www.avanan.com Open in urlscan Pro
2606:2c40::c73c:67fe Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://malicious-url.com/
Effective URL:
https://www.avanan.com/malicious-url
Submission: On September 07 via manual (September 7th 2024, 9:07:13 am UTC) from IN — Scanned from GB

Summary HTTP 139 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 48 IPs in 5 countries across 40 domains to perform 139 HTTP transactions. The main IP is 2606:2c40::c73c:67fe, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.avanan.com.
TLS certificate: Issued by WE1 on July 11th 2024. Valid for: 3 months.

This is the only time www.avanan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.33.251.168 3.33.251.168	16509 (AMAZON-02) (AMAZON-02)
44	2606:2c40::c7... 2606:2c40::c73c:67fe	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
3	2606:4700:303... 2606:4700:3036::6815:1b98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:583e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:af5b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	13.35.58.4 13.35.58.4	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:8c11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9310	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:80ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:afc9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:7574	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2606:4700::68... 2606:4700::6812:562a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.112.92 18.66.112.92	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:f36c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:225... 2600:9000:225e:b600:f:7ae2:7780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:10::210:a99	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
10	23.53.43.58 23.53.43.58	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:33:1... 2620:1ec:33:1::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.66.102.11 18.66.102.11	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	143.204.205.137 143.204.205.137	16509 (AMAZON-02) (AMAZON-02)
1	104.18.40.158 104.18.40.158	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.107.254.219 34.107.254.219	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6812:1247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:1eb0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1d::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	104.26.11.16 104.26.11.16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.33.187.19 13.33.187.19	16509 (AMAZON-02) (AMAZON-02)
2	34.111.208.231 34.111.208.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	18.66.112.19 18.66.112.19	16509 (AMAZON-02) (AMAZON-02)
1	34.117.110.211 34.117.110.211	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:26f0:710... 2a02:26f0:7100::210:172	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	76.223.9.105 76.223.9.105	16509 (AMAZON-02) (AMAZON-02)
1	52.209.121.68 52.209.121.68	16509 (AMAZON-02) (AMAZON-02)
139	48

1 3.33.251.168 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com

malicious-url.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2606:2c40::c73c:67fe (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.avanan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:583e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:af5b (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.58.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-4.fra60.r.cloudfront.net

lftracker.leadfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:8c11 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9310 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:80ac (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:afc9 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-92.fra56.r.cloudfront.net

tr.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:f36c (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:b600:f:7ae2:7780:93a1 (United States)

ASN16509 (AMAZON-02, US)

checkpointsoftwaretechnologiesincavanan.widget.insent.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:10::210:a99 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.53.43.58 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-43-58.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-11.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.205.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-205-137.fra53.r.cloudfront.net

d10lpsik1i8c69.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.40.158 (None, )

ASN13335 (CLOUDFLARENET, US)

ct.capterra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.254.219 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 219.254.107.34.bc.googleusercontent.com

www.influ2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1247 (United States)

ASN13335 (CLOUDFLARENET, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1eb0 (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.g2crowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.11.16 (None, )

ASN13335 (CLOUDFLARENET, US)

settings.luckyorange.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.187.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-19.fra60.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.208.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.208.111.34.bc.googleusercontent.com

ibc-flow.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-19.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.110.211 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 211.110.117.34.bc.googleusercontent.com

t.influ2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.21 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100::210:172 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.9.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: ac3ff6aafb2cddae2.awsglobalaccelerator.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.121.68 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-121-68.eu-west-1.compute.amazonaws.com

metrics.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	avanan.com www.avanan.com	1 MB
11	6sc.co j.6sc.co — Cisco Umbrella Rank: 12402 c.6sc.co — Cisco Umbrella Rank: 16017 ipv6.6sc.co — Cisco Umbrella Rank: 12823 b.6sc.co — Cisco Umbrella Rank: 6896	26 KB
11	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 554	155 KB
7	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 77 stats.g.doubleclick.net — Cisco Umbrella Rank: 252 td.doubleclick.net — Cisco Umbrella Rank: 481	5 KB
6	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 10 region1.analytics.google.com — Cisco Umbrella Rank: 3773	152 B
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	446 KB
3	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 4354	191 B
3	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 669 px4.ads.linkedin.com — Cisco Umbrella Rank: 7330	2 KB
3	techtarget.com trk.techtarget.com — Cisco Umbrella Rank: 66995 ibc-flow.techtarget.com — Cisco Umbrella Rank: 63746	2 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1335 script.hotjar.com — Cisco Umbrella Rank: 2017	63 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 534	15 KB
3	hubspot.com app.hubspot.com — Cisco Umbrella Rank: 10634 track.hubspot.com — Cisco Umbrella Rank: 5359 forms.hubspot.com — Cisco Umbrella Rank: 11636	3 KB
3	gstatic.com fonts.gstatic.com	24 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1950	135 KB
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 18992	973 B
2	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 4716 metrics.hotjar.io — Cisco Umbrella Rank: 13194	311 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	g2crowd.com tracking.g2crowd.com — Cisco Umbrella Rank: 19182	2 KB
2	influ2.com www.influ2.com — Cisco Umbrella Rank: 105176 t.influ2.com — Cisco Umbrella Rank: 100964	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	71 KB
2	insent.ai checkpointsoftwaretechnologiesincavanan.widget.insent.ai	23 KB
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 764	702 B
1	luckyorange.net settings.luckyorange.net — Cisco Umbrella Rank: 23254	768 B
1	capterra.com ct.capterra.com — Cisco Umbrella Rank: 137605	789 B
1	cloudfront.net d10lpsik1i8c69.cloudfront.net d26x5ounzdjojj.cloudfront.net Failed	3 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1884	14 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 7580	1 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 1019	306 B
1	lfeeder.com tr.lfeeder.com — Cisco Umbrella Rank: 65953	339 B
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 5135	25 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 7189	4 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 5067	26 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 11009	92 KB
1	leadfeeder.com lftracker.leadfeeder.com — Cisco Umbrella Rank: 292589	11 KB
1	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 12087	5 KB
1	hubspot.net cdn2.hubspot.net — Cisco Umbrella Rank: 20878	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	1 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
1	malicious-url.com 1 redirects malicious-url.com	324 B
0	terminus.services Failed vidassets.terminus.services Failed
139	40

