXgYb1QUoaGwhFPhFRkbTR1DA1PJ1SdKDBl7qzhRK27fXmy%2Fsl%2FGmlbMsX3%2FnyveWxVc2U4q4bDV3rMWVtfcileYcY5%2FPzBhuJ%2F"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 831f362b1df53905-YYZ
x-amz-cf-id: iIspv-1R-J9uoCf2wM71qfP7iEL5ukIg_duORCVGXU9KyncymzRkYQ==

GET
H3 200 Mimecast-vs-Proofpoint-Why-They-Cant-Secure-Office-365-and-Gmail-Part-1-Featured.png
www.avanan.com/hubfs/website/img/blog/featured/ 10 KB
12 KB 78ms
77ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avanan.com/hubfs/website/img/blog/featured/Mimecast-vs-Proofpoint-Why-They-Cant-Secure-Office-365-and-Gmail-Part-1-Featured.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

54ff1ebf4247ecd1fdefdd027b695c8eca043b8987861f9edd37fee6ccceb2ef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-11280371673,FD-11279853394,P-1835778,FLS-ALL
age: 704405
x-amz-request-id: 6EY0MW70P1CFP4HX
edge-cache-tag: F-11280371673,FD-11279853394,P-1835778,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="Mimecast-vs-Proofpoint-Why-They-Cant-Secure-Office-365-and-Gmail-Part-1-Featured.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "b6aafb5047af62538589406b53694ac6"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Thu, 07 Dec 2023 19:35:24 GMT
strict-transport-security: max-age=31536000
via: 1.1 28caf939f09e299fca65caaa905d46ba.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: N_MnPa4GyRrx42wIuC2oH5cUB01QyWa3
x-amz-cf-pop: YTO50-C2
cf-polished: origFmt=png, origSize=12541
x-cache: Miss from cloudfront
cache-tag: F-11280371673,FD-11279853394,P-1835778,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 10722
x-amz-id-2: gFyDZUSl1J2vKH8GCBVutdgJph01a7xeYJhFl/f18tZFXefgJKIaBSiSuVFFmW6+nOkG2mwuNe8=
last-modified: Mon, 15 Jul 2019 15:29:14 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rTIIlHAhG2GgxMJmVJgnOYRPyWPK3gHuuh5W2Ynz%2BSWoUpA6Vg8510EQ0uDdG2mUY5Xd2jdg3XD414h9Uh4MMqSI8mbLQWlsSULCxNGqnEXK%2FmBUqM7XS8ufJPuMYqIz"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 831f362b1df63905-YYZ
x-amz-cf-id: Tfc75Wr42vvlGTZSNGJMyRDP67-3aiaOG5BZ9fxLv_xUNTj-vNYSSA==

GET
H3 200 Why-Multi-Factor-Authentication-Isnt-Foolproof-Featured.png
www.avanan.com/hubfs/website/img/blog/featured/ 10 KB
11 KB 85ms
84ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avanan.com/hubfs/website/img/blog/featured/Why-Multi-Factor-Authentication-Isnt-Foolproof-Featured.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

46891f1a0d9fc55b4650e10dbdc598a5269f19fdbd69305f8b8d1cd360b49f8d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-11288678777,FD-11279853394,P-1835778,FLS-ALL
age: 273902
x-amz-request-id: ZVTHPZVNQJ55139R
edge-cache-tag: F-11288678777,FD-11279853394,P-1835778,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="Why-Multi-Factor-Authentication-Isnt-Foolproof-Featured.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "bca56f3cf898c1b6593fb7ed155d1c49"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Thu, 07 Dec 2023 19:35:24 GMT
strict-transport-security: max-age=31536000
via: 1.1 b9608c5d714fa42feebf61497cac7bd4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: FviQOCsHbLeXzaUcA2EbVpPC3vT_wGWu
x-amz-cf-pop: YUL62-P2
cf-polished: origFmt=png, origSize=11848
x-cache: Miss from cloudfront
cache-tag: F-11288678777,FD-11279853394,P-1835778,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 10258
x-amz-id-2: R4NVY5XaMudybi3x7m6G2iNkbCOjZWM7OuXj8S6rM5hlceigQqGhmW2ZuElwDWAZSipQ79Oj/Fc=
last-modified: Mon, 15 Jul 2019 19:24:10 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UCzj%2F0lqdWipPYxP8OC%2F6KbjCaOS0B2g94%2BygDUawZEtNfTlB%2F4ChbFtD%2FNIoqbxyczY2skPBXx5t0C7SCC6cUCIe4Xo%2F1mWQ4nb8btWyMic%2BjpA6UKJsb0WhT3HV3fb"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 831f362b1df73905-YYZ
x-amz-cf-id: ntY7-JYv2aY4WEqliEspde49SUzUOoi10OfPqXXRf2C0SmET8PhOPQ==

GET
H3 200 baseStriker-Office-365-Security-Fails-To-Secure-100-Million-Email-Users-Featured.png
www.avanan.com/hubfs/website/img/blog/featured/ 5 KB
6 KB 65ms
65ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avanan.com/hubfs/website/img/blog/featured/baseStriker-Office-365-Security-Fails-To-Secure-100-Million-Email-Users-Featured.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fbecdde63cefbeb511fc193ff653cf649ce9a2a9a120316d40f20b809afb647

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-11280371233,FD-11279853394,P-1835778,FLS-ALL
age: 273902
x-amz-request-id: ZVTP22M2XD81HZJG
edge-cache-tag: F-11280371233,FD-11279853394,P-1835778,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="baseStriker-Office-365-Security-Fails-To-Secure-100-Million-Email-Users-Featured.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "fc3f83b4e407e381c43aab80d24ea1d4"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Thu, 07 Dec 2023 19:35:24 GMT
strict-transport-security: max-age=31536000
via: 1.1 7d7c52d1848969f2077d9502aa06f40e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: G5ELs3jKBLJmOK8DWOt6WhtX3JSMSxSz
x-amz-cf-pop: YUL62-P2
cf-polished: origFmt=png, origSize=7128
x-cache: Miss from cloudfront
cache-tag: F-11280371233,FD-11279853394,P-1835778,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 5408
x-amz-id-2: 9SeQ6r4JVxDX3nPyWbmIFFTW8QATPisn9EK9pqmWxqxZP5hf1fEaaxCmDOyICGLoCYVg+s3/TWQ=
last-modified: Mon, 15 Jul 2019 15:25:56 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SiPj2drMFjk5UQbl1Kh1aIVVM5%2BRjWOMmlj4IrgMZcIdyJDhazsfQVAHzVrPeR7lGCVwuXe3fpVa5SlRxFz9vuuxw2qHzh6kHTvedMt32CqQ272vGQ5ATxerfR9LXWr1"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 831f362b1df83905-YYZ
x-amz-cf-id: bsuaqDYG7F-0-a2XYwEY1wKpXVfbOGrSDy7aG6SsKAWL41VFZdwy5g==

GET
H3 200 Widespread-Attack-on-Office-365-Corporate-Users-with-Zero-day-Ransomware-Virus-Featured.png
www.avanan.com/hubfs/website/img/blog/featured/ 8 KB
9 KB 82ms
81ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avanan.com/hubfs/website/img/blog/featured/Widespread-Attack-on-Office-365-Corporate-Users-with-Zero-day-Ransomware-Virus-Featured.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f268614e7be44fc18dbfa5350bfeea8539258da4830ef728c56e05bf62f46b57

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-11280052410,FD-11279853394,P-1835778,FLS-ALL
age: 704405
x-amz-request-id: 9NX3ZFJWVZ4T2BPZ
edge-cache-tag: F-11280052410,FD-11279853394,P-1835778,FLS-ALL
x-hs-https-only: worker
content-disposition: inline; filename="Widespread-Attack-on-Office-365-Corporate-Users-with-Zero-day-Ransomware-Virus-Featured.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "548590285b53aff019e25f9f13cb06ea"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Thu, 07 Dec 2023 19:35:24 GMT
strict-transport-security: max-age=31536000
via: 1.1 70853fab189cfb8c99abfcbca0e10266.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 2lJpL73VoPYJGYmEK4csso3aWzFV5e03
x-amz-cf-pop: YTO50-C2
cf-polished: origFmt=png, origSize=9877
x-cache: RefreshHit from cloudfront
cache-tag: F-11280052410,FD-11279853394,P-1835778,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 8328
x-amz-id-2: 5jCe7a5hTLTU8aWFMchLvE2mT/7D7Lixo5ubNHfCV1X7m63wl0ULuprkotD+UTHtf/v+6z/lLny7gialaYIlvg==
last-modified: Mon, 15 Jul 2019 15:28:27 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1MBN4G9LGEtCRSEo37pQH%2Fql%2BUgIgnnz7F4tjM1s1GNvD%2BMET5ySYELwYY%2FdfPCaeO2%2FFtwyzArm16hnCuT4%2F%2F5pYCjmkPbojDjVbvMlS7ylpbmzLjbhqSsvHqG5zx9O"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 831f362b1dfa3905-YYZ
x-amz-cf-id: TeIlgHU207YjnV_EHnp6WNHhaSPcSgoNGSdJ0osCVfCsACWHYX8cjg==

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 0A02 870 B
658 B 176ms
62ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=3869b0c3883d61ef628530085c42e798d5241e0b

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fwww.avanan.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-response-time: 6
date: Thu, 07 Dec 2023 19:35:24 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Thu, 07 Dec 2023 19:35:24 GMT
server: tsa_b
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 9634ac54547fad5e
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 1446da2f6d4e67ea8a93dc8f4d275f09cfe9b428dd5c80af3c4509311acc51df
content-length: 338

GET
H2 200 logo-bubble-white-bg-2x-min.png
reviews.static.gartner.com/public/Widget/img/ 2 KB
3 KB 101ms
31ms Image
image/png 13.225.195.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://reviews.static.gartner.com/public/Widget/img/logo-bubble-white-bg-2x-min.png
Requested by: Host: www.gartner.com
URL: https://www.gartner.com/reviews/public/Widget/css/widget.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.195.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-48.yul62.r.cloudfront.net
Software: Apache / Express
Resource Hash: b59a0404929cf4a3ad1cbd9c2ffaaff3f8c2e838a70867c1de2dfddc5a2b2f91

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gartner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 14:36:37 GMT
via: 1.1 36310ef8e99083d179b2b187554670de.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 09:24:54 GMT
server: Apache
x-amz-cf-pop: YUL62-C1
age: 190727
x-powered-by: Express
etag: W/"923-18c34251270"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 2339
x-amz-cf-id: 3oNJ5i4mDghZ9yKvR-Utl07gGpXoC_7nPCcvr-bdzw1pw3l0cGsgKA==

GET
H2 200 stars.png
reviews.static.gartner.com/public/Widget/img/ 1 KB
2 KB 99ms
30ms Image
image/png 13.225.195.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://reviews.static.gartner.com/public/Widget/img/stars.png
Requested by: Host: www.gartner.com
URL: https://www.gartner.com/reviews/public/Widget/css/widget.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.195.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-48.yul62.r.cloudfront.net
Software: Apache / Express
Resource Hash: 22cecf5526a9a6a3c3d49dea18b28fd902a5a2bec155a04a7c21bb654b9ec0c9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gartner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 14:09:13 GMT
via: 1.1 36310ef8e99083d179b2b187554670de.cloudfront.net (CloudFront)
last-modified: Fri, 24 Nov 2023 07:27:25 GMT
server: Apache
x-amz-cf-pop: YUL62-C1
age: 710771
x-powered-by: Express
etag: W/"4f5-18c0039eb48"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 1269
x-amz-cf-id: 5wwYrDQL6ogbiq74hksAa9BaX64w4CkWMYpopHtzf6K5RCUDzXm28Q==

GET
H2 200 chevron-right.png
reviews.static.gartner.com/public/Widget/img/ 217 B
575 B 97ms
29ms Image
image/png 13.225.195.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://reviews.static.gartner.com/public/Widget/img/chevron-right.png
Requested by: Host: www.gartner.com
URL: https://www.gartner.com/reviews/public/Widget/css/widget.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.195.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-48.yul62.r.cloudfront.net
Software: Apache / Express
Resource Hash: f75e7361bbcda225d800dd06644f99253ae2cf5ab6a0e47ff7967474e7afb4a6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.gartner.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 17:42:35 GMT
via: 1.1 36310ef8e99083d179b2b187554670de.cloudfront.net (CloudFront)
last-modified: Fri, 24 Nov 2023 07:27:25 GMT
server: Apache
x-amz-cf-pop: YUL62-C1
age: 1043569
x-powered-by: Express
etag: W/"d9-18c0039eb48"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 217
x-amz-cf-id: gdagtL9tAUT9TFHT5nZwpExU7fFWtfQG-Hmln1NUNknGph2S3W1Hcg==

GET
DATA 200
OK truncated
/ 36 KB
36 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a2f15820ffe7ec552c256f18b8cd6485618d23a5648f535992e5c6928a542b7

Request headers

Referer
Origin: https://www.avanan.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: font/woff2

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
856 B 144ms
43ms Script
application/javascript 23.218.218.181
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.218.181 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-218-181.deploy.static.akamaitechnologies.com

Software

Resource Hash

ecf9967a9685eff0fdc0555125aeb40dc81a85c8de18c48c2a705132ef6129bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 316
date: Thu, 07 Dec 2023 19:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 07 Dec 2023 10:28:06 GMT
x-cdn: AKAM
x-edgeconnect-midmile-rtt: 0
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=53563
accept-ranges: bytes
content-length: 595

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 68 B
306 B 340ms
41ms XHR
application/json 104.18.32.137
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.32.137 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a1309d2ccff026ab4dcf050977befc877505115e4777e240fa328b1781c63ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 831f362e0c683739-YYZ
access-control-allow-headers: Content-Type

GET
H/1.1 200
OK button.13c48d2966337fafa1c1eb5533fdf29d.js Show response
platform.twitter.com/js/ 8 KB
3 KB 33ms
32ms Script
application/javascript 192.229.163.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.13c48d2966337fafa1c1eb5533fdf29d.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (cha/818F) /
Resource Hash: fbb613590ab06b8838cad9193caa3797b2fb582dd88a444a1afe2424754d97ca

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 19:35:24 GMT
Content-Encoding: gzip
Age: 5094171
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2617
Last-Modified: Mon, 09 Oct 2023 20:29:15 GMT
Server: ECS (cha/818F)
Etag: "def6f3052007521ae22a38b870dfd318+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK tweet_button.d37472b4a6622d0b1fff46ad904f6896.en.html Show response
platform.twitter.com/widgets/ Frame 48D5 34 KB
13 KB 37ms
32ms Document
text/html 192.229.163.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.d37472b4a6622d0b1fff46ad904f6896.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (cha/818F) /
Resource Hash: 856377fde78e4bdc57703db6457f6e243db704c135a4829e1951185173cec9b7

Request headers

Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 5094171
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 12585
Content-Type: text/html; charset=utf-8
Date: Thu, 07 Dec 2023 19:35:24 GMT
Etag: "8c8e58156094069be7351386d79afb40+gzip"
Last-Modified: Mon, 09 Oct 2023 20:29:17 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (cha/818F)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H/1.1 200
OK tweet_button.d37472b4a6622d0b1fff46ad904f6896.en.html Show response
platform.twitter.com/widgets/ Frame 9C33 34 KB
13 KB 69ms
32ms Document
text/html 192.229.163.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.d37472b4a6622d0b1fff46ad904f6896.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (cha/818F) /
Resource Hash: 856377fde78e4bdc57703db6457f6e243db704c135a4829e1951185173cec9b7

Request headers

Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 5094171
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 12585
Content-Type: text/html; charset=utf-8
Date: Thu, 07 Dec 2023 19:35:24 GMT
Etag: "8c8e58156094069be7351386d79afb40+gzip"
Last-Modified: Mon, 09 Oct 2023 20:29:17 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (cha/818F)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
92 B 65ms
62ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22AvananSecurity%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1701977724902%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2201917f4d1d4cb%3A1696883169554%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=3869b0c3883d61ef628530085c42e798d5241e0b

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-response-time: 6
date: Thu, 07 Dec 2023 19:35:24 GMT
strict-transport-security: max-age=631138519
last-modified: Thu, 07 Dec 2023 19:35:24 GMT
server: tsa_b
vary: Origin
content-type: image/gif
x-transaction-id: 3d2fadbe25a8c3ef
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: 1446da2f6d4e67ea8a93dc8f4d275f09cfe9b428dd5c80af3c4509311acc51df
content-length: 43

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
103 B 61ms
61ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22AvananSecurity%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1701977724903%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%2201917f4d1d4cb%3A1696883169554%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=3869b0c3883d61ef628530085c42e798d5241e0b

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-response-time: 5
date: Thu, 07 Dec 2023 19:35:24 GMT
strict-transport-security: max-age=631138519
last-modified: Thu, 07 Dec 2023 19:35:24 GMT
server: tsa_b
vary: Origin
content-type: image/gif
x-transaction-id: 5ef70ac636a7f60b
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: 1446da2f6d4e67ea8a93dc8f4d275f09cfe9b428dd5c80af3c4509311acc51df
content-length: 43

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 31 KB
12 KB 48ms
48ms Script
application/javascript 23.218.218.181
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.218.181 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-218-181.deploy.static.akamaitechnologies.com

Software

Resource Hash

15838004d5e196b563a00a0ba16ce432fed6deb3dd4fab7122601f2c4f41560a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Dec 2023 13:47:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=39815
accept-ranges: bytes
content-length: 12150

GET
DATA 200
OK truncated
/ Frame 48D5 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=110528&time=1701977724969&url=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2A...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=110528&time=1701977724969&url=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2A...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D110528%26time%3D1701977724969%26url%3Dhttps%253A%252F%252Fwww.avanan.com%252Fblog...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=110528&time=1701977724969&url=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2A...

0
397 B

64ms
64ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=110528&time=1701977724969&url=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&cookiesTest=true&liSync=true
Requested by: Host: www.avanan.com
URL: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:24 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 7018D767478040088BC8CE16D5D35696 Ref B: CHGEDGE1011 Ref C: 2023-12-07T19:35:25Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYL8JG7mGZEi4hU3q/HHw==

Redirect headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com; script-src 'report-sample' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-wy4DvlEW9PHPIGvQJW6Wv4woBSa/0LJHs8LHsBVVXCs=' 'sha256-065A0cJTDQ+hyKvufSL/flW02hIbgLndOINLRWux6To=' 'sha256-Ga5SLB8hPdWUE8Wb6LgZ05D9Z5vrdLAaPbDBW2m3BI8=' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com snap.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=default
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 19:35:24 GMT
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAYL8JG6fGPENP5znzf4yw==
pragma: no-cache
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 447BEBDB25E94A9FB204EF88ECD77300 Ref B: CHGEDGE1011 Ref C: 2023-12-07T19:35:25Z
x-frame-options: sameorigin
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=110528&time=1701977724969&url=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&cookiesTest=true&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 9C33 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202308.2.0/ 421 KB
101 KB 58ms
58ms Script
application/javascript 104.18.130.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202308.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee39d0cbc9e9cd88b7dac8ebca680b89e8879081f855152f21772c7834474437

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 07 Dec 2023 19:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: B7RJGeSCnZZuAb1NQkB81w==
age: 31300
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 103637
x-ms-lease-status: unlocked
last-modified: Wed, 20 Sep 2023 06:26:02 GMT
server: cloudflare
etag: 0x8DBB9A2763B37CA
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 370b2d5d-e01e-0045-3ee5-1dec60000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 831f362e4bb53705-YYZ

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/52127f8b-58c8-43a1-aff0-3c29a26e76d8-test/9995d05d-866d-4909-81dd-446d69a173ac/ 95 KB
20 KB 119ms
119ms Fetch
application/x-javascript 104.18.130.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/52127f8b-58c8-43a1-aff0-3c29a26e76d8-test/9995d05d-866d-4909-81dd-446d69a173ac/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad66b40ac6fb0451baa6f252864ee213eb292767fe47d1cfc08656ba5b64e1c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 07 Dec 2023 19:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: pCQHbcaD3ojQOlHiOLzeTw==
content-length: 19837
x-ms-lease-status: unlocked
last-modified: Wed, 27 Sep 2023 17:32:56 GMT
server: cloudflare
etag: 0x8DBBF7FC9B25E29
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: d1e79a4b-301e-0069-3644-2900cf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 831f362f0d053700-YYZ

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
195 B 71ms
70ms XHR
text/plain 13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 07 Dec 2023 19:35:25 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 9A257285AC804F3A9A65672F5C5D0B5F Ref B: CHGEDGE1011 Ref C: 2023-12-07T19:35:25Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
access-control-allow-origin: https://www.avanan.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYL8JG8rF9xQZbBNte9OA==

GET
H2 200 insent Show response
checkpointsoftwaretechnologiesincavanan.widget.insent.ai/ 80 KB
23 KB 120ms
33ms Script
binary/octet-stream 13.225.195.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/insent
Requested by: Host: www.avanan.com
URL: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.195.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-49.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0e96c0f51eb10934d2022f7d30dbeaf05f748f85d32dfe71711f2dbb21621d8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: Do3I7W1ZAWXrXjTz8nc5rLMLlRnTeriu
content-encoding: gzip
via: 1.1 9e25cde80ebbb4b50393d0f96c5d8e2e.cloudfront.net (CloudFront)
date: Thu, 07 Dec 2023 06:48:49 GMT
last-modified: Wed, 18 Oct 2023 08:56:44 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C1
age: 46130
etag: "6c640d0008fb2a23a0ff942202f8657c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: binary/octet-stream
content-length: 23142
x-amz-cf-id: fnTEcOe8detltsuGm0idEKPWC-sWH8KfGsT2d-zbrAOkrRSkM77Ulg==

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
503 B 96ms
91ms Image
image/gif 104.19.155.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1435985357&v=1.1&a=1835778&pi=147462885790&ct=blog-post&ccu=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly&cpi=147462885790&cgi=4153530738&lpi=147462885790&lvi=147462885790&lvc=en-us&pu=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&t=Phishing+via+Genial.ly&cts=1701977725361&vi=ca9d137359014ef346a276be0c1e860f&nc=true&u=23485541.ca9d137359014ef346a276be0c1e860f.1701977725358.1701977725358.1701977725358.1&b=23485541.1.1701977725358&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.155.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: a8878904-1f22-4dc1-a55c-0a81e7b413c1
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 12
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a8878904-1f22-4dc1-a55c-0a81e7b413c1
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bDi5sENieXNxRWZAiFJFWC1HQBx59M9qrXLWD4VeF8LJUeIDEKdbfKg2k2Nk2qQ30ECRqjS709Myy1%2F6k4T3saqPTnFvtzmzLxtFfbQE6uwaGO5Vp1M700yJuoHiGalsVCsg"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7556df69f8-btqjb
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 831f362f9b7e3987-YYZ
x-robots-tag: none

GET
H3 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
667 B 97ms
75ms Image
image/gif 104.17.207.249
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=cta-with-analytics&value=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.207.249 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 0f308ba5-e56d-4460-90d9-aa03ad00dc8d
x-envoy-upstream-service-time: 16
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 0f308ba5-e56d-4460-90d9-aa03ad00dc8d
last-modified: Thu, 07 Dec 2023 19:35:25 GMT
server: cloudflare
x-trace: 2BC222320CC3A02779EDC6AF02A195ADCBA70409AF000000000000000000
vary: origin, Accept-Encoding
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-fc678f645-8mskj
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 831f362fbc5ca214-YYZ

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
586 B 81ms
77ms Image
image/gif 104.19.155.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%22c953fa87-efa0-494e-9947-98ffe764fcd8%22%2C%22456f8fc2-2a2d-451b-be42-2ab5d22687fa%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1435985357&v=1.1&a=1835778&pi=147462885790&ct=blog-post&ccu=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly&cpi=147462885790&cgi=4153530738&lpi=147462885790&lvi=147462885790&lvc=en-us&pu=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&t=Phishing+via+Genial.ly&cts=1701977725363&vi=ca9d137359014ef346a276be0c1e860f&nc=true&u=23485541.ca9d137359014ef346a276be0c1e860f.1701977725358.1701977725358.1701977725358.1&b=23485541.1.1701977725358&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.155.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 16175c97-81a9-4af9-b772-f59326e3bab0
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 7
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 16175c97-81a9-4af9-b772-f59326e3bab0
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJIYTPKmSGUfyUKiNydFro0nO4K5GUXxQT%2Bdz7IE33Vsic064uC%2B%2BWrJapk9t9sJh%2B%2F%2Fw%2BXmQDOPDhTAbEdm%2BLTxCyn%2Fw5xjtJsTq%2BTbcT3oUZp47O0Zg4XI6tD1IFqCWwRx"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7556df69f8-btqjb
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 831f362f9b773987-YYZ
x-robots-tag: none

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame D8BF 49 KB
16 KB 228ms
149ms Document
text/html 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df11b6842f417ab8%26domain%3Dwww.avanan.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.avanan.com%252Ffff95c1edb808%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&width=120

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=e54a96c91d1e4a159bbd1a3a6ee3d72a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

Resource Hash

76b6d9d89c4ffb10d1736eaaf3b291ba5e2df2edbfe5c2a9f67e2f1b26ce1103

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 19:35:25 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gamepad=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: yxnGIAbc7VJsLbtvuQsyWuC2ELoONVmwPd4UsZ/9MzNEg6EF2myuhXXYerVd4yqmzEEX1cvAh1ExN7qUfu3OnA==
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame E6FB 49 KB
18 KB 207ms
130ms Document
text/html 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2d667ae185155%26domain%3Dwww.avanan.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.avanan.com%252Ffff95c1edb808%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&width=120

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=e54a96c91d1e4a159bbd1a3a6ee3d72a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

Resource Hash

2e6c61d75d277c4660f51b39166f980d9dfd28d3adffe295e38eca13115bb6c5

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 19:35:25 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gamepad=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: X15pWCrqklVezsDuotJKRcjt10qkWe3HLx21LvWSefrY1mj7aGI0cTG+iSTRg3UI/Rn6CFZHhCX5KdCSxu3sJQ==
x-xss-protection: 0

GET
H2 200 otFloatingRounded.json Show response
cdn.cookielaw.org/scripttemplates/202308.2.0/assets/ 10 KB
3 KB 52ms
50ms Fetch
application/json 104.18.130.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202308.2.0/assets/otFloatingRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef072b9ae1b3c29f94781c86bcdfdb71c1e06bbc7a2f05bc65dcfa2eefdde02c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 07 Dec 2023 19:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JBYz6y0YLdPMjkmPCHT4iQ==
age: 81070
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2644
x-ms-lease-status: unlocked
last-modified: Wed, 20 Sep 2023 06:25:55 GMT
server: cloudflare
etag: 0x8DBB9A271F46AFD
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 5a0995de-c01e-007d-55ce-1248a0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 831f362feeb93700-YYZ

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202308.2.0/assets/v2/ 62 KB
13 KB 34ms
33ms Fetch
application/json 104.18.130.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202308.2.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b0a210e89ac35b54a9b4ccb0336ea91c561e6dc5f8bda49574da98d40799c6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 07 Dec 2023 19:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 3yHA5F3oKJDlMPXEHc+wYA==
age: 81070
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12708
x-ms-lease-status: unlocked
last-modified: Wed, 20 Sep 2023 06:25:57 GMT
server: cloudflare
etag: 0x8DBB9A2735C2A8F
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: e193fcb3-801e-00a7-61a0-22d141000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 831f362feebd3700-YYZ

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202308.2.0/assets/ 21 KB
4 KB 38ms
38ms Fetch
text/css 104.18.130.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202308.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 07 Dec 2023 19:35:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
age: 81070
x-ms-lease-status: unlocked
last-modified: Wed, 20 Sep 2023 06:26:05 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: aeee3574-701e-008c-67c4-0d518d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 831f362feec03700-YYZ

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
90 KB 54ms
53ms Script
application/javascript 172.253.63.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-48VXKGDGCV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

ebcb71e35f523aa334ba5a5932cbb0f578575498dec963b1e707cf73588ada35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92303
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Dec 2023 19:35:25 GMT

GET
H2 200 e1efa08e-e135-4766-9e10-b54f0663900a.js Show response
j.6sc.co/j/ 4 KB
2 KB 1201ms
95ms Script
application/javascript 23.196.3.196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://j.6sc.co/j/e1efa08e-e135-4766-9e10-b54f0663900a.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.3.196 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-196-3-196.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: fe1d77182f48fdeb7d27527565f4c8d2b598af1077cbc5aa5add9fa6adc10245