	Domain	Requested by
44	www.avanan.com	www.avanan.com
11	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org
7	b.6sc.co
4	www.googletagmanager.com	www.avanan.com www.googletagmanager.com
3	www.google.co.uk
3	td.doubleclick.net	www.googletagmanager.com
3	region1.analytics.google.com	www.googletagmanager.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com
3	googleads.g.doubleclick.net	www.googletagmanager.com
3	www.google.com	1 redirects
3	fonts.gstatic.com	fonts.googleapis.com
3	use.fontawesome.com	www.avanan.com use.fontawesome.com
2	epsilon.6sense.com	j.6sc.co
2	www.facebook.com
2	ibc-flow.techtarget.com	trk.techtarget.com
2	script.hotjar.com	static.hotjar.com script.hotjar.com
2	px.ads.linkedin.com	1 redirects snap.licdn.com
2	tracking.g2crowd.com	www.avanan.com tracking.g2crowd.com
2	connect.facebook.net	www.avanan.com connect.facebook.net
2	j.6sc.co	www.googletagmanager.com j.6sc.co
2	checkpointsoftwaretechnologiesincavanan.widget.insent.ai	www.avanan.com checkpointsoftwaretechnologiesincavanan.widget.insent.ai
1	metrics.hotjar.io	static.hotjar.com
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	secure.adnxs.com	j.6sc.co
1	t.influ2.com	www.influ2.com
1	vc.hotjar.io	script.hotjar.com
1	settings.luckyorange.net	d10lpsik1i8c69.cloudfront.net
1	stats.g.doubleclick.net	www.googletagmanager.com
1	px4.ads.linkedin.com
1	trk.techtarget.com	www.avanan.com
1	www.influ2.com	www.googletagmanager.com
1	ct.capterra.com	www.avanan.com
1	d10lpsik1i8c69.cloudfront.net	www.avanan.com
1	static.hotjar.com	www.googletagmanager.com
1	snap.licdn.com	js.hsadspixel.net
1	forms.hubspot.com	js.hsleadflows.net
1	track.hubspot.com
1	api.hubapi.com	js.hsadspixel.net
1	geolocation.onetrust.com	cdn.cookielaw.org
1	tr.lfeeder.com	www.avanan.com
1	app.hubspot.com	www.avanan.com
1	js.hs-analytics.net	www.avanan.com
1	js.hsadspixel.net	www.avanan.com
1	js.hs-banner.com	www.avanan.com
1	js.hsleadflows.net	www.avanan.com
1	lftracker.leadfeeder.com	www.avanan.com
1	static.hsappstatic.net	www.avanan.com
1	cdn2.hubspot.net	www.avanan.com
1	cdnjs.cloudflare.com	www.avanan.com
1	fonts.googleapis.com	www.avanan.com
1	malicious-url.com	1 redirects
0	vidassets.terminus.services Failed	www.googletagmanager.com
0	d26x5ounzdjojj.cloudfront.net Failed	www.avanan.com
139	54

This site contains links to these domains. Also see Links.

Domain
www.checkpoint.com
accounts.checkpoint.com
careers.checkpoint.com
twitter.com
www.linkedin.com
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
www.avanan.com WE1	`2024-07-11` - `2024-10-09`	3 months	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
upload.video.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
hubspot.net Cloudflare Inc ECC CA-3	`2024-03-06` - `2024-12-31`	10 months	crt.sh
hsappstatic.net WE1	`2024-09-06` - `2024-12-05`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.leadfeeder.com Amazon RSA 2048 M02	`2024-01-03` - `2025-02-01`	a year	crt.sh
*.gstatic.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
hsleadflows.net WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
hs-banner.com WE1	`2024-07-27` - `2024-10-25`	3 months	crt.sh
hsadspixel.net WE1	`2024-08-12` - `2024-11-10`	3 months	crt.sh
hs-analytics.net WE1	`2024-08-09` - `2024-11-07`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
cookielaw.org WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
*.lfeeder.com Amazon RSA 2048 M02	`2024-02-20` - `2025-03-20`	a year	crt.sh
geolocation.onetrust.com WE1	`2024-08-13` - `2024-11-11`	3 months	crt.sh
hubapi.com E6	`2024-08-30` - `2024-11-28`	3 months	crt.sh
*.widget.insent.ai Amazon RSA 2048 M03	`2024-01-30` - `2025-02-27`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
6sc.co R11	`2024-07-03` - `2024-10-01`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-16` - `2024-09-14`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
ct.capterra.com Cloudflare Inc ECC CA-3	`2024-06-21` - `2024-12-31`	6 months	crt.sh
influ2.com WR3	`2024-07-23` - `2024-10-21`	3 months	crt.sh
trk.techtarget.com WE1	`2024-07-23` - `2024-10-21`	3 months	crt.sh
g2crowd.com WE1	`2024-08-21` - `2024-11-19`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-08-27` - `2025-02-27`	6 months	crt.sh
*.g.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.google.co.uk WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
luckyorange.net WE1	`2024-07-26` - `2024-10-24`	3 months	crt.sh
ibc-flow.techtarget.com WR3	`2024-08-28` - `2024-11-26`	3 months	crt.sh
*.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh
t.influ2.com R11	`2024-07-16` - `2024-10-14`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.6sense.com Amazon RSA 2048 M03	`2024-03-31` - `2025-04-29`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.avanan.com/malicious-url
Frame ID: 9E54DE2B4547BA1B22B4AD4F3FFD4B66
Requests: 133 HTTP requests in this frame