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: pW4IebgOIKuZbCmTyEksxeIapWQKxcdM
content-encoding: gzip
date: Thu, 07 Dec 2023 19:35:26 GMT
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256
x-amz-meta-content-type: application/json
content-length: 1178
pragma: no-cache
last-modified: Fri, 19 May 2023 18:18:46 GMT
server: AmazonS3
etag: "6034df01e873fa0ea3a670daa3807be5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
x-amz-cf-id: gGtjW3xeYqeZTneUh2JH59TgkG6tIKBFiiN2CzNSMrdNLNK-AalysQ==
expires: Thu, 07 Dec 2023 19:35:26 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
856 B 43ms
43ms Script
application/javascript 23.218.218.181
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.218.181 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-218-181.deploy.static.akamaitechnologies.com

Software

Resource Hash

ecf9967a9685eff0fdc0555125aeb40dc81a85c8de18c48c2a705132ef6129bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 316
date: Thu, 07 Dec 2023 19:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 07 Dec 2023 10:28:06 GMT
x-cdn: AKAM
x-edgeconnect-midmile-rtt: 0
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=53562
accept-ranges: bytes
content-length: 595

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 103ms
37ms Script
application/javascript 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 07 Dec 2023 19:35:25 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 351377FBD40D4071854CE0045223CB45 Ref B: CHGEDGE0905 Ref C: 2023-12-07T19:35:25Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/881234066/ 3 KB
2 KB 132ms
52ms Script
text/javascript 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/881234066/?random=1701977725430&cv=11&fst=1701977725430&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v79081916&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&hn=www.googleadservices.com&frm=0&tiba=Phishing%20via%20Genial.ly&auid=1721440754.1701977724&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

cafe /

Resource Hash

c02a3feb9b743cf424302673d859e4739d66aef603f09a33a5218853233e13b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 19:35:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1430
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hotjar-2523353.js Show response
static.hotjar.com/c/ 9 KB
4 KB 170ms
116ms Script
application/javascript 3.162.3.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2523353.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.3.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-3-99.yul62.r.cloudfront.net

Software

Resource Hash

e6e877bd62dfb52cfe869be505175efad415d9945e69cab8c350cc3a500b8161

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 19:35:25 GMT
via: 1.1 4698560343897987b5ef826f71e0fcb0.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-P2
etag: W/1d6cd425907646257193d2be222c840e
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: Va5XhcwBNQK2uLA6OUJQs51KR4hZZ-wIqgnQzrFo9xzpplBAnqJB5A==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/881234066/ 3 KB
2 KB 131ms
53ms Script
text/javascript 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/881234066/?random=1701977725434&cv=11&fst=1701977725434&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v79081916&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&hn=www.googleadservices.com&frm=0&tiba=Phishing%20via%20Genial.ly&auid=1721440754.1701977724&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

cafe /

Resource Hash

baf3f0da475506f6960642373ab75b84c5740a79ae3d30b12405b6908c9aa295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 19:35:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1430
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 39ms
38ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 07 Dec 2023 19:35:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 7EG6KzJDIZaqsVmj9VlQJby4zP3tL6aSUSXluUz1bjZ9EdScSTa91IJH2MCm8cFOTpWuh757nAcSc0pNNJPE2A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 w.js Show response
d10lpsik1i8c69.cloudfront.net/ 5 KB
3 KB 342ms
28ms Script
application/javascript 3.161.210.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by: Host: www.avanan.com
URL: https://www.avanan.com/e3t/Ctc/2H+113/ccGyW04/VWqggk58dy6XW4_rqSb6WfHrnW5NMkyh56N3P8KqQH3lYMRW7lCdLW6lZ3m2W2h9Km13f0jF-W1kkKXX2ZdfJ7W9bX7xr5xp7wWW4prkrF2Yst27W7wSM1g231HfqW2zfW4K6Xz4yvW6q5tNy6ybRryW1fVSg238l0x3VRsVQ161Qk11VnMS6X8P2mPSW4Snz2M2NNQzPW8MCy-68djlHDW7xZvHQ7KhmN7W4HpQpv7sFPpqW5k9dyv7Q_b6yW35tNGx2YLKMpN5YNmk8b4wb2W9cn7Ps7-SJqKW5bBgZb1SlBjlW1YTdXy1SbgCyVdqy6Y7tMrHRW5rwsGP4mBqNrW24hwCP8BcVwqW67-zNq93T5Fxf77g5BF04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.210.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-210-224.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:46:40 GMT
content-encoding: gzip
via: 1.1 f4979fa9d388cee1327b2a7fad0fcbfa.cloudfront.net (CloudFront)
last-modified: Fri, 02 Sep 2022 19:59:48 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-P1
age: 2926
etag: W/"dc0bbcecf2e632d9beb92f4d88b21c2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: aDF2S9o-m4LUNnFxD7KIcIZbyirfcw_pApmUU6yy8qEwH6VFNQQlZw==

GET
H/1.1 200
OK tbw_analytics_v1.0.js Show response
d26x5ounzdjojj.cloudfront.net/tbw/ 12 KB
12 KB 1101ms
31ms Script
application/javascript 3.162.7.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26x5ounzdjojj.cloudfront.net/tbw/tbw_analytics_v1.0.js?11
Requested by: Host: www.avanan.com
URL: https://www.avanan.com/e3t/Ctc/2H+113/ccGyW04/VWqggk58dy6XW4_rqSb6WfHrnW5NMkyh56N3P8KqQH3lYMRW7lCdLW6lZ3m2W2h9Km13f0jF-W1kkKXX2ZdfJ7W9bX7xr5xp7wWW4prkrF2Yst27W7wSM1g231HfqW2zfW4K6Xz4yvW6q5tNy6ybRryW1fVSg238l0x3VRsVQ161Qk11VnMS6X8P2mPSW4Snz2M2NNQzPW8MCy-68djlHDW7xZvHQ7KhmN7W4HpQpv7sFPpqW5k9dyv7Q_b6yW35tNGx2YLKMpN5YNmk8b4wb2W9cn7Ps7-SJqKW5bBgZb1SlBjlW1YTdXy1SbgCyVdqy6Y7tMrHRW5rwsGP4mBqNrW24hwCP8BcVwqW67-zNq93T5Fxf77g5BF04
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.7.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-7-181.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 09fdb2959efa7f317724a5762ad6dd73d941613bfd3764ed8be04ddbc4338b4b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 15:00:10 GMT
Via: 1.1 cd7813a109893bc5bd95f0672350e59c.cloudfront.net (CloudFront)
Last-Modified: Tue, 24 Mar 2020 04:06:51 GMT
Server: AmazonS3
X-Amz-Cf-Pop: YUL62-P2
Age: 16517
ETag: "463d5912885bbaf6257aaac2e9d8935e"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11917
X-Amz-Cf-Id: HRDoer-D5cnoJDDhnUkAmhI9s5-LZxQjuPiFlJbtRbZLDpitzDqKOg==

GET
H2 200 capterra_tracker.js Show response
ct.capterra.com/ 29 B
430 B 3197ms
70ms Script
text/javascript 34.205.220.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.capterra.com/capterra_tracker.js?vid=2117953&vkey=f73241bb49d31b9ed492b4202bbe1244

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.205.220.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-205-220-113.compute-1.amazonaws.com

Software

WEBrick/1.4.2 (Ruby/2.5.5/2019-03-15) /

Resource Hash

b521cf21eb734ff6b687aef8f56b3ab1be44709262716e6817b1898bbc2b986d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-runtime: 0.012067
date: Thu, 07 Dec 2023 19:35:28 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
server: WEBrick/1.4.2 (Ruby/2.5.5/2019-03-15)
etag: W/"b521cf21eb734ff6b687aef8f56b3ab1"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
content-length: 29
x-xss-protection: 1; mode=block
x-request-id: 0a4a3b1d-ea3f-4547-9668-a14257862ddf

GET
H2 200 tracker Show response
www.influ2.com/ 6 KB
3 KB 1214ms
75ms Script
application/javascript 34.107.254.219
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.influ2.com/tracker?clid=94f01642-c25e-4c39-b6b1-8eb7959ff1af

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.254.219 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

219.254.107.34.bc.googleusercontent.com

Software

Resource Hash

2b8de7b148c02f4f47b6c99b9be50f96c6eb57e16d3e5a2cf9b2d4676309f816

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:26 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block

GET
H2 200 tracking.js Show response
trk.techtarget.com/ 3 KB
2 KB 112ms
64ms Script
text/javascript 172.64.151.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.techtarget.com/tracking.js
Requested by: Host: www.avanan.com
URL: https://www.avanan.com/e3t/Ctc/2H+113/ccGyW04/VWqggk58dy6XW4_rqSb6WfHrnW5NMkyh56N3P8KqQH3lYMRW7lCdLW6lZ3m2W2h9Km13f0jF-W1kkKXX2ZdfJ7W9bX7xr5xp7wWW4prkrF2Yst27W7wSM1g231HfqW2zfW4K6Xz4yvW6q5tNy6ybRryW1fVSg238l0x3VRsVQ161Qk11VnMS6X8P2mPSW4Snz2M2NNQzPW8MCy-68djlHDW7xZvHQ7KhmN7W4HpQpv7sFPpqW5k9dyv7Q_b6yW35tNGx2YLKMpN5YNmk8b4wb2W9cn7Ps7-SJqKW5bBgZb1SlBjlW1YTdXy1SbgCyVdqy6Y7tMrHRW5rwsGP4mBqNrW24hwCP8BcVwqW67-zNq93T5Fxf77g5BF04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:25 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 15:01:39 GMT
server: cloudflare
age: 31358
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1200
cf-ray: 831f3630ad7f39e3-YYZ
expires: Thu, 07 Dec 2023 19:55:25 GMT

GET
H2 404 t.js
vidassets.terminus.services/f3f76756-1d1f-4392-b34d-e3ac799fbf5d/ 0
0 142ms
38ms Script
application/json 3.162.112.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vidassets.terminus.services/f3f76756-1d1f-4392-b34d-e3ac799fbf5d/t.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.112.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-112-37.iad61.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 4393.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 16 B
1 KB 374ms
77ms Script
text/javascript 172.64.144.225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/4393.js?p=https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email&e=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.144.225 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .g2crowd.com .g2.com; connect-src 'self' .g2crowd.com .g2.com; font-src 'self' .g2crowd.com .g2.com; form-action 'self' .g2crowd.com .g2.com; frame-src 'self' .g2crowd.com .g2.com; img-src 'self' .g2crowd.com .g2.com; manifest-src 'self' .g2crowd.com .g2.com; media-src 'self' .g2crowd.com .g2.com; object-src 'self' .g2crowd.com .g2.com; script-src 'self' .g2crowd.com .g2.com; style-src 'self' .g2crowd.com .g2.com; worker-src 'self' .g2crowd.com .g2.com
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:25 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com
x-xss-protection: 1; mode=block
x-request-id: 16696529-4541-4746-98af-af4114b206bc
x-runtime: 0.002981
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"3dae93a05edd9dcfc1864b87178a31e0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=600, public
cf-ray: 831f3632ba8036bf-YYZ

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 3 KB
3 KB 1171ms
103ms XHR
application/json 104.19.155.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=1835778&utk=ca9d137359014ef346a276be0c1e860f&__hstc=23485541.ca9d137359014ef346a276be0c1e860f.1701977725358.1701977725358.1701977725358.1&__hssc=23485541.1.1701977725358&contentId=147462885790&currentUrl=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.155.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

635dc96257eecf7409b7b943890ff01191ecb8e67051a6a4c6d43978a02fc21d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 604c86a3-25da-41e4-8afd-5b3dd179e588
content-encoding: br
x-envoy-upstream-service-time: 44
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 604c86a3-25da-41e4-8afd-5b3dd179e588
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.avanan.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2FUwUjUKBs3MlGtPu%2BteclAqoTvG%2BbIxumrYCq1rEXYembPvIRk1eT9d5oxs1%2BidjhmPoKD9Cn9xQFWsCv9%2BcEAxrU51EUYC12r%2FU29841SeI86G9kA8dVl4uHptoM9ATaPQ"}],"group":"cf-nel","max_age":604800}
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 831f3636d9b139ea-YYZ
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-fc678f645-mhl2k

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
600 B 31ms
31ms Image
image/svg+xml 104.18.130.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 07 Dec 2023 19:35:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 31438
x-ms-lease-status: unlocked
last-modified: Thu, 07 Dec 2023 03:26:53 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 716dae57-a01e-006b-18c9-28be77000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 831f36305ef53705-YYZ

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
494 B 37ms
36ms Fetch
image/svg+xml 104.18.130.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 07 Dec 2023 19:35:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 19521
x-ms-lease-status: unlocked
last-modified: Thu, 07 Dec 2023 03:26:53 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: b28af532-401e-004c-41d0-28a9b3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 831f36306fb03700-YYZ

GET
H2 200 privacy-center.png
cdn.cookielaw.org/logos/47e3c59c-0525-4547-bb04-4b39430f40a8/ab35f60a-5fe3-425a-8fd3-54a1c7472028/5abbcdb5-e783-4bba-8ec5-526bf2f46f6a/ 1 KB
2 KB 44ms
43ms Image
image/png 104.18.130.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/47e3c59c-0525-4547-bb04-4b39430f40a8/ab35f60a-5fe3-425a-8fd3-54a1c7472028/5abbcdb5-e783-4bba-8ec5-526bf2f46f6a/privacy-center.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cfe2988dd0e1d6bcc63e394d2818003d0a121a5a8de88a6ba8caf91dbc48c96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 07 Dec 2023 19:35:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: HnzIqzk5bF7upvrzwNVyQA==
age: 21149
content-length: 1478
x-ms-lease-status: unlocked
last-modified: Tue, 25 Oct 2022 18:30:06 GMT
server: cloudflare
etag: 0x8DAB6B6F07B96CC
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: 0a2bb3d0-101e-001c-2145-0d6be3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 831f36307f2f3705-YYZ

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 34ms
33ms Image
image/svg+xml 104.18.130.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.130.236 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 07 Dec 2023 19:35:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 33158
x-ms-lease-status: unlocked
last-modified: Thu, 07 Dec 2023 03:26:54 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 098832b0-101e-0051-44c1-28a40f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 831f36307f303705-YYZ

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 31 KB
12 KB 59ms
59ms Script
application/javascript 23.218.218.181
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.218.181 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-218-218-181.deploy.static.akamaitechnologies.com

Software

Resource Hash

15838004d5e196b563a00a0ba16ce432fed6deb3dd4fab7122601f2c4f41560a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Dec 2023 13:47:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=39814
accept-ranges: bytes
content-length: 12150

GET
H3 200 1936026250043111 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 39ms
39ms Script
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1936026250043111?v=2.9.138&r=stable&domain=www.avanan.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

f6439fb9a40214e8a86ecb57a1ff522bb17b6e759c5b1668267e8de59fe2a481

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 07 Dec 2023 19:35:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35437
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: H84aBSdXV0U9cVZeUdMAozRIhbBZ6bZcsVevlAIPSa+QOx3o+VXNRHMsoLzwy/4xgqrXDfvidy/DwputpgAssg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
254 B 1359ms
42ms Ping
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-48VXKGDGCV&gtm=45je3bt0v881001595z879081916&_p=1701977723098&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=2049076091.1701977726&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&dp=%2Fblog%2Fphishing-via-genial.ly&sid=1701977725&sct=1&seg=0&dt=Phishing%20via%20Genial.ly&en=page_view&_fv=1&_nsi=1&_ss=1&ep.host_property=www.avanan.com&ep.page_level1=blog&tfd=2834
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-48VXKGDGCV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 19:35:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.avanan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
141 B 46ms
45ms Ping
text/plain 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-48VXKGDGCV&cid=2049076091.1701977726&gtm=45je3bt0v881001595z879081916&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-48VXKGDGCV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.31.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bj-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 19:35:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.avanan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
107 B 3175ms
70ms Image
image/gif 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-48VXKGDGCV&cid=2049076091.1701977726&gtm=45je3bt0v881001595z879081916&aip=1&dma=0&gcd=11l1l1l1l1&z=1988591277

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 19:35:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/881234066/ 42 B
455 B 301ms
52ms Image
image/gif 142.250.31.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/881234066/?random=1701977725430&cv=11&fst=1701975600000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v79081916&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&frm=0&tiba=Phishing%20via%20Genial.ly&fmt=3&is_vtc=1&cid=CAQSGwDICaaNLt1u5qt_sb3IwxXEyEqPbl1ID5-EEQ&random=2220611170&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 19:35:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/881234066/ 42 B
455 B 3092ms
70ms Image
image/gif 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/881234066/?random=1701977725430&cv=11&fst=1701975600000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v79081916&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&frm=0&tiba=Phishing%20via%20Genial.ly&fmt=3&is_vtc=1&cid=CAQSGwDICaaNLt1u5qt_sb3IwxXEyEqPbl1ID5-EEQ&random=2220611170&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 19:35:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/881234066/ 42 B
108 B 129ms
52ms Image
image/gif 142.250.31.147
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/881234066/?random=1701977725434&cv=11&fst=1701975600000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v79081916&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&frm=0&tiba=Phishing%20via%20Genial.ly&fmt=3&is_vtc=1&cid=CAQSGwDICaaNRlP4b8Ctkzor-4SmvTtKLrBPF6-wlg&random=3770305077&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f147.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 19:35:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/881234066/ 42 B
108 B 2867ms
71ms Image
image/gif 142.251.163.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/881234066/?random=1701977725434&cv=11&fst=1701975600000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v79081916&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&frm=0&tiba=Phishing%20via%20Genial.ly&fmt=3&is_vtc=1&cid=CAQSGwDICaaNRlP4b8Ctkzor-4SmvTtKLrBPF6-wlg&random=3770305077&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 19:35:28 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 25018126.js Show response
bat.bing.com/p/action/ 0
116 B 35ms
35ms Script
text/plain 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/25018126.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 07 Dec 2023 19:35:25 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B2F3595E3EF24EC9B51D2D4D9A53C211 Ref B: CHGEDGE0905 Ref C: 2023-12-07T19:35:25Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
360 B 84ms
84ms Image
text/plain 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=25018126&tm=gtm002&Ver=2&mid=9c345281-8050-4d97-bad6-3f468d228a16&sid=c50083b0953711eeb98acfbee9f96a19&vid=c5006a80953711ee80951b50cc03e8ea&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Phishing%20via%20Genial.ly&p=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&r=&lt=2635&evt=pageLoad&sv=1&rn=465323

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 07 Dec 2023 19:35:25 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D587486DB1504913A402E6BD3CD4FA33 Ref B: CHGEDGE0905 Ref C: 2023-12-07T19:35:25Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame E6FB 299 B
540 B 40ms
38ms Image
image/png 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2d667ae185155%26domain%3Dwww.avanan.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.avanan.com%252Ffff95c1edb808%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&width=120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Thu, 07 Dec 2023 19:35:25 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 299
reporting-endpoints
x-fb-debug: 65iHvacutz4XMys1geaZtWZaxoHxvn4LDXTa9d711yy6QLlbeA8c+f1S7CJ3JY2sbHXiybP5Bm+7xMnIfCu8rQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 30 Nov 2024 10:20:49 GMT

GET
H2 200 4WxNb3urpw9.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yG/l/en_US/ Frame E6FB 528 KB
137 KB 147ms
51ms XHR
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yG/l/en_US/4WxNb3urpw9.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

7b2c7a2db66d5dc135d570ff3621c11848e663971dfeb9fe6f2d073e0dc8926e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Thu, 07 Dec 2023 19:35:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: aSYWQIR7khGM6aeUqsURqQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 139241
reporting-endpoints
x-fb-debug: jQph8MdB3IxezaI6sVlkmPBQKHDAbWYf1qsOSrFlqQ5c0OrHYlP6CKTIyeTzETMk/GF4s8Y15OSJeGQsH03obg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 06 Dec 2024 15:48:46 GMT

GET
H2 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame D8BF 299 B
445 B 38ms
38ms Image
image/png 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df11b6842f417ab8%26domain%3Dwww.avanan.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.avanan.com%252Ffff95c1edb808%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&width=120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Thu, 07 Dec 2023 19:35:25 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 299
reporting-endpoints
x-fb-debug: 65iHvacutz4XMys1geaZtWZaxoHxvn4LDXTa9d711yy6QLlbeA8c+f1S7CJ3JY2sbHXiybP5Bm+7xMnIfCu8rQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 30 Nov 2024 10:20:49 GMT

GET
H2 200 gif.gif Show response
ibc-flow.techtarget.com/a/ 43 B
447 B 59ms
59ms XHR
image/gif 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=1237514&r=1701977725625&ref=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&version=2.4
Requested by: Host: trk.techtarget.com
URL: https://trk.techtarget.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

ibc_rate_tier: 1237514
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:26 GMT
via: 1.1 google
x-guploader-uploadid: ABPtcPo_ZpZdrcaPcFeVxo6ZaWizp8Fu4RUA815MWZJZeTvRG-9retqMGJbr_1dBkyBVRTjxroq7GER3NQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Thu, 08 Dec 2022 21:19:29 GMT
server: nginx/1.20.2
etag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
vary: Origin
x-goog-generation: 1670534369365034
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
cache-control: public, max-age=3600
access-control-allow-methods: GET, POST, OPTIONS
x-goog-stored-content-length: 43
accept-ranges: bytes
access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
expires: Thu, 07 Dec 2023 20:35:26 GMT

OPTIONS
H2 200 gif.gif
ibc-flow.techtarget.com/a/ Frame 0
0 1111ms
51ms Preflight
text/html 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=1237514&r=1701977725625&ref=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&version=2.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ibc_rate_tier
Access-Control-Request-Method: GET
Origin: https://www.avanan.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 07 Dec 2023 19:35:26 GMT
expires: Thu, 07 Dec 2023 19:35:26 GMT
server: nginx/1.20.2
vary: Origin
via: 1.1 google
x-guploader-uploadid: ABPtcPofqZQTuY0AV7zkTUle50-_i0qDx_PFTXiO6VUXafo7qZgLzA1C7agupORmlIownuBr1nUyb29oww

GET
H2 200 4WxNb3urpw9.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yG/l/en_US/ Frame D8BF 528 KB
136 KB 183ms
109ms XHR
application/x-javascript 31.13.66.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yG/l/en_US/4WxNb3urpw9.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df11b6842f417ab8%26domain%3Dwww.avanan.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.avanan.com%252Ffff95c1edb808%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false&width=120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-iad3.fbcdn.net

Software

Resource Hash

7b2c7a2db66d5dc135d570ff3621c11848e663971dfeb9fe6f2d073e0dc8926e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Thu, 07 Dec 2023 19:35:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: aSYWQIR7khGM6aeUqsURqQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 139241
reporting-endpoints
x-fb-debug: jQph8MdB3IxezaI6sVlkmPBQKHDAbWYf1qsOSrFlqQ5c0OrHYlP6CKTIyeTzETMk/GF4s8Y15OSJeGQsH03obg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 06 Dec 2024 15:48:46 GMT

GET
H2 200 / Show response
checkpointsoftwaretechnologiesincavanan.widget.insent.ai/ Frame 4D49 3 KB
2 KB 29ms
29ms Document
text/html 13.225.195.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/?project_key=p2xERwhuLXXni4npvQaI&blog_url=www.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&event_listener=RY2F9pIDf4YMQF8&hubspot_cookies=[%22ca9d137359014ef346a276be0c1e860f%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
Requested by: Host: checkpointsoftwaretechnologiesincavanan.widget.insent.ai
URL: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/insent
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.195.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-49.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94c3d0f52cee1217895c22a7a35b5f7b855fb495709822159a471811575738da

Request headers

Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 4358303
cache-control: max-age=31536000
content-encoding: gzip
content-type: text/html
date: Wed, 18 Oct 2023 08:57:03 GMT
etag: W/"cea936b357d0fefbe67f396ac27ecc71"
last-modified: Wed, 18 Oct 2023 08:56:50 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 9e25cde80ebbb4b50393d0f96c5d8e2e.cloudfront.net (CloudFront)
x-amz-cf-id: gp6pi1HhLdPBukTX5hbYWxy70cQIlXMyYUWUw0BqxlfCh2Slr-cCNg==
x-amz-cf-pop: YUL62-C1
x-amz-version-id: wf2lJ.cKt7e1wlMSlpAOAV_K1ZPwVE5q
x-cache: Error from cloudfront

POST
H2 200 bf Show response
bf28149orj.bf.dynatrace.com/ Frame 6DDC 205 B
478 B 384ms
43ms XHR
text/plain 34.193.102.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bf28149orj.bf.dynatrace.com/bf?type=js3&flavor=cors&vi=AKFLUTFWCNCCVOHOMPDFCVPHVIUHBFLB-0&modifiedSince=1701885189809&rf=https%3A%2F%2Fwww.gartner.com%2Freviews%2Fpublic%2FWidget%2Fdata%3Fwidget_id%3DYjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy%26size%3Dlarge&bp=3&app=c9f1951eb65229e3&crc=299190726&en=4vwhu0vt&end=1
Requested by: Host: www.gartner.com
URL: https://www.gartner.com/ruxitagentjs_A2NVfhjqru_10243220606153550.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.102.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-102-142.compute-1.amazonaws.com
Software: /
Resource Hash: c47bb59ae1dbbd2bd338b58524f6ca31d25fcd4339c58e68c740a0ac73cc0315

Request headers

Referer: https://www.gartner.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.gartner.com
x-oneagent-js-injection: true
date: Thu, 07 Dec 2023 19:35:26 GMT
cache-control: no-cache
content-length: 205
content-type: text/plain;charset=utf-8

GET
H2 200 /
www.facebook.com/tr/ 0
106 B 37ms
36ms Image
text/plain 157.240.229.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1936026250043111&ev=PageView&dl=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&rl=&if=false&ts=1701977725651&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701977725650.104752111&ler=empty&it=1701977725532&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.229.35 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-iad3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 07 Dec 2023 19:35:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 modules.0ef46a83101151841364.js Show response
script.hotjar.com/ 218 KB
55 KB 481ms
52ms Script
application/javascript 99.84.191.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.0ef46a83101151841364.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2523353.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.191.41 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-191-41.iad89.r.cloudfront.net

Software

Resource Hash

72d0e968a2bc13b2b3af3a39d1aa6f240e37b3054feaf1ca31b18399974111fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:44:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 ae3759c8dc48487a424a60bd577ad554.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
age: 13879
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55456
last-modified: Thu, 07 Dec 2023 15:44:01 GMT
etag: "4f152a0a4d20e1d992c5c15c49e98463"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 7qzGpbI4n7VUVBu-nt9eGMOYcFO_JVnDLfQ1NECvj5sHb6NeKoh1jA==

GET
H2 200 env.js Show response
checkpointsoftwaretechnologiesincavanan.widget.insent.ai/ Frame 4D49 437 B
814 B 29ms
27ms Script
application/javascript 13.225.195.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/env.js
Requested by: Host: checkpointsoftwaretechnologiesincavanan.widget.insent.ai
URL: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/?project_key=p2xERwhuLXXni4npvQaI&blog_url=www.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&event_listener=RY2F9pIDf4YMQF8&hubspot_cookies=[%22ca9d137359014ef346a276be0c1e860f%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.195.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-49.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff4e0b144f55e6bf1ac619baad9714973a381bc5c106e2cf62543d8d671f9c19

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/?project_key=p2xERwhuLXXni4npvQaI&blog_url=www.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&event_listener=RY2F9pIDf4YMQF8&hubspot_cookies=[%22ca9d137359014ef346a276be0c1e860f%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: DmgVUrsbNmh0zFcaosq_jdGFz91EWuHz
date: Thu, 07 Dec 2023 18:38:35 GMT
via: 1.1 9e25cde80ebbb4b50393d0f96c5d8e2e.cloudfront.net (CloudFront)
last-modified: Mon, 10 Apr 2023 13:35:06 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C1
age: 23250
etag: "649ed907ccaa01c40f7d298cda51d4e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
content-length: 437
x-amz-cf-id: kXJRpfL4zMzytHF4flz2QQBHuBgjb4DfMgT7-Xsg1qOgUdUltKIw2g==

GET
H2 200 pusher.min.js Show response
js.pusher.com/6.0/ Frame 4D49 64 KB
18 KB 714ms
43ms Script
application/javascript 54.192.31.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.pusher.com/6.0/pusher.min.js
Requested by: Host: checkpointsoftwaretechnologiesincavanan.widget.insent.ai
URL: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/?project_key=p2xERwhuLXXni4npvQaI&blog_url=www.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&event_listener=RY2F9pIDf4YMQF8&hubspot_cookies=[%22ca9d137359014ef346a276be0c1e860f%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.31.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-31-81.iad89.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9f69c562fa39d1b002af05da1c6b99247e69c14a48e67b35d8a8b0efd739128