Frame: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/?project_key=p2xERwhuLXXni4npvQaI&blog_url=www.avanan.com%2Fmalicious-url&event_listener=gKdX1pPr9784qub&hubspot_cookies=[%22a36074dfe213ac1edf94a25f24f52d1b%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
Frame ID: 37CEEAF989DE2E21E87B049B5882B1EB
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-48VXKGDGCV&gacid=1450467391.1725700028&gtm=45je4940v881001595z879081916za200zb79081916&dma=0&gcs=G111&gcd=13r3r3r3r5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=384536770
Frame ID: E9FC4C6BE656788B520130D9BBA477EE
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/881234066?random=1725700028095&cv=11&fst=1725700028095&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4940v9175590393z879081916za201zb79081916&gcd=13r3r3r3r5l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=2010277551.1725700028&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse
Frame ID: 9137AFEE39C66DA4769919AD2448D709
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/881234066?random=1725700028123&cv=11&fst=1725700028123&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4940v9175590393z879081916za201zb79081916&gcd=13r3r3r3r5l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=2010277551.1725700028&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse
Frame ID: 719293DFCA746AE58D5D3D9430669B3A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://malicious-url.com/ HTTP 307
https://malicious-url.com/ HTTP 301
https://www.avanan.com/malicious-url Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

139
Requests

96 %
HTTPS

65 %
IPv6

40
Domains

54
Subdomains

48
IPs

5
Countries

2333 kB
Transfer

7736 kB
Size

33
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.checkpoint.com/partners/channel/
Title: Become a Reseller

Search URL Search Domain Scan URL

URL: https://accounts.checkpoint.com/#/login
Title: Go Now

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/events/
Title: All Events

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/customer-stories/
Title: Case Studies

Search URL Search Domain Scan URL

URL: https://careers.checkpoint.com/?q=&module=cpcareers&a=search&fa%5B%5D=department_s%3AEmail%2520Security&sort=
Title: Careers

Search URL Search Domain Scan URL

URL: https://twitter.com/AvananSecurity

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/avanan/

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.checkpoint.com/privacy/cookies/
Title: Cookie Notice

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://malicious-url.com/ HTTP 307
https://malicious-url.com/ HTTP 301
https://www.avanan.com/malicious-url Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

https://www.google.com/pagead/landing?gcs=G111&gcd=13r3r3r3r5l1&tag_exp=0&rnd=416348279.1725700028&url=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&dma=0&npa=0&gtm=45He4940n81MQZBTTXv79081916za200&auid=2010277551.1725700028 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13r3r3r3r5l1&tag_exp=0&rnd=416348279.1725700028&url=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&dma=0&npa=0&gtm=45He4940n81MQZBTTXv79081916za200&auid=2010277551.1725700028

Request Chain 90

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=110528&time=1725700027894&url=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=110528&time=1725700027894&url=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&e_ipv6=AQJOdGLcTOkXMgAAAZHLvLeGPCnFbxe0D8s9ymhk5QqMfiRHNwMg4X37p0Rg8RT307HRx3cNfQ

139 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

404

Primary Request malicious-url Show response
www.avanan.com/
Redirect Chain

http://malicious-url.com/
https://malicious-url.com/
https://www.avanan.com/malicious-url

53 KB
12 KB

769ms
588ms

Document
text/html

2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfdfda9e62136a7572265ec7eebffc6baacb8365095dfdd314f316cb7e418678

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=5,max-age=5
cf-cache-status: EXPIRED
cf-ray: 8bf58be82ee1958a-LHR
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html;charset=utf-8
date: Sat, 07 Sep 2024 09:07:06 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yL3VrnxRF%2B1G24uYGiBpJp8CvsXPX2QLD4FEyJnb9LvPsNR0MvEut6CVp2SafBC08NsirWn2R2uXHhy3%2Bal3zzEJbE%2B5IC6bc6mBFJpJyxQWg2g4k%2BNet8k%2FEbQT51GwdVkCwgnG%2FRkg9rKd"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 99
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/cms-20-29-td/envoy-proxy-77d9788db6-vphcv
x-evy-trace-virtual-host: all
x-hs-prerendered-error: Wed, 04 Sep 2024 01:01:05 GMT
x-hs-reason: No view mapper found to handle request
x-hubspot-correlation-id: 8124da93-84d5-47ae-9687-789cc884575e
x-hubspot-notfound: true
x-request-id: 8124da93-84d5-47ae-9687-789cc884575e

Redirect headers

Connection: close
Content-Length: 71
Content-Type: text/html; charset=utf-8
Date: Sat, 07 Sep 2024 09:07:05 GMT
Location: https://www.avanan.com/malicious-url
Server: ip-100-74-5-31.eu-west-2.compute.internal
Vary: Accept-Encoding
X-Request-Id: 6cddcd37-ed61-4e2d-84e3-39773cd8b628