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 17:25:45 GMT
content-encoding: gzip
via: 1.1 3dcb635971b5d310e8941cdb963aff70.cloudfront.net (CloudFront)
last-modified: Thu, 14 May 2020 14:40:27 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3
age: 94183
etag: W/"ba16a869e0473ee0ff7636f71e340c60"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=2592000
x-amz-cf-id: UYpNosrCQ9Jpy5in0S6KEPNpfeuxMdmqHLDcWqIEEpJB2ztLOGVPgg==

GET
H2 200 vendors.3ba21c21.js Show response
checkpointsoftwaretechnologiesincavanan.widget.insent.ai/static/js/ Frame 4D49 1 MB
375 KB 33ms
32ms Script
application/javascript 13.225.195.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/static/js/vendors.3ba21c21.js
Requested by: Host: checkpointsoftwaretechnologiesincavanan.widget.insent.ai
URL: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/?project_key=p2xERwhuLXXni4npvQaI&blog_url=www.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&event_listener=RY2F9pIDf4YMQF8&hubspot_cookies=[%22ca9d137359014ef346a276be0c1e860f%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.195.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-49.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 015b0ab9fa40e735166ee14dd2c9ab61e3ce7d1f2e58195a0a36e7492cb2627e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/?project_key=p2xERwhuLXXni4npvQaI&blog_url=www.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&event_listener=RY2F9pIDf4YMQF8&hubspot_cookies=[%22ca9d137359014ef346a276be0c1e860f%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 08:57:03 GMT
content-encoding: gzip
via: 1.1 9e25cde80ebbb4b50393d0f96c5d8e2e.cloudfront.net (CloudFront)
x-amz-version-id: EyBnLDOCp7EBUbbWuqcgnuY8SEticYXr
last-modified: Wed, 18 Oct 2023 08:56:50 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C1
age: 4358303
etag: W/"cfe569abd22cf645465b07167297c451"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: zBoeP5zd7vvdPsJ78LoV0iQ-pKj0LdK4bHrVReDFzpd49RLbkNKy5g==

GET
H2 200 commons.e9c5b3b2.js Show response
checkpointsoftwaretechnologiesincavanan.widget.insent.ai/static/js/ Frame 4D49 228 KB
62 KB 103ms
102ms Script
application/javascript 13.225.195.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/static/js/commons.e9c5b3b2.js
Requested by: Host: checkpointsoftwaretechnologiesincavanan.widget.insent.ai
URL: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/?project_key=p2xERwhuLXXni4npvQaI&blog_url=www.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&event_listener=RY2F9pIDf4YMQF8&hubspot_cookies=[%22ca9d137359014ef346a276be0c1e860f%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.195.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-49.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e864c75ed847605431470f3724181592e861488f21976d8bedb14c6ca5b9b141

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/?project_key=p2xERwhuLXXni4npvQaI&blog_url=www.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&event_listener=RY2F9pIDf4YMQF8&hubspot_cookies=[%22ca9d137359014ef346a276be0c1e860f%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 08:57:03 GMT
content-encoding: gzip
via: 1.1 9e25cde80ebbb4b50393d0f96c5d8e2e.cloudfront.net (CloudFront)
x-amz-version-id: x1MyjLe4VT5K6a5ykHai4_hGmw78vqG7
last-modified: Wed, 18 Oct 2023 08:56:49 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C1
age: 4358303
etag: W/"40d1bf7e74f8e2734926e36705386db6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: Pf3hnHLT46M8aOXXRRIL0TFqeBJ4JcWIVqJZ7lsEih6e5qkNsAbRoQ==

GET
H2 200 reduxComponents.5e03cc46.js Show response
checkpointsoftwaretechnologiesincavanan.widget.insent.ai/static/js/ Frame 4D49 58 KB
14 KB 108ms
107ms Script
application/javascript 13.225.195.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/static/js/reduxComponents.5e03cc46.js
Requested by: Host: checkpointsoftwaretechnologiesincavanan.widget.insent.ai
URL: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/?project_key=p2xERwhuLXXni4npvQaI&blog_url=www.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&event_listener=RY2F9pIDf4YMQF8&hubspot_cookies=[%22ca9d137359014ef346a276be0c1e860f%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.195.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-49.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bc19bb0f8a32439be8acf92004cd921b46ba6caa528dd8a4cb1875fe5761c64e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/?project_key=p2xERwhuLXXni4npvQaI&blog_url=www.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&event_listener=RY2F9pIDf4YMQF8&hubspot_cookies=[%22ca9d137359014ef346a276be0c1e860f%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 08:57:03 GMT
content-encoding: gzip
via: 1.1 9e25cde80ebbb4b50393d0f96c5d8e2e.cloudfront.net (CloudFront)
x-amz-version-id: FtxYOBgpDuzlE_fYPrrLcHQDrwfNQdsY
last-modified: Wed, 18 Oct 2023 08:56:50 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C1
age: 4358303
etag: W/"44201bb39223ce7d109e05cad49aec41"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: oB23ZJF6nSswnu_qttbOKsRAAqZzJW13KfmmVGaNP1EY4I365BNJmA==

GET
H2 200 main.69437bec.chunk.js Show response
checkpointsoftwaretechnologiesincavanan.widget.insent.ai/static/js/ Frame 4D49 117 KB
28 KB 109ms
108ms Script
application/javascript 13.225.195.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/static/js/main.69437bec.chunk.js
Requested by: Host: checkpointsoftwaretechnologiesincavanan.widget.insent.ai
URL: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/?project_key=p2xERwhuLXXni4npvQaI&blog_url=www.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&event_listener=RY2F9pIDf4YMQF8&hubspot_cookies=[%22ca9d137359014ef346a276be0c1e860f%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.195.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-49.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f31215a00102af8f170ae267d336423808e3c803571bf030589c059f2a02604

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/?project_key=p2xERwhuLXXni4npvQaI&blog_url=www.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&event_listener=RY2F9pIDf4YMQF8&hubspot_cookies=[%22ca9d137359014ef346a276be0c1e860f%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 08:57:03 GMT
content-encoding: gzip
via: 1.1 9e25cde80ebbb4b50393d0f96c5d8e2e.cloudfront.net (CloudFront)
x-amz-version-id: nGh4WSSe7x9nohvPetGLcIKzGbmpnSVP
last-modified: Wed, 18 Oct 2023 08:56:50 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C1
age: 4358303
etag: W/"2e4663be75d71d8807feffe5dbc95b43"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: qeOwEIuTcqp62iPM2v936iqdNtkUMQwym4EyhjglahLxywbospOv-A==

GET
H2 200 / Show response
settings.luckyorange.net/ 129 B
740 B 2245ms
1703ms Fetch
application/json 104.26.11.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.luckyorange.net/?u=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&s=128904

Requested by

Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.11.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bfb6389f80ddd586b66a540370f89f40e7eb39d388e8d9410f57caa732dc5cd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.avanan.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJeoaxMOftYsljJjLKLe0O2fURqNvRAPbVCv4WPjBePgbPem3hQ0SvIikWQL0qCVGLKqx%2FkJWjmBMWKNNh5v2Yfk0cLQHejxU5Dkkkhxa24w9gFezth3Cr3xS1O7xKE3ZTi3BBFEB7cxsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-credentials: true
cf-ray: 831f3635ad7ba253-YYZ
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since

GET
H2 200 english.json Show response
checkpointsoftwaretechnologiesincavanan.widget.insent.ai/ Frame 4D49 6 KB
2 KB 28ms
28ms XHR
application/json 13.225.195.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/english.json
Requested by: Host: checkpointsoftwaretechnologiesincavanan.widget.insent.ai
URL: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/static/js/vendors.3ba21c21.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.195.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-49.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05c580da7227f1f1038b071466c09ff25dfaa681d82e4a71ed58beadf63e8670

Request headers

Accept: application/json, text/plain, */*
Cache-Control: max-age=31536000
Referer: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/?project_key=p2xERwhuLXXni4npvQaI&blog_url=www.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&event_listener=RY2F9pIDf4YMQF8&hubspot_cookies=[%22ca9d137359014ef346a276be0c1e860f%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 08:57:02 GMT
content-encoding: gzip
via: 1.1 9e25cde80ebbb4b50393d0f96c5d8e2e.cloudfront.net (CloudFront)
x-amz-version-id: 5IaU4vm.JjPzlQNMF0Xxl1Uvelh53n9v
last-modified: Wed, 18 Oct 2023 08:56:47 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C1
age: 4358305
etag: W/"05d6f056048cdc28c10284bd31bf2c30"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
cache-control: max-age=31536000
x-amz-cf-id: hs-X0MDhvnxSktXVpeosXAz2KpeLUdL8o57OZ9apIonFO-hT_9avBw==

GET
H2 204 2523353 Show response
vc.hotjar.io/sessions/ 0
258 B 171ms
96ms XHR
text/plain 13.225.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2523353?s=0.25&r=0.23708654534034923
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.0ef46a83101151841364.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.195.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-69.yul62.r.cloudfront.net
Software: Python/3.8 aiohttp/3.8.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:26 GMT
via: 1.1 3aa87db4ada59e0f9698dcd8ce9e9728.cloudfront.net (CloudFront)
server: Python/3.8 aiohttp/3.8.4
x-amz-cf-pop: YUL62-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: GEdcKF_s8U3I1-r9R9G_rMwF-GDKI9qEYu0Rsx9IUFHLEVeQmAmpLQ==

GET
H2 200 getuser Show response
checkpointsoftwaretechnologiesincavanan.widget.insent.ai/ Frame 4D49 2 KB
1 KB 2816ms
2816ms XHR
application/json 13.225.195.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/getuser?url=www.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email

Requested by

Host: checkpointsoftwaretechnologiesincavanan.widget.insent.ai
URL: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/static/js/vendors.3ba21c21.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.195.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-195-49.yul62.r.cloudfront.net

Software

Resource Hash

d8cfbbf8a5c67746f706a7a28b36920e508158498fc44e22e7ce7484b5ae09f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/?project_key=p2xERwhuLXXni4npvQaI&blog_url=www.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&event_listener=RY2F9pIDf4YMQF8&hubspot_cookies=[%22ca9d137359014ef346a276be0c1e860f%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
hubspotCookies: ["ca9d137359014ef346a276be0c1e860f"]
accept-language: en-CA,en;q=0.9
Authorization: Bearer p2xERwhuLXXni4npvQaI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 9e25cde80ebbb4b50393d0f96c5d8e2e.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
apigw-requestid: Plmz1h_8CYcEM7g=
x-xss-protection: 1; mode=block
etag: W/"8fc-r/TQrQdcu2kKFZ409csyKMDX/MU"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-amz-cf-id: bxT3EbnoCVY5wQlM4_Qn0ewqawdRXm6LesJxFil_mdJxrKlmYA1aNw==

GET
H/1.1

200
OK

tbw Show response
match.prod.bidr.io/cookie-sync/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/tbw
https://match.prod.bidr.io/cookie-sync/tbw?_bee_ppp=1

44 B
659 B

44ms
44ms

Script
application/javascript

52.73.106.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-sync/tbw?_bee_ppp=1

Protocol

HTTP/1.1

Server

52.73.106.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-73-106-251.compute-1.amazonaws.com

Software

gunicorn /

Resource Hash

4769914c0e44ab7b81846456f24118aa1ff1a5077433e5bf47e302a8428a1213

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 19:35:26 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
Server: gunicorn
Connection: keep-alive
Content-Length: 44
content-type: application/javascript

Redirect headers

location: https://match.prod.bidr.io/cookie-sync/tbw?_bee_ppp=1
Date: Thu, 07 Dec 2023 19:35:26 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2 200 6si.min.js Show response
j.6sc.co/ 63 KB
17 KB 40ms
40ms Script
application/javascript 23.196.3.196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/j/e1efa08e-e135-4766-9e10-b54f0663900a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.196.3.196 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-196-3-196.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

a9e9d5d62bdbbe46fee9a3a0ba4c2d7fe5a6f4b53c10df3ac7d34796ffb7c96b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 19:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 29 Nov 2023 18:58:50 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "656789ea-fdc2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 17428
expires: Thu, 07 Dec 2023 19:35:26 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
471 B 86ms
85ms Image
image/gif 104.19.155.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=16&fi=9862d401-d68f-4977-9e32-b0849cab6384&lfi=4974344&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1435985357&v=1.1&a=1835778&pi=147462885790&ct=blog-post&ccu=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly&cpi=147462885790&cgi=4153530738&lpi=147462885790&lvi=147462885790&lvc=en-us&pu=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&t=Phishing+via+Genial.ly&cts=1701977726634&vi=ca9d137359014ef346a276be0c1e860f&nc=true&u=23485541.ca9d137359014ef346a276be0c1e860f.1701977725358.1701977725358.1701977725358.1&b=23485541.1.1701977725358&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.155.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 58f03bf9-42f8-447b-9a17-ed3d2c30b93c
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 11
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 58f03bf9-42f8-447b-9a17-ed3d2c30b93c
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IKk3yJamDX5MI9r08WpmKk89dOrwzPMYMYeALXjMQ4SmV%2Fi1PUYUfWQU9AHb2l1TWz%2BPtHZ9A4tvQO%2FtElNcTNO9Z2LoWI7nSmZvG9TIuZGur%2BFMYqwq7GBltUIxUUrJynN5"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7556df69f8-zvvmh
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 831f36378c633987-YYZ
x-robots-tag: none

GET
H2 200 / Show response
t.influ2.com/u/ 63 B
333 B 1223ms
88ms XHR
text/plain 34.117.110.211
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.influ2.com/u/?cb=1701977726676
Requested by: Host: www.influ2.com
URL: https://www.influ2.com/tracker?clid=94f01642-c25e-4c39-b6b1-8eb7959ff1af
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.110.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 211.110.117.34.bc.googleusercontent.com
Software: nginx/1.25.3 /
Resource Hash: 29411bc5161bfb3bc05cfc2dd9fce83c580d3caf8181b71d19912b0aa2cbe2f9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:27 GMT
via: 1.1 google
server: nginx/1.25.3
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.avanan.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63

GET
H2 200 getuidj Show response
secure.adnxs.com/ 11 B
573 B 1125ms
37ms XHR
application/json 68.67.160.26
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.26 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 19:35:27 GMT
an-x-request-uuid: bf8057e7-2e52-4ad5-9bc7-0f4b168e432b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.avanan.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 153.92.40.254; 153.92.40.254; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
193 B 65ms
60ms XHR
text/html 23.196.3.196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.3.196 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-196-3-196.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:26 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.avanan.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 4 B
282 B 132ms
43ms XHR
text/html 23.48.104.108
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.104.108 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-104-108.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 19:35:26 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.avanan.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: null
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1701977726752_389047404_3134225245_16_671_20_45_219";dur=1
content-length: 4
expires: Thu, 07 Dec 2023 19:35:26 GMT