GET
H3 200 jquery-1.11.2.js Show response
www.avanan.com/hs/hsstatic/jquery-libs/static-1.4/jquery/ 94 KB
33 KB 67ms
67ms Script
application/javascript 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:06 GMT
content-encoding: gzip
via: 1.1 0e5084c3f3749abdd1195ad293d2faa2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
age: 9293652
x-amz-cf-pop: CDG52-P2
content-security-policy: upgrade-insecure-requests
x-cache: Hit from cloudfront
x-amz-version-id: null
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 08 Jan 2015 18:08:00 GMT
server: cloudflare
etag: W/"5790ead7ad3ba27397aedfa3d263b867"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e9kBkGtrzTs1ADxL%2BGgll%2FGYcwRtEMlWAIzamjFwK3S6l%2BvhymFe4f%2BMpxHPwvwqUu%2FA9E1WBODaJ0RcyODChh%2F0v2J1NbAI6Rr3q66sWspYTEXnpKldhNm763U%2B%2F7DrZJJgz6WYBzPeH0ho"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8bf58bebeb52958a-LHR
x-amz-cf-id: 6tVaSGLH67G15fdyhmz4JWJkBjI7lhDBRjLfaO1-1AqM5w8f_2rTYg==
expires: Sun, 07 Sep 2025 09:07:06 GMT

GET
H3 200 module_173300053851_Header_2024.min.css
www.avanan.com/hs-fs/hub/1835778/hub_generated/module_assets/173300053851/1722596094335/ 3 KB
2 KB 143ms
141ms Stylesheet
text/css 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hs-fs/hub/1835778/hub_generated/module_assets/173300053851/1722596094335/module_173300053851_Header_2024.min.css

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

996d6f9827e688d21be65b59c81929110381b405656ab22fdccd87f880efceed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-amz-request-id: 3HX61FPY85KG4N7B
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"e6a1f3850c748e4e60367699aec23d0d"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1722596094335
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 07 Sep 2024 09:07:06 GMT
via: 1.1 5eb5e19c1a78889d10ff38f1551ed2aa.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-amz-version-id: wPzsB2VkSPKVzBD0V.o9lSGAu5dCPVO8
x-cache: Miss from cloudfront
x-hubspot-correlation-id: bbf15909-5832-44a1-b6d1-4ef76bb29de5
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 335
alt-svc: h3=":443"; ma=86400
x-amz-id-2: U1L+EJgoR/Y/r1m/reo6tOFb7Y8rwN6SfLoAyuF68Xf05iIvNCJiPkRSgi7ZbSM71+RTtcyGIZs=
x-evy-trace-route-configuration: listener_https/all
x-request-id: bbf15909-5832-44a1-b6d1-4ef76bb29de5
last-modified: Fri, 02 Aug 2024 10:54:55 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v0oZTSFcuPpwlvsoONQ%2FRB2ZcerXC%2BcrqXATvD6GAyZwKNLdZLx82Do5OoSfRp%2B75Dqz4J4PM4soP5oxO7h%2FjRWTH%2FOjD1%2BH7EcN3nDiPsIM%2B0VDcZr%2FG%2F88vKoYOOjfdX6oPtOmM25v%2BTr5"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-7849459c5c-b2s92
access-control-allow-credentials: false
cf-ray: 8bf58bebeb53958a-LHR
timing-allow-origin: www.avanan.com
x-amz-cf-id: q5-eJFZTOFCP4VubJf5fejtwufsbCYENrahDAwaUbvW77Ij2c7rqXw==

GET
H3 200 module_10664999422_updated-footer.min.css
www.avanan.com/hs-fs/hub/1835778/hub_generated/module_assets/10664999422/1710344178772/ 1022 B
2 KB 179ms
168ms Stylesheet
text/css 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hs-fs/hub/1835778/hub_generated/module_assets/10664999422/1710344178772/module_10664999422_updated-footer.min.css

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a6284f5e68fe70bb17c9aecb532fdb513b37ec0096d21e9a7231fbcfeda6794

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-amz-request-id: H6P31RB04T445283
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"0db2aa71f1f3b6937b6f53dfa6ff0be5"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1710344178772
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 07 Sep 2024 09:07:06 GMT
via: 1.1 7f7e359e1c06a914d3d305785359b84c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-amz-version-id: 737lWFhyD3bZv_Dgb7HcbytddNt4O1GO
x-cache: Miss from cloudfront
x-hubspot-correlation-id: bd35f5da-2c3f-4f01-82d4-904032a1e2cc
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 214
alt-svc: h3=":443"; ma=86400
x-amz-id-2: W+a8cAkSjLW5sex2h3eeW6hfmo973Q004BgncyZZ9tfa4LMNuAmWBR7p2frwQvdjy9dvr/rneZg=
x-evy-trace-route-configuration: listener_https/all
x-request-id: bd35f5da-2c3f-4f01-82d4-904032a1e2cc
last-modified: Wed, 13 Mar 2024 15:36:19 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L7BcJnm0Jvx64dLFBZm0%2B87Thu28Lf71CWLMCgnU9SXXb18ddnkNBR888OFvd7fULDA6C8EcSF%2B2qx7%2BIdp0bCWDyz78C5aagtQ06k1iOj11ryOalLWjFCGX8MR4fqlozXyZjlI9FN172t%2BR"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-ts7f8
access-control-allow-credentials: false
cf-ray: 8bf58bebfb65958a-LHR
timing-allow-origin: www.avanan.com
x-amz-cf-id: _AGwZ5Swul8vxVjv_ls-dLSx92HScx-aY4gW4bF7u7dWBgJzxno7Lw==

GET
H2 200 all.css
use.fontawesome.com/releases/v5.2.0/css/ 46 KB
10 KB 242ms
42ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Requested by: Host: www.avanan.com
URL: https://www.avanan.com/malicious-url
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984

Request headers

Referer: https://www.avanan.com/
Origin: https://www.avanan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1421484
etag: W/"20a9ce516eaea76da29a23adc43e8998"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6rGwmwwuNqX6VwSYeMBbJbTKqxu%2BuGrq9WQ1x%2B7pew63RfLRWC3hjwq7eXyV%2FC2C3vFxQwQQpiVd8TCRrYQtpzQ%2BX44atV7i60%2BWwmwa8Qpn0P1CWQ9Z8VpGPAEHO2tyMt1j0LuEHNk70yNIzMyh7cg7"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 8bf58bed28f1bd74-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 192ms
52ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900idisplay=swap

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1b5055f0e4f12757f77cb6a296d6dcf95a02784c987731892dcfa730d12dd0f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 07 Sep 2024 09:07:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 07 Sep 2024 09:07:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 07 Sep 2024 09:07:06 GMT

GET
H3 200 js.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.1.4/ 2 KB
1 KB 139ms
37ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.1.4/js.cookie.min.js

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3636e8810aa8b16828af450174251147977372f0201e77d464c719f110b0924f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 124776
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 767
last-modified: Mon, 04 May 2020 16:11:49 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec5-6c8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PN2W6qtgnsnXyPRzL5o76Ez4Wh2q6rspeV4KMJvmlc7ZzSNxB1la8nzR7eG8eHEQiAuV7F8HkO%2Bq1E0GwhMpk9SpUoFya2HjDtN%2Bnz3xy93%2BPnWrglKFbfFsBc6CPtqEkNhnGE%2BmZXEWBc7uwPjZ6MTV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8bf58bec894d93e9-LHR
expires: Thu, 28 Aug 2025 09:07:06 GMT

GET
H3 200 layout.min.css
cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1725370519653/hubspot/hubspot_default/shared/responsive/ 4 KB
2 KB 162ms
58ms Stylesheet
text/css 2606:4700::6812:583e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/7052064/hub_generated/template_assets/1725370519653/hubspot/hubspot_default/shared/responsive/layout.min.css
Requested by: Host: www.avanan.com
URL: https://www.avanan.com/malicious-url
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:583e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 356bb4bf2245a68ee5de5732b5574260dd2016a2c3987e17ad97fb2586a883d1

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
age: 329443
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"fda5882b24ca5a84d04d090722dc713b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1725370520275
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 07 Sep 2024 09:07:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD61-P3
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 1e53b100-976a-460a-9433-b578066dec0b
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 166
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 1e53b100-976a-460a-9433-b578066dec0b
last-modified: Tue, 03 Sep 2024 13:35:21 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XpHQhEuUQD93kNWmAL%2B25YhybYRgniESN3vLk5zMXGeny%2BIrSKKdNwv6adgq3yh%2B%2Bcrkhi17P8JFd%2FxpzyEGOrK8q8lagAzaGU3H%2B5EIUu%2FkeRpAlZmQQGKROHDotzynkHaRy8en13hZFhwmdkQ%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-6748d4cfc8-c5nbr
cf-ray: 8bf58bec9f60bda0-LHR
timing-allow-origin: cdn2.hubspot.net

GET
H3 200 template.min.css
www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/6073351973/1693338321987/Custom/jacob_redesign/css/ 193 KB
42 KB 91ms
82ms Stylesheet
text/css 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/6073351973/1693338321987/Custom/jacob_redesign/css/template.min.css

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

92544ed57b172f513a507fe6d3e09d763bc23c413e47d110d8dc03ef896490dd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
x-amz-request-id: E4ZF7JEWNMCC89CZ
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"c532cb73709fa483616feef093f4d595"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1693338323621
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 07 Sep 2024 09:07:06 GMT
via: 1.1 88b63cb2f8aab28c7291262ffc15282e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-amz-version-id: V4U7qS8p16YQ5afAoV9tdACdkHL_IvNE
x-cache: Miss from cloudfront
x-hubspot-correlation-id: 15eb9211-16ce-4f3c-a6f2-64b602869b81
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 231
alt-svc: h3=":443"; ma=86400
x-amz-id-2: nqrpXPVzvvQlXQ4N6dD4qSmYQ2sy9qapcvpeIT3nxpAlWUjSqYK8xdRM37u/n2K4GslTb6JlJvU=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 15eb9211-16ce-4f3c-a6f2-64b602869b81
last-modified: Tue, 29 Aug 2023 19:45:24 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7OGz4UY2Jhkx7vGe2K4d2axygSibE0E5z3rN9Ks1ACVOb%2FD9M1Qf0wkfdkpkJ3bkreMgTFAeF4TnrYPN%2FGl9IzlvzPpd4X%2FFo2Cfvhj96O8PYKtuhZ6F3qO3tkSjQ8FxYThO%2FTQywEQ69CaX"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-7849459c5c-bkstl
access-control-allow-credentials: false
cf-ray: 8bf58bebfb67958a-LHR
timing-allow-origin: www.avanan.com
x-amz-cf-id: MXjqvHhR8u45INLNORURF8bCnLN8UCs-vYrjD6UNziID7IlrD0ZlxQ==

GET
H3 200 hs.megamenu.css
www.avanan.com/hubfs/website/code/css/vendor/ 4 KB
2 KB 142ms
133ms Stylesheet
text/css 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/css/vendor/hs.megamenu.css