GET
H/1.1 200
OK pista.js Show response
d26x5ounzdjojj.cloudfront.net/2.14.0/ 98 KB
98 KB 33ms
33ms Script
application/javascript 3.162.7.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d26x5ounzdjojj.cloudfront.net/2.14.0/pista.js
Requested by: Host: d26x5ounzdjojj.cloudfront.net
URL: https://d26x5ounzdjojj.cloudfront.net/tbw/tbw_analytics_v1.0.js?11
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.7.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-7-181.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 10deca523f2d7d41a77738b61b503fb9ec9f7c8e5f96d34b4e760f7ab807983a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 03:07:04 GMT
Via: 1.1 cd7813a109893bc5bd95f0672350e59c.cloudfront.net (CloudFront)
Last-Modified: Thu, 06 Aug 2020 17:08:18 GMT
Server: AmazonS3
X-Amz-Cf-Pop: YUL62-P2
Age: 59303
ETag: "8f4885b5f0517e98f2ecf6c734d1decd"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 100013
X-Amz-Cf-Id: qnZcIubStfRA1SEwaKbzB2_L1PkiaxkcttWmoysVc2wg9tLZZQ3mhw==

GET
BLOB 200
OK d9f57776-2418-45f1-98ae-26b024e0bb6c
https://www.avanan.com/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.avanan.com/d9f57776-2418-45f1-98ae-26b024e0bb6c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Length: 43
Content-Type: image/gif

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 382ms
39ms Preflight 52.55.42.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.42.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-42-144.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-6s-customid
Access-Control-Request-Method: GET
Origin: https://www.avanan.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,x-6s-customid
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://www.avanan.com
access-control-expose-headers: X-6si-Region
access-control-max-age: 1800
date: Thu, 07 Dec 2023 19:35:27 GMT
server: nginx
timing-allow-origin: https://6sense.com, https://www.ssga.com
x-6si-region: us-east-1a

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 850 B
774 B 123ms
48ms XHR
application/json 52.55.42.144
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.42.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-42-144.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1cb6d18ad5a66c11b8578fdfabb68352d467083bb2b2b879a822269102a25327

Request headers

Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
accept-language: en-CA,en;q=0.9
Authorization: Token 88f41a99bd1fcf8636165556d51c5d9423931073
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
X-6s-CustomID: WebTag e1efa08e-e135-4766-9e10-b54f0663900a

Response headers

date: Thu, 07 Dec 2023 19:35:27 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
x-6si-region: us-east-1a
access-control-allow-origin: https://www.avanan.com
access-control-expose-headers: X-6si-Region
access-control-allow-credentials: true
timing-allow-origin: https://6sense.com, https://www.ssga.com
content-length: 492

OPTIONS
H2 200 tp2
com-thebigwillow-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/ Frame 0
0 176ms
43ms Preflight 18.235.175.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://com-thebigwillow-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.175.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-175-115.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.avanan.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.avanan.com
access-control-max-age: 600
content-length: 0
date: Thu, 07 Dec 2023 19:35:27 GMT
server: nginx

POST
H2 200 tp2 Show response
com-thebigwillow-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/ 2 B
320 B 114ms
38ms XHR
text/plain 18.235.175.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://com-thebigwillow-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/tp2
Requested by: Host: d26x5ounzdjojj.cloudfront.net
URL: https://d26x5ounzdjojj.cloudfront.net/2.14.0/pista.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.175.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-175-115.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.avanan.com
date: Thu, 07 Dec 2023 19:35:27 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 201ms
198ms Image
image/gif 23.196.3.196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=null&visitor=04f288a7-741a-4b8d-8017-d32a84d14991&session=548def06-a811-4f01-8b53-7f1255dcb415&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Thu%2C%2007%20Dec%202023%2019%3A35%3A26%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20about%20the%20latest%20phishing%20attack%20using%20Genial.ly%20and%20how%20hackers%20are%20leveraging%20legitimate%20free%20sites%20to%20carry%20out%20illegitimate%20tasks.%20Find%20out%20how%20to%20protect%20yourself%20against%20these%20attacks.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Phishing%20via%20Genial.ly%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&pageViewId=786b2161-b44b-4fb7-8286-e807fe22f2f9&webTagId=e1efa08e-e135-4766-9e10-b54f0663900a&v=1.1.12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.196.3.196 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-196-3-196.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:27 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 293ms
289ms Image
image/gif 23.196.3.196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=null&visitor=04f288a7-741a-4b8d-8017-d32a84d14991&session=548def06-a811-4f01-8b53-7f1255dcb415&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22af1e717890f3605d16fc823643e05b8c%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2007%20Dec%202023%2019%3A35%3A26%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%2288f41a99bd1fcf8636165556d51c5d9423931073%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2007%20Dec%202023%2019%3A35%3A26%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2007%20Dec%202023%2019%3A35%3A26%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2007%20Dec%202023%2019%3A35%3A26%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%22e1efa08e-e135-4766-9e10-b54f0663900a%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2007%20Dec%202023%2019%3A35%3A26%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2007%20Dec%202023%2019%3A35%3A26%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2007%20Dec%202023%2019%3A35%3A26%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20about%20the%20latest%20phishing%20attack%20using%20Genial.ly%20and%20how%20hackers%20are%20leveraging%20legitimate%20free%20sites%20to%20carry%20out%20illegitimate%20tasks.%20Find%20out%20how%20to%20protect%20yourself%20against%20these%20attacks.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Phishing%20via%20Genial.ly%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&pageViewId=786b2161-b44b-4fb7-8286-e807fe22f2f9&webTagId=e1efa08e-e135-4766-9e10-b54f0663900a&v=1.1.12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.196.3.196 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-196-3-196.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:27 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 tp2 Show response
com-thebigwillow-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/ 2 B
319 B 38ms
38ms XHR
text/plain 18.235.175.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://com-thebigwillow-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/tp2
Requested by: Host: d26x5ounzdjojj.cloudfront.net
URL: https://d26x5ounzdjojj.cloudfront.net/2.14.0/pista.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.175.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-175-115.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.avanan.com
date: Thu, 07 Dec 2023 19:35:27 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

OPTIONS
H2 200 tp2
com-thebigwillow-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/ Frame 0
0 44ms
43ms Preflight 18.235.175.115
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://com-thebigwillow-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.175.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-175-115.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.avanan.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.avanan.com
access-control-max-age: 600
content-length: 0
date: Thu, 07 Dec 2023 19:35:27 GMT
server: nginx

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 42ms
41ms Ping
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-48VXKGDGCV&gtm=45je3bt0v881001595z879081916&_p=1701977723098&gcd=11l1l1l1l1&dma=0&cid=2049076091.1701977726&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1701977725&sct=1&seg=0&dl=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&dt=Phishing%20via%20Genial.ly&en=6si_data_loaded&ep.e_action=6si_company_details&ep.e_label=6si_data_loaded&_et=1777&up.company_name_6s=Salesfloor&up.company_domain_6s=salesfloor.net&up.industry_6s=Software%20and%20Technology&up.employee_range_6s=50%20-%2099&up.segments_6s=&up.revenue_range_6s=%2410M%20-%20%2425M&up.employee_count_6s=81&up.country_6s=Canada&up.company_segment_ids_6s=&up.company_match_6s=Match&up.company_is_blacklisted_6s=false&up.company_is_6qa_6s=false&tfd=4622
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-48VXKGDGCV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 19:35:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.avanan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 blog-subscription-laptop-icon-2.png
www.avanan.com/hubfs/website/img/blog/ 109 KB
111 KB 88ms
88ms Image
image/webp 199.60.103.254
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avanan.com/hubfs/website/img/blog/blog-subscription-laptop-icon-2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

199.60.103.254 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbf4d29d3505a4790b827cde56ca8e4e1d03ab709bb9db801f0a4f02c0fcc0e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-110679711133,FD-11279827778,P-1835778,FLS-ALL
age: 273902
x-amz-request-id: ZSHGAKCN94D07WXP
x-amz-server-side-encryption: AES256
edge-cache-tag: F-110679711133,FD-11279827778,P-1835778,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="blog-subscription-laptop-icon-2.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "8d71f834d25a82123bd27e64ec06b767"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1681321816755
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Thu, 07 Dec 2023 19:35:27 GMT
strict-transport-security: max-age=31536000
via: 1.1 7e0f00253118236873554f5fc0d07dac.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: eGk4cuTrlwYommw7ReeuO26P_osPr7sE
x-amz-cf-pop: YTO50-C2
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=212633
x-cache: Miss from cloudfront
cache-tag: F-110679711133,FD-11279827778,P-1835778,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 112020
x-amz-id-2: SBT0fMHkY+YOD+qrDxd0KVFwLLeLkm9kIGvhaTlaGtWIpmSGToG8pEzzWVQcyqKJSBPA8MWQKEI=
last-modified: Wed, 12 Apr 2023 17:50:17 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XA1Ek%2FLGdwmdCgjUVoxmlEAs6xP3Nro0xxK5tA45PVjrtf1FrWPX4h8VnrKGvjTGKTc%2F0%2BWeJ1TkUreKejr0XwNg0G9WN7U48f2UdyqxMu1PMT455HuTc19Y5p6%2BHx%2BL"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 831f363dcabf3905-YYZ
x-amz-cf-id: afS1FrhBxvyBmPWI0LTXBErc8yOeEwcbkyf7xiNsRMP4x36U8wmUcg==

POST
H2 200 bf Show response
bf28149orj.bf.dynatrace.com/ Frame 6DDC 205 B
476 B 44ms
44ms XHR
text/plain 34.193.102.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bf28149orj.bf.dynatrace.com/bf?type=js3&flavor=cors&vi=AKFLUTFWCNCCVOHOMPDFCVPHVIUHBFLB-0&modifiedSince=1701885189809&rf=https%3A%2F%2Fwww.gartner.com%2Freviews%2Fpublic%2FWidget%2Fdata%3Fwidget_id%3DYjZjODZjODMtNGZjZS00MzZjLTgxZDktYjVhMWY5NmM5Yjgy%26size%3Dlarge&bp=3&app=c9f1951eb65229e3&crc=1197345770&en=4vwhu0vt&end=1
Requested by: Host: www.gartner.com
URL: https://www.gartner.com/ruxitagentjs_A2NVfhjqru_10243220606153550.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.102.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-102-142.compute-1.amazonaws.com
Software: /
Resource Hash: 381b2a634ed8ecfff9d775a2381968304969088fa3b2c9fbeb860f5d2c84b504

Request headers

Referer: https://www.gartner.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.gartner.com
x-oneagent-js-injection: true
date: Thu, 07 Dec 2023 19:35:27 GMT
cache-control: no-cache
content-length: 205
content-type: text/plain;charset=utf-8

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 99ms
99ms Image
image/gif 23.196.3.196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=null&visitor=04f288a7-741a-4b8d-8017-d32a84d14991&session=548def06-a811-4f01-8b53-7f1255dcb415&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2007%20Dec%202023%2019%3A35%3A27%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2007%20Dec%202023%2019%3A35%3A26%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%221002%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20about%20the%20latest%20phishing%20attack%20using%20Genial.ly%20and%20how%20hackers%20are%20leveraging%20legitimate%20free%20sites%20to%20carry%20out%20illegitimate%20tasks.%20Find%20out%20how%20to%20protect%20yourself%20against%20these%20attacks.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Phishing%20via%20Genial.ly%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&pageViewId=786b2161-b44b-4fb7-8286-e807fe22f2f9&webTagId=e1efa08e-e135-4766-9e10-b54f0663900a&v=1.1.12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.196.3.196 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-196-3-196.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:27 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 113ms
113ms Image
image/gif 23.196.3.196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=null&visitor=04f288a7-741a-4b8d-8017-d32a84d14991&session=548def06-a811-4f01-8b53-7f1255dcb415&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2007%20Dec%202023%2019%3A35%3A28%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2007%20Dec%202023%2019%3A35%3A27%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222003%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20about%20the%20latest%20phishing%20attack%20using%20Genial.ly%20and%20how%20hackers%20are%20leveraging%20legitimate%20free%20sites%20to%20carry%20out%20illegitimate%20tasks.%20Find%20out%20how%20to%20protect%20yourself%20against%20these%20attacks.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Phishing%20via%20Genial.ly%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&pageViewId=786b2161-b44b-4fb7-8286-e807fe22f2f9&an_uid=0&webTagId=e1efa08e-e135-4766-9e10-b54f0663900a&v=1.1.12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.196.3.196 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-196-3-196.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:28 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 58ms
58ms Image
image/gif 23.196.3.196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=null&visitor=04f288a7-741a-4b8d-8017-d32a84d14991&session=548def06-a811-4f01-8b53-7f1255dcb415&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2007%20Dec%202023%2019%3A35%3A29%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2007%20Dec%202023%2019%3A35%3A28%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223004%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20about%20the%20latest%20phishing%20attack%20using%20Genial.ly%20and%20how%20hackers%20are%20leveraging%20legitimate%20free%20sites%20to%20carry%20out%20illegitimate%20tasks.%20Find%20out%20how%20to%20protect%20yourself%20against%20these%20attacks.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Phishing%20via%20Genial.ly%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&pageViewId=786b2161-b44b-4fb7-8286-e807fe22f2f9&an_uid=0&webTagId=e1efa08e-e135-4766-9e10-b54f0663900a&v=1.1.12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.196.3.196 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-196-3-196.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:29 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 61ms
61ms Image
image/gif 23.196.3.196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=null&visitor=04f288a7-741a-4b8d-8017-d32a84d14991&session=548def06-a811-4f01-8b53-7f1255dcb415&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2007%20Dec%202023%2019%3A35%3A30%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2007%20Dec%202023%2019%3A35%3A29%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224005%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20about%20the%20latest%20phishing%20attack%20using%20Genial.ly%20and%20how%20hackers%20are%20leveraging%20legitimate%20free%20sites%20to%20carry%20out%20illegitimate%20tasks.%20Find%20out%20how%20to%20protect%20yourself%20against%20these%20attacks.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Phishing%20via%20Genial.ly%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&pageViewId=786b2161-b44b-4fb7-8286-e807fe22f2f9&an_uid=0&webTagId=e1efa08e-e135-4766-9e10-b54f0663900a&v=1.1.12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.196.3.196 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-196-3-196.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:30 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 63ms
63ms Image
image/gif 23.196.3.196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=null&visitor=04f288a7-741a-4b8d-8017-d32a84d14991&session=548def06-a811-4f01-8b53-7f1255dcb415&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2007%20Dec%202023%2019%3A35%3A31%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2007%20Dec%202023%2019%3A35%3A30%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225006%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20about%20the%20latest%20phishing%20attack%20using%20Genial.ly%20and%20how%20hackers%20are%20leveraging%20legitimate%20free%20sites%20to%20carry%20out%20illegitimate%20tasks.%20Find%20out%20how%20to%20protect%20yourself%20against%20these%20attacks.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Phishing%20via%20Genial.ly%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&pageViewId=786b2161-b44b-4fb7-8286-e807fe22f2f9&an_uid=0&webTagId=e1efa08e-e135-4766-9e10-b54f0663900a&v=1.1.12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.196.3.196 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-196-3-196.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:31 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 42ms
42ms Ping
text/plain 216.239.34.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-48VXKGDGCV&gtm=45je3bt0v881001595z86871859&_p=1701977723098&gcd=11l1l1l1l1&dma=0&cid=2049076091.1701977726&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1701977725&sct=1&seg=0&dl=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&dt=Phishing%20via%20Genial.ly&en=6si_data_loaded&ep.e_action=6si_company_details&ep.e_label=6si_data_loaded&_et=3&tfd=9623
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-48VXKGDGCV&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 19:35:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.avanan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 67ms
67ms Image
image/gif 23.196.3.196
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=null&visitor=04f288a7-741a-4b8d-8017-d32a84d14991&session=548def06-a811-4f01-8b53-7f1255dcb415&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2007%20Dec%202023%2019%3A35%3A32%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2007%20Dec%202023%2019%3A35%3A31%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%226008%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20about%20the%20latest%20phishing%20attack%20using%20Genial.ly%20and%20how%20hackers%20are%20leveraging%20legitimate%20free%20sites%20to%20carry%20out%20illegitimate%20tasks.%20Find%20out%20how%20to%20protect%20yourself%20against%20these%20attacks.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Phishing%20via%20Genial.ly%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&pageViewId=786b2161-b44b-4fb7-8286-e807fe22f2f9&an_uid=0&webTagId=e1efa08e-e135-4766-9e10-b54f0663900a&v=1.1.12