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4eed62e19ef261a18dade30aac09258399bbead589a04d061bce834f0d5a2bcd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 84e2de61192ccb090a6d645d1117e3ea.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-10555715922,FD-10555825155,P-1835778,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 92929
x-amz-cf-pop: LHR3-C2
x-amz-request-id: 46X6GAW10DVMTWZ4
content-encoding: br
edge-cache-tag: F-10555715922,FD-10555825155,P-1835778,FLS-ALL
cache-tag: F-10555715922,FD-10555825155,P-1835778,FLS-ALL
x-amz-version-id: xY1xlt9wqfq8h7_kClSamJ0VluM_5ZF9
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: pGOD5X2/y2NdtYwk16k4fjuXJ/+COmEVYSUV9pWMXEgIpWhn7eSJdJ0Zu9hXfdma1ulmI/fOUZ42GJSzI8nQJjpuXpi9a5Zb
last-modified: Tue, 18 Jun 2019 07:24:00 GMT
server: cloudflare
etag: W/"c46d4ef35d114216ae8c0fe4137c84d5"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VNLvaTOPSnF%2BFNdn94oG05lMTdcZo52T9ENh08lAQtTOGpZDO0rQTBUgPx0oEJG%2BpLBWhg%2BGhsOI0Kc55XqRghAMQlxZo1SMydu6LNluAWbKTyCIIt5hXqUCS2cPW%2F4L%2BuTfJLt6VA%2BCosft"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 8bf58bebfb69958a-LHR
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: J2CPNWYV7xB_cWKcEfY2YLScvGzeK_96v8zWhv9fghNqOJSQ6hB9Wg==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 custombox.min.css
www.avanan.com/hubfs/website/code/css/vendor/ 41 KB
5 KB 142ms
133ms Stylesheet
text/css 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/css/vendor/custombox.min.css

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

deb3d40a52e939dc606cacea278753f149b56d19b6619994069659687e3a7728

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 d96c6a517450b169095d23aff6d646a4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-12524627747,FD-10555825155,P-1835778,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 92929
x-amz-cf-pop: LHR3-C2
x-amz-request-id: 46X76FC1EGQFBHCR
content-encoding: br
edge-cache-tag: F-12524627747,FD-10555825155,P-1835778,FLS-ALL
cache-tag: F-12524627747,FD-10555825155,P-1835778,FLS-ALL
x-amz-version-id: 7rgoaYxL_.zq0Q9pSWvug18ufCSiqriy
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ILMvNvPLW8Gf2/A/h+kJ5Fo7lGxOqV88Lsu3/BjS2NPW+ZF+dcEgaSLTcF7+SNwojzBXkqfaNK4SJcOh+Q+V210BSjNseRHO
last-modified: Thu, 29 Aug 2019 14:21:43 GMT
server: cloudflare
etag: W/"3546f0274dff535bcf97625374c1c7cf"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1nlth%2BenUurkcNkFLpK7mQM3ZyCaaqth79OOJgINtHHdj6WIKUpdsCLPekPUuOLBBgD0p%2FyWOnZPDY0oilqGRbflI4ZWJczHG6BRkKeAiDaa%2B3K3QZZroMj3%2BPTMH%2FG8vmLUymUTe83JhcGi"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 8bf58bebfb6b958a-LHR
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: eWn0hcoSUWF5D7wR8p6JqVQNvN7jMW1Pr4EZex2HiWNvg_JlO043Rg==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 theme.css
www.avanan.com/hubfs/website/code/css/ 393 KB
55 KB 140ms
134ms Stylesheet
text/css 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/css/theme.css

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf53806c2a4cef2c89a8502411683c83162fe73859d7d24244259e7e793df68a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-12350310726,FD-10555529544,P-1835778,FLS-ALL
age: 1351129
x-amz-request-id: 92YKWM87BEAYR7YJ
x-amz-server-side-encryption: AES256
edge-cache-tag: F-12350310726,FD-10555529544,P-1835778,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"dd24981f95399e7f2d5674114004c268"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1566500436528
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 a1f249a9bf642aa76e446956825f42a6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: .VuZQK18yvpctq7eWnfEjZ9JXuCTwHN5
x-amz-cf-pop: LHR3-C2
x-cache: Miss from cloudfront
cache-tag: F-12350310726,FD-10555529544,P-1835778,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: zmL4P3qfN7VAWhIhp9DeCO9M26FZyeVh1TiTJmA8ma5Ib/oaReo3OmwmR1D8EWxCs4+DxSi4c64=
last-modified: Tue, 29 Aug 2023 17:12:22 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yALxAOFDB%2BeLPytWCZvq4%2FaksxQX%2Bz0xEZMtMj5VqVKUqA2f2FQOado27DwmPQOWP0S4s9oxNcbZQIx0DCUXXyMVXq1eJIWPSCXBu9rzzysJTPykEH1bLBbHX5Upq8ntttutevCNRZrAajjR"}],"group":"cf-nel","max_age":604800}
cf-ray: 8bf58bebfb6d958a-LHR
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: QE0bmL2G4P1E5wNelUlrB2Ioavgha4qCcUCbu7-wCmXPo83sH4uziw==

GET
H3 200 header-slim.css
www.avanan.com/hubfs/website/code/css/components/ 84 KB
10 KB 147ms
144ms Stylesheet
text/css 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/css/components/header-slim.css

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f54ad99ac9b8bf0271cc6d19132826863aa3dc7077b4d5c586f99c46130efb30

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-29822257866,FD-10639271059,P-1835778,FLS-ALL
age: 1351129
x-amz-request-id: 92YNZJHZHF9CB648
x-amz-server-side-encryption: AES256
edge-cache-tag: F-29822257866,FD-10639271059,P-1835778,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"b144dc1e3369574aa43f95d44261c80b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1590586777336
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 5d21561f8325da91dd79188f8c919b08.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 42YSFG0lTWtnZ.W1lT05OT2Zcvw1os6c
x-amz-cf-pop: LHR3-C2
x-cache: Miss from cloudfront
cache-tag: F-29822257866,FD-10639271059,P-1835778,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
x-amz-id-2: dhusqSpiqK5XLJtfkLbYA5NMIJlW/vxbecyh+GY7Ze2t/fCRa/WkGo4ap6G/N/f3VQ/6fUNtRz4=
last-modified: Fri, 08 Oct 2021 20:18:11 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0s2ukFPjXfFD9SUNotZhBgY%2BBAMR2uF4j1NP8GhQutCRdWD15LW2D0EFV7C%2BcB5YOyushPtbtzxMYnncuy2eARLikK6V8Tr3c2IroD6xF0s7z5pj12l2I4ZykOz55U6TnoyHXFtmxaL7pT%2Fp"}],"group":"cf-nel","max_age":604800}
cf-ray: 8bf58bebfb6e958a-LHR
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: TePoSty5U49CZlg8UAn5989D8b4CYfRVOVx_A1Pi7lgOH4evnPvgTA==

GET
H3 200 How-Safe-Are-Your-Emails-featured.png
www.avanan.com/hubfs/website/img/infographics/ 621 KB
622 KB 147ms
144ms Image
image/webp 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avanan.com/hubfs/website/img/infographics/How-Safe-Are-Your-Emails-featured.png

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8deb475ac50713a43d3cf93fb2579f1badda5b9dee5704850b032f0f25564895

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-52270339845,FD-10949243896,P-1835778,FLS-ALL
age: 1351128
x-amz-request-id: 37H5TNSTVH8YF5QS
x-amz-server-side-encryption: AES256
edge-cache-tag: F-52270339845,FD-10949243896,P-1835778,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="How-Safe-Are-Your-Emails-featured.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "c633bdada0f0b6b3a8ed9923b6fb540b"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1628160146967
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 3fbb1f22a07ea64de9c80aefc9230214.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: .d7FqQt._o1Rnh6A1lokFj0_Ws48Edpl
x-amz-cf-pop: LHR3-C2
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=866167
x-cache: Miss from cloudfront
cache-tag: F-52270339845,FD-10949243896,P-1835778,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 635542
x-amz-id-2: 82/1it10kwS3P7iDyxqUGHgQG/PqQ3Ccietc5pChgGJxk8dWmXdSpiuPPCyzyVQAB+vpzJsnPhs=
last-modified: Thu, 05 Aug 2021 10:42:28 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hL5LWUlFHvatRT8dP4GLo79VLCabYQLB2KreGLn1GoCh3O%2FTFcR%2FO3gEecaQUjMHZHIsmDDbM6cconG9uhGooRat9vTKpd32AkXmG%2FDUE5R4SXmDFapuwgJaxdvenv8AWzeLswzixL4xsNlu"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8bf58bebfb6f958a-LHR
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: iJJQ4q8pRR2dUnT7SKBXhUm2NSqx_MWUjoLvsHnpcQJU-fJQdc_Jig==

GET
H3 200 checkpoint-logo-bg.png
www.avanan.com/hubfs/ 2 KB
3 KB 231ms
228ms Image
image/webp 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avanan.com/hubfs/checkpoint-logo-bg.png

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

072398593a04986b2bfbee736d3197af819bbaa9ebfd69b3a5e871e8d6e668ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-173574442334,P-1835778,FLS-ALL
age: 1351128
x-amz-request-id: 1M2N66EWCDKXZHAX
x-amz-server-side-encryption: AES256
edge-cache-tag: F-173574442334,P-1835778,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="checkpoint-logo-bg.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-meta-access-tag: public-indexable
cf-bgj: imgq:85,h2pri
etag: "1408eb7583a3541e5dc580168fa7358f"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1721631303778
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 5d21561f8325da91dd79188f8c919b08.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: t33v1QgqfSHCVhCkQC6aP4J6Ii.vqTWQ
x-amz-cf-pop: LHR3-C2
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=3750
x-cache: Miss from cloudfront
cache-tag: F-173574442334,P-1835778,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 1768
x-amz-id-2: 8sPL7leVi1OJU2RggFj6AO8QptjBMIRFr++vZlbVMZ4py/RxiqNoY46vDlMGaeoaIQXZQwabQAM=
last-modified: Mon, 22 Jul 2024 06:55:04 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Va7KmPPvBcHdpFYFXnmdmEl1wloIWgmBOji6SscXY%2B3nf1XG%2FabsLT1MyOKLtaGAiejqrXNy5d19gWTdO5FnlXDu3oC9uMDkNYYeADH1B9Smmyx8qCMh0C%2Bt6Ng%2BEZ%2BbC4UveU%2Bew0n17yAq"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8bf58bebfb72958a-LHR
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: yv5PqoYJKONelNoSm0T_JG3-Xm8FCNlr7aDlRlP9gHzthszXtuhX-w==

GET
H3 200 AVANAN_logo.svg
www.avanan.com/hubfs/ 19 KB
9 KB 89ms
81ms Image
image/svg+xml 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avanan.com/hubfs/AVANAN_logo.svg

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

78aa01cd352a2c773a89d1176dac5ba563cbe99f1d85795ab1a64b686de30201

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-173401008312,P-1835778,FLS-ALL
age: 92929
x-amz-request-id: 46XF260BJAKNEM6Z
x-amz-server-side-encryption: AES256
edge-cache-tag: F-173401008312,P-1835778,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-meta-access-tag: public-indexable
etag: W/"27a1e94c21d68c263c723bf322ff4ecc"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1721375838873
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 9a0da3962832290b2dd219763f12257a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: pPEujhvfNftCFO82ACklwsUsuZSGqGsJ
x-amz-cf-pop: LHR3-C2
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
cache-tag: F-173401008312,P-1835778,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: OAevdbZVaYDnNj4CX5rSb011AXdMBBgXiIBKOWeYA5jxSiFXtYX72ihv3ihM933S6L1IlOt7v7A=
last-modified: Fri, 19 Jul 2024 07:57:31 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ky5071iR7b6aZymzLwnnyLMBRDxje547f52wKL7dqy93SMllCWzw0BFJkezHhkSo2DS8waGLGrc6PxcTbWSQF248XAIUDgr8IKmSlqsG2PkYk2IbDqzo%2FU9aO1Vr9O17uEBFIGL6vrc6yjhV"}],"group":"cf-nel","max_age":604800}
cf-ray: 8bf58bedad1a958a-LHR
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: iokUI9xjRqyY4zA2pwnjRnZCvHnvaMfphKcpM_3sUGcBcheJYLB68w==