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.196.3.196 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-196-3-196.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.avanan.com/blog/phishing-via-genial.ly?utm_medium=email&_hsmi=285604545&_hsenc=p2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ&utm_content=285604545&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:35:32 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

205 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.avanan.com/	1970-01-20 16:46:19	Name: __cf_bm Value: 6zZF37MjwI.zaI22Hr9IjX_T6y8wKPU66pV8kXLJjkI-1701977722-0-AZescYgbWY+k4d4hutnk6168J6C12MLmj2kTzy5DqF6JsfgcrzZmaQ3jw8+3LLd81pxPqvMqk4XW2a3lwYRBjYM=
.www.avanan.com/	1969-12-31 23:59:59	Name: __cfruid Value: d358922f5e86c6b22a79b72a915c028233c341b6-1701977722
.avanan.com/	1970-01-20 18:55:53	Name: _gcl_au Value: 1.1.1721440754.1701977724
.hubspot.com/	1970-01-20 16:46:19	Name: __cf_bm Value: qHYjBExzh.8Sp4b3rnJt2oeEWIsB1Oh.4tBapM9264A-1701977723-0-AeFiZ+0d/tgtNIHZuWKP6dMoHR1jgyKpFeBnHHunp0mOn5qFHj81sS5WIn/krCglFIIFvLeRpsTp9MDbmgcJEl0=
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: dn16gzPLoH40Ql5utoYWpoq95eYa8NQMTWGzfcgtFu8-1701977723667-0-604800000
.avanan.com/	1970-01-21 01:31:53	Name: _lfa Value: LF1.1.34f65133d0a3c087.1701977723729
.linkedin.com/	1970-01-20 18:55:53	Name: li_sugr Value: 5554c993-433d-4b1a-a8a4-1d411a76078e
.linkedin.com/	1970-01-21 01:31:53	Name: bcookie Value: "v=2&f48abe46-b4c8-45c4-881e-9bcd1d20173e"
.linkedin.com/	1970-01-20 16:47:44	Name: lidc Value: "b=VGST01:s=V:r=V:a=V:p=V:g=3082:u=1:x=1:i=1701977725:t=1702064125:v=2:sig=AQGJq7fcDRAksONqQIlpfBwz2tsWLbiS"
.linkedin.com/	1970-01-20 17:29:29	Name: UserMatchHistory Value: AQKq3kaftkgAAQAAAYxFxxj573dM95azmiH3vEvZrUaLYyIzUM_L5C_PJRAMDuc2LD9zuF67Zg-ZnA
.linkedin.com/	1970-01-20 17:29:29	Name: AnalyticsSyncHistory Value: AQICJ47IaqgOjQAAAYxFxxj5u_N9sQ2uwIumeBTthsCd49roSORk3gYQsWtCTV3RBF3DbQzlIIz1vC9wmbVjZw
.www.linkedin.com/	1970-01-21 01:31:53	Name: bscookie Value: "v=1&20231207193525f6e4c2eb-e71e-4586-8f8e-f73dd38a80b7AQGh5wcWDytcK_ahQAGgHj-9h9kNifxj"
.avanan.com/	1970-01-20 21:05:29	Name: __hstc Value: 23485541.ca9d137359014ef346a276be0c1e860f.1701977725358.1701977725358.1701977725358.1
.avanan.com/	1970-01-20 21:05:29	Name: hubspotutk Value: ca9d137359014ef346a276be0c1e860f
.avanan.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.avanan.com/	1970-01-20 16:46:19	Name: __hssc Value: 23485541.1.1701977725358
www.avanan.com/	1970-01-21 02:22:17	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Dec+07+2023+11%3A35%3A25+GMT-0800+(Pacific+Standard+Time)&version=202308.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=0c8edff7-dde5-4909-8acc-2ccf8e8ef9a2&interactionCount=0&landingPath=https%3A%2F%2Fwww.avanan.com%2Fblog%2Fphishing-via-genial.ly%3Futm_medium%3Demail%26_hsmi%3D285604545%26_hsenc%3Dp2ANqtz-8Vraaew8EUUSjUKBzwG-vJ5_Rh8xYR6oX9-ujuGGm5BPhCWY5-LbSuPIXuXqHvji7ZADyTq-1FUAMsL9XeJ5CW7rDAdDRTnQwcDTdTM6CCsmfg3OQ%26utm_content%3D285604545%26utm_source%3Dhs_email&groups=C0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1
.doubleclick.net/	1970-01-20 16:46:18	Name: test_cookie Value: CheckForPermission
.avanan.com/	1970-01-21 02:22:17	Name: _ga Value: GA1.1.2049076091.1701977726
.avanan.com/	1970-01-20 16:47:44	Name: _uetsid Value: c50083b0953711eeb98acfbee9f96a19
.avanan.com/	1970-01-21 02:07:53	Name: _uetvid Value: c5006a80953711ee80951b50cc03e8ea
.techtarget.com/	1970-01-20 16:46:19	Name: __cf_bm Value: 11e77cCERgOCfh0oL_lDxSXpU1zBTs8dfRL7esAyP9o-1701977725-0-Aaa+wHYpJO0ub+RNPKx8AAXIhdT/bbPVUV2BzH9CLSVJyzOatS7e2+Ve+lrQh10CeMs/ovL4XfQ+FUj+ZZl9BnA=
.avanan.com/	1970-01-20 18:55:53	Name: _fbp Value: fb.1.1701977725650.104752111
.bing.com/	1970-01-21 02:07:53	Name: MUID Value: 22FDFF02CBD06E24074AECE2CA786FE2
.bat.bing.com/	1970-01-20 16:56:22	Name: MR Value: 0
tracking.g2crowd.com/	1970-01-20 17:06:27	Name: _session_id Value: 9ae3ffeec08e908bfae6f56a9f47344c
.g2crowd.com/	1970-01-20 16:46:19	Name: __cf_bm Value: MYTiikp.51XGsHEiptBS80_GqdLorSjF8GeL.5gAZeQ-1701977725-0-AVKLVbuySrz6Tdn1/u74pvHiuI5D3lMzH54h5qJgYajpbfc3N1jfB2RVw1vVCQQoFFmMIl+9rVi3x4jzL0GJCs8=
.avanan.com/	1970-01-21 01:31:53	Name: _hjSessionUser_2523353 Value: eyJpZCI6IjkwYjU5NzZiLTNkZjEtNTBhYi04YzhkLWMyYzJhNjc4NTc0YyIsImNyZWF0ZWQiOjE3MDE5Nzc3MjY1MzYsImV4aXN0aW5nIjpmYWxzZX0=
.avanan.com/	1970-01-20 16:46:19	Name: _hjFirstSeen Value: 1
.avanan.com/	1970-01-20 16:46:19	Name: _hjIncludedInSessionSample_2523353 Value: 0
.avanan.com/	1970-01-20 16:46:19	Name: _hjSession_2523353 Value: eyJpZCI6ImM5YjI1NDcyLWZmMjMtNDc2Yy04MzJiLTc4OGMwYTJkNTU1NCIsImNyZWF0ZWQiOjE3MDE5Nzc3MjY1MzcsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6dHJ1ZX0=
.avanan.com/	1970-01-20 16:46:19	Name: _hjAbsoluteSessionInProgress Value: 1
.bidr.io/	1970-01-21 02:14:47	Name: bito Value: AACgZ07K5D0AABOkh3f_7w
.bidr.io/	1970-01-21 02:14:47	Name: bitoIsSecure Value: ok
www.avanan.com/	1970-01-21 02:22:17	Name: tbw_bw_uid Value: bito.AACgZ07K5D0AABOkh3f_7w
www.avanan.com/	1970-01-21 02:22:17	Name: tbw_bw_sd Value: 1701977727
www.avanan.com/	1970-01-20 16:46:19	Name: _sp_ses.05d9 Value: *
www.avanan.com/	1970-01-21 02:22:17	Name: _sp_id.05d9 Value: 1b962a2e-c33c-4c38-8499-53ab6dda420f.1701977727.1.1701977727.1701977727.47cc531c-cede-4c6e-8a5a-5016df70ec69
www.avanan.com/	1970-01-21 02:22:17	Name: _gd_visitor Value: 04f288a7-741a-4b8d-8017-d32a84d14991
www.avanan.com/	1970-01-20 16:46:32	Name: _gd_session Value: 548def06-a811-4f01-8b53-7f1255dcb415
com-thebigwillow-prod1.collector.snplow.net/	1970-01-21 01:31:53	Name: sp Value: 818269b2-5f9b-48ce-bdac-31a3692d50c1
.6sc.co/	1970-01-21 02:22:17	Name: 6suuid Value: c402c4174f3b17007f1e7265a30000004e399a02
.avanan.com/	1970-01-21 02:22:17	Name: _ga_48VXKGDGCV Value: GS1.1.1701977725.1.0.1701977727.58.0.0
www.avanan.com/	1970-01-20 16:56:22	Name: _an_uid Value: 0
.influ2.com/	1970-01-21 01:31:53	Name: R Value: 209e278ca1d395d41a8265d6
.avanan.com/	1970-01-21 02:22:17	Name: insent-user-id Value: qy6z94CayGtKzQQDG1701977726631

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security	warning	Message: Error with Permissions-Policy-Report-Only header: Unrecognized feature: 'document-domain'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security	warning	Message: Error with Permissions-Policy-Report-Only header: Unrecognized feature: 'document-domain'.
network	error	URL: https://vidassets.terminus.services/f3f76756-1d1f-4392-b34d-e3ac799fbf5d/t.js Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.hubapi.com
app.hubspot.com
b.6sc.co
bat.bing.com
bf28149orj.bf.dynatrace.com
c.6sc.co
cdn.cookielaw.org
cdn2.hubspot.net
cdnjs.cloudflare.com
checkpointsoftwaretechnologiesincavanan.widget.insent.ai
com-thebigwillow-prod1.collector.snplow.net
connect.facebook.net
ct.capterra.com
cta-service-cms2.hubspot.com
d10lpsik1i8c69.cloudfront.net
d26x5ounzdjojj.cloudfront.net
epsilon.6sense.com
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
geolocation.onetrust.com
googleads.g.doubleclick.net
ibc-flow.techtarget.com
ipv6.6sc.co
j.6sc.co
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hscta.net
js.hsleadflows.net
js.pusher.com
lftracker.leadfeeder.com
match.prod.bidr.io
no-cache.hubspot.com
perf.hsforms.com
platform.linkedin.com
platform.twitter.com
px.ads.linkedin.com
reviews.static.gartner.com
script.hotjar.com
secure.adnxs.com
settings.luckyorange.net
snap.licdn.com
static.hotjar.com
static.hsappstatic.net
static.xx.fbcdn.net
stats.g.doubleclick.net
syndication.twitter.com
t.influ2.com
tr.lfeeder.com
track.hubspot.com
tracking.g2crowd.com
trk.techtarget.com
use.fontawesome.com
vc.hotjar.io
vidassets.terminus.services
www.avanan.com
www.facebook.com
www.gartner.com
www.google.ca
www.google.com
www.googletagmanager.com
www.influ2.com
www.linkedin.com
104.16.109.209
104.16.77.186
104.17.192.96
104.17.203.204
104.17.207.249
104.17.229.163
104.17.24.14
104.18.122.12
104.18.130.236
104.18.209.51
104.18.32.137
104.18.34.229
104.19.155.83
104.244.42.8
104.26.11.16
13.107.42.14
13.225.195.48
13.225.195.49
13.225.195.69
13.249.39.43
142.250.31.147
142.250.31.155
142.251.163.94
157.240.229.35
172.253.122.94
172.253.122.95
172.253.63.97
172.64.141.13
172.64.144.225
172.64.151.60
18.235.175.115
192.229.163.25
199.60.103.254
204.79.197.200
216.239.34.181
23.196.3.196
23.218.218.181
23.218.218.191
23.48.104.108
3.161.210.224
3.162.112.30
3.162.112.37
3.162.3.99
3.162.7.181
31.13.66.19
34.107.254.219
34.111.208.231
34.117.110.211
34.193.102.142
34.205.220.113
52.55.42.144
52.73.106.251
54.192.31.81
68.67.160.26
99.84.191.41
99.86.229.18
015b0ab9fa40e735166ee14dd2c9ab61e3ce7d1f2e58195a0a36e7492cb2627e
01dc3c1a9cb4d6b8101f8b81973cc595d038184c30aea93d47c09da82454706d
03817f3f6505178f6f24ef977ac8cd844ba3427f0353759e41bea905c565020a
057d87ec0edbdb5fe7d60d32da4c3abfe1dc2e6a0aacd6543a5e9dabb7bbd21b
05c580da7227f1f1038b071466c09ff25dfaa681d82e4a71ed58beadf63e8670
081d08f71fb7a07fd5247ce2d20af91a41899fd4ee1b129c18fedf8a04b5bbae
08deb5fb8e8a49d3e598cab0f6c178154648cd6234894569a0987812b19475f3
09fdb2959efa7f317724a5762ad6dd73d941613bfd3764ed8be04ddbc4338b4b
0a1309d2ccff026ab4dcf050977befc877505115e4777e240fa328b1781c63ae
0b0a210e89ac35b54a9b4ccb0336ea91c561e6dc5f8bda49574da98d40799c6e
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
0c5109ab0fecc5ef21cc3eddf9e5e66741feb3c03a08c0c5d12a153bffe56a4d
10deca523f2d7d41a77738b61b503fb9ec9f7c8e5f96d34b4e760f7ab807983a
15838004d5e196b563a00a0ba16ce432fed6deb3dd4fab7122601f2c4f41560a
1cb6d18ad5a66c11b8578fdfabb68352d467083bb2b2b879a822269102a25327
21091df3e91e575d018aa5b94c490bc0921233e901913052ceec557a2f3537ae
211021b7c09598e5138d4be18dbe9facfc025693e756ea1c7f6dac17a33cd39a
221a2d2c81d6c147efa694dd73f51bdcb8ecf509826457780c44f5026b6d5a71
22cecf5526a9a6a3c3d49dea18b28fd902a5a2bec155a04a7c21bb654b9ec0c9
24a3a9ccca4cde6a90f28a96467b83fcc8e8b02ae532b85c46d45514e98c9dc9
257855f4e23a1e3d382077b15bfc30971c9c261fc23512c88abfdcda05f28bc4
265dc9381f2b760551a12eb31f4bbc194ea6609b90fd79a59fc53cb0e1210146
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29411bc5161bfb3bc05cfc2dd9fce83c580d3caf8181b71d19912b0aa2cbe2f9
2b8de7b148c02f4f47b6c99b9be50f96c6eb57e16d3e5a2cf9b2d4676309f816
2bb9a2c2d013c9818f8cc463b3571aa13db5d6d75f99b851c7dc7e4321b39168
2de1183a6cc960087ab607946f4cc31f9d16c9871e21c2700506c769fe0fc378
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e6c61d75d277c4660f51b39166f980d9dfd28d3adffe295e38eca13115bb6c5
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
2ece63665d1c156d538ab3ab54b1239af56ceaa6d199d26580c877fefea8688d
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
327f498e13e0a8166699d8d770f3806775c2707dd893d18f0139b84b0b9d8576
34942d531ecf961a2a6777526aef0c7d17f28a4ce9afcac868eb132c700bfe5a
3636e8810aa8b16828af450174251147977372f0201e77d464c719f110b0924f
3726f6f71175b54abf48e8863b8634461bcbf34831f7c1b0a1d11e2604782b3a
381b2a634ed8ecfff9d775a2381968304969088fa3b2c9fbeb860f5d2c84b504
389e7668a1ebd8a04eca206d27b7147519be465eed883f6a2d68bd419ada24b4
3a8dc37228486418b77d45135da96313f7d161c03609292464cc77d2a6634897
3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3eb73cc89830d3824b5c588849b29a5d4bad5b71108ba60e17bad3e6276dd5f7
4212a717b8d61a5ee679e86faef6b912c275aac5508f97350dac01bede075100
46891f1a0d9fc55b4650e10dbdc598a5269f19fdbd69305f8b8d1cd360b49f8d
4769914c0e44ab7b81846456f24118aa1ff1a5077433e5bf47e302a8428a1213
48069549555730d586f6b176fcd26ebd19349e9271acdc8e0474caa15501e542
49c8d692cb67ec3cc5b35e839c50c5c9eea05fe3ce82894eb02d22240554a0aa
4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589
4eed62e19ef261a18dade30aac09258399bbead589a04d061bce834f0d5a2bcd
54ff1ebf4247ecd1fdefdd027b695c8eca043b8987861f9edd37fee6ccceb2ef
56f9c5f99829774d0b2fbdcfd9750b617127e913afa0569afef6dfa22165659e
5a6284f5e68fe70bb17c9aecb532fdb513b37ec0096d21e9a7231fbcfeda6794
5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
626e534b9a811f60a8aa88e463a0ffa75ea4d8ba7510ed6a15c267becf680394
6337931044ffad3ef0a3b4382b0f098e7c242d5b1ce424b0ee88f2d0daf1f474
634cd6856c830752abf4b33133617045f344d5713d8fa567269172ed76d1cac3
635dc96257eecf7409b7b943890ff01191ecb8e67051a6a4c6d43978a02fc21d
636cfb0881ed8c598690b31fad62f8fc83c00411bcc6527745b97409d43bc647
6770cd1c29b91775d780257571a50a97941cf0bf8b93f62d29691c502df96dee
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ce8b6777d90b50ec4183fac7c948902229a7b8427e2e63008c52e769ec0c2d4
6f31215a00102af8f170ae267d336423808e3c803571bf030589c059f2a02604
6fbecdde63cefbeb511fc193ff653cf649ce9a2a9a120316d40f20b809afb647
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
71577fb46a22fa031506bab9c5ddb4640e38ef10a1b4959a11288b41ce4b0757
723fbf8d73cd4e75f64f7d21558585aa1658b11332e87bd288f6987e398ecfb4
72d0e968a2bc13b2b3af3a39d1aa6f240e37b3054feaf1ca31b18399974111fb
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
76b6d9d89c4ffb10d1736eaaf3b291ba5e2df2edbfe5c2a9f67e2f1b26ce1103
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7a2f15820ffe7ec552c256f18b8cd6485618d23a5648f535992e5c6928a542b7
7a82df3611c2166b9b9e824830c57bc09ef40860b9dc83fb2897b9a2a3ab0b98
7b2c7a2db66d5dc135d570ff3621c11848e663971dfeb9fe6f2d073e0dc8926e
7b4c6df43d8be2860c107af980f4ae9c27dea1b14e0112921c3aef511bb29b07
7cfe2988dd0e1d6bcc63e394d2818003d0a121a5a8de88a6ba8caf91dbc48c96
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
80bd5fb610c0aae4f80839cb8bb2dc58c8e569d0f26c51fe866eba6b57f48509
8150a6e66442996f64560b128d0effe532ed5eabdf0a8c6176c8c4e8ed502e6f
856377fde78e4bdc57703db6457f6e243db704c135a4829e1951185173cec9b7
87d6c8ca2c4746ba9c42bd4b56b9f8dcb23dc4f4c8a5e338039a915eddbb4cfb
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
8a4b92a1383a8445bd4fe352c9cfa28769e48d2bbd88899cfeec3b684edd3862
8abf600128e431bb9631811f74561e1bab28dabc060b06ac5cf66b3a6c80f086
8bfb6389f80ddd586b66a540370f89f40e7eb39d388e8d9410f57caa732dc5cd
8c31f9221454873de9c5bc222c2b5c97f216d3b21b0a3589f77f49fbcacf4a0d
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
8deb475ac50713a43d3cf93fb2579f1badda5b9dee5704850b032f0f25564895
8e7902d12bed414b23fd30c7019fc0fe08d03b14984beb21e486aaa59135f803
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
92544ed57b172f513a507fe6d3e09d763bc23c413e47d110d8dc03ef896490dd
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
94b9164549fba805d07a371447577e77ca7d335fb19f9eaf978209851969cf08
94c3d0f52cee1217895c22a7a35b5f7b855fb495709822159a471811575738da
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182
97152508df33871d78e6d8595480ac6c5cf8f2feb1fc1ef7fd2ef7a0517810c7
98cf78561f0ca0eecebc62866dd85c70d0b2926a4c189dcc6802369920a2ef9e
9ea1823078c462969eaa59d6ef62623c19d77b72e25a103105b043aefaa0769a
a0b0b578469be2bde696c6e336be5d0c04ab54fe568b3f6bbb2e75663b58be26
a28a88a058bb32f3fff988c31380f2392939d9c4d1bf38b32f531969a02a33de
a59a536f6a35976c81d050cc1f734740643674e9736ae066f85213a5535e7a0a
a62430c1506f9d9ecc0bca9ffa39a073d5148f07be4aa54ed4532f9650caf56a
a87eea0ed4667d6241611511e68dce431477cbd9a06c9482b01323d6a0b972f9
a9cbc5941c408933f9aa1551c27461fbb300cf3881173f9ba3d9173f46829ab0
a9e9d5d62bdbbe46fee9a3a0ba4c2d7fe5a6f4b53c10df3ac7d34796ffb7c96b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad66b40ac6fb0451baa6f252864ee213eb292767fe47d1cfc08656ba5b64e1c4
b057f4707a4e3bbf69647a669ebc4dbf35a9b5b25864b5fc63162e71f58621c8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b521cf21eb734ff6b687aef8f56b3ab1be44709262716e6817b1898bbc2b986d
b59a0404929cf4a3ad1cbd9c2ffaaff3f8c2e838a70867c1de2dfddc5a2b2f91
baf3f0da475506f6960642373ab75b84c5740a79ae3d30b12405b6908c9aa295
bb040b98adabb6b07aecd7250591fa9ba53843c05527fec90009bf414007ea08
bc19bb0f8a32439be8acf92004cd921b46ba6caa528dd8a4cb1875fe5761c64e
bdabc041cb2fd7114647d7b429449165a450e2bf85e3c451b63d281cef26126a
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
bf6f2ddd3a93cfc831316931e733e85bfa4d344c33398e6c32115761bec7ba69
c02a3feb9b743cf424302673d859e4739d66aef603f09a33a5218853233e13b6
c0e96c0f51eb10934d2022f7d30dbeaf05f748f85d32dfe71711f2dbb21621d8
c2f85bc03d72fdd58ac7fb2cb580914b4679bcf8c99533ba20743ee73d0e28ce
c47bb59ae1dbbd2bd338b58524f6ca31d25fcd4339c58e68c740a0ac73cc0315
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cd7341ae1769c1caa0d2d277ced8c609a9e89d4a84084cec84ef96ede932b07e
cf3e0ecae28a70c5e010c24c160321243efe54f497d49a6a8f31ca12ee7eb972
cf53806c2a4cef2c89a8502411683c83162fe73859d7d24244259e7e793df68a
cfa3fb4e34da79495d2458277d739721419b3a2c0a4206a6bfc9a0e866ca4630
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d8cfbbf8a5c67746f706a7a28b36920e508158498fc44e22e7ce7484b5ae09f6
d9f69c562fa39d1b002af05da1c6b99247e69c14a48e67b35d8a8b0efd739128
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcb085ad0fca889c4a1b898ccc7458c5d586e5740e7b7bffe065ac6a5e247ada
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddd0af87d02bf88046acaf36141538c4852763b37b99ad5ea41ab6b07829818f
deb3d40a52e939dc606cacea278753f149b56d19b6619994069659687e3a7728
df998f2ab79818d229edfab989eb187dd3d94f0f40377fde4f5f97e08b691ecf
e3640c9e176b212640e5d1ba0e522d80ebe382b5a18fc55ae4f7be28d1b138be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6713fb9ddf25585f97a9c877f75edbb8b2c0d0691c1402fe85c145a9098527d
e6e877bd62dfb52cfe869be505175efad415d9945e69cab8c350cc3a500b8161
e864c75ed847605431470f3724181592e861488f21976d8bedb14c6ca5b9b141
e94bb9eafa09b4181f7208f1466552561329b27bc870ea785be1fbbeb32661d8
ebcb71e35f523aa334ba5a5932cbb0f578575498dec963b1e707cf73588ada35
ebd811addff53145da623fb3ceec50819469d1bef75de7e16cbcd613623015ab
ecf9967a9685eff0fdc0555125aeb40dc81a85c8de18c48c2a705132ef6129bd
ee39d0cbc9e9cd88b7dac8ebca680b89e8879081f855152f21772c7834474437
ef072b9ae1b3c29f94781c86bcdfdb71c1e06bbc7a2f05bc65dcfa2eefdde02c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f268614e7be44fc18dbfa5350bfeea8539258da4830ef728c56e05bf62f46b57
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f54ad99ac9b8bf0271cc6d19132826863aa3dc7077b4d5c586f99c46130efb30
f6439fb9a40214e8a86ecb57a1ff522bb17b6e759c5b1668267e8de59fe2a481
f75e7361bbcda225d800dd06644f99253ae2cf5ab6a0e47ff7967474e7afb4a6
fbb613590ab06b8838cad9193caa3797b2fb582dd88a444a1afe2424754d97ca
fbf4d29d3505a4790b827cde56ca8e4e1d03ab709bb9db801f0a4f02c0fcc0e1
fd5e0c3a0682f03217f201588e51e77bf778d5506224074918f505423f0e25a2
fd6aef7e70901bd5018e23bf8f366b1363e27c9263a2e058df2ca725cf81aab5
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fe1d77182f48fdeb7d27527565f4c8d2b598af1077cbc5aa5add9fa6adc10245
fe5f4af17be162aaf3e1dadbc08fe06e678c87620a221b3fef8e2ca7a779986d
ff4e0b144f55e6bf1ac619baad9714973a381bc5c106e2cf62543d8d671f9c19

www.avanan.com Open in urlscan Pro 199.60.103.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

203 Requests

99 %HTTPS

0 %IPv6

48 Domains

65 Subdomains

57 IPs

2 Countries

5181 kBTransfer

12448 kBSize

46 Cookies

31 Outgoing links

Page URL History

Redirected requests

203 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.avanan.com Open in urlscan Pro
199.60.103.254 Public Scan

Screenshot
Live screenshot

Full Image

203
Requests

99 %
HTTPS

0 %
IPv6

48
Domains

65
Subdomains

57
IPs

2
Countries

5181 kB
Transfer

12448 kB
Size

46
Cookies

203 HTTP transactions
3 data transactions