GET
H3 200 documentation.png
www.avanan.com/hubfs/website/img/nav/ 868 B
2 KB 55ms
55ms Image
image/webp 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avanan.com/hubfs/website/img/nav/documentation.png

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e94bb9eafa09b4181f7208f1466552561329b27bc870ea785be1fbbeb32661d8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-21241301263,FD-21136118110,P-1835778,FLS-ALL
age: 107430
x-amz-request-id: 48VZQZWXDPVBMEW4
edge-cache-tag: F-21241301263,FD-21136118110,P-1835778,FLS-ALL
content-disposition: inline; filename="documentation.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "f4d503cd55e042264b3bbd74f58ac560"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 1d01c9eafefacaa6322fccd6199f781c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: V87Vzt5MSqkUDoZ5asBko88rN0wJ5iGd
x-amz-cf-pop: LHR3-C2
cf-polished: origFmt=png, origSize=3416
x-cache: Miss from cloudfront
cache-tag: F-21241301263,FD-21136118110,P-1835778,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 868
x-amz-id-2: 4zMVawxIf9469KdnHAVYc9AYtAKJmjnBQF/vTLqSNc2oOe1/lYpmI7p5YKOPaMvWQ1YPOPuv6Y616gKQUSZAsg==
last-modified: Thu, 14 Nov 2019 20:20:22 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mZJoqZssnroFw3pAuiu2%2Bk4GkG%2FFCHnnuCVE97%2FUmxBiVeI6YIkoY3RsF18pAx9uWQWsOktJJnkm%2B4CQ%2B%2BIBngchw7m4gU6tZnq%2BRf4UZ8YR55g3tBnrrR%2F5kWMzMyYsy%2By7ATdOqDA9Ukmn"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8bf58bed6cd1958a-LHR
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: ZyCy3grKm832RKzzNWT6UIGvueWRH_bOcu8-WkdsO7GdX1WVO2TD9Q==

GET
H3 200 open-ticket.png
www.avanan.com/hubfs/website/img/nav/ 700 B
2 KB 80ms
78ms Image
image/webp 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avanan.com/hubfs/website/img/nav/open-ticket.png

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

03817f3f6505178f6f24ef977ac8cd844ba3427f0353759e41bea905c565020a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-21241291417,FD-21136118110,P-1835778,FLS-ALL
age: 933408
x-amz-request-id: 1489R5FZN6NZSBPN
edge-cache-tag: F-21241291417,FD-21136118110,P-1835778,FLS-ALL
content-disposition: inline; filename="open-ticket.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "9034a241fdd02e0d9dc532075852965e"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 38eb62cecee463a32bb912440e440938.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 0c9cY9eUX.md23IeRyXXqhmeaLhfDOS6
x-amz-cf-pop: LHR3-C2
cf-polished: origFmt=png, origSize=3180
x-cache: Miss from cloudfront
cache-tag: F-21241291417,FD-21136118110,P-1835778,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 700
x-amz-id-2: Frc4wOhyBlKdvHCvE1F0f3WwKami9VgySAL95Jqsd8M/JeH83X/KaNeiFSw3ClYCETZtP6LoxVGu9tM6tjruHqgI617HJrxL
last-modified: Thu, 14 Nov 2019 20:20:22 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=04xG%2FEHx%2BoHDsiXg8BSc%2F6magbeu0kDnXo%2FqtOPFLxSyR%2F%2FHdUqegST0YxTkTmEW6FH5N%2FV5Hh2yeQChn0U6bSvyVr5OKuLnjb90WT1UdZJoYe018xsXxuKmLiCVuhDsLSjWCGJfYeXfX%2BY9"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8bf58bed9cfd958a-LHR
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: S9Q7lTmz5nC8h3EBzIF8KBxCwlcXenAMu6zAbg74eXNYDn7n4lsXzw==

GET
H3 200 shutterstock_2376895065.jpg
www.avanan.com/hubfs/ 36 KB
37 KB 87ms
84ms Image
image/webp 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avanan.com/hubfs/shutterstock_2376895065.jpg

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

739b870ffe58acc3c4ee52c53450855d175099275cd66405cf1521cf8aedc389

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-175773769348,P-1835778,FLS-ALL
age: 934445
x-amz-request-id: KC53QG3FFVKWCBCY
x-amz-server-side-encryption: AES256
edge-cache-tag: F-175773769348,P-1835778,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="shutterstock_2376895065.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-meta-access-tag: public-indexable
cf-bgj: imgq:85,h2pri
etag: "e530bb5f18737a77f2709d69fe8d2dd4"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1723728892959
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 83ec53fe63944bed8681c782a9a0dc48.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: yy6gueZf69E4cigLQxNB.D643luEu4tp
x-amz-cf-pop: LHR3-C2
x-hs-alternate-content-type: text/plain
cf-polished: qual=85, origFmt=jpeg, origSize=138912
x-cache: Miss from cloudfront
cache-tag: F-175773769348,P-1835778,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 36644
x-amz-id-2: iIiGdv6WcUOhey1KobFvxzpjrvw+4BNO9jE9L7Emwj+g0UhJWgzn5WzE6sO/Ix4PPqFDtXs33Rc=
last-modified: Thu, 15 Aug 2024 13:34:54 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pzscE%2Bx3SbE3E6m6nor7qHqVtIGQe40XgF2VKHXCI60DvthCkjewCux2Ju5qUkifbAhxUPFTEF0AvGWf%2ByKDxHcSmPwnnqq%2Ffqx7nI%2FmXarbLOoJWzHfIQEgt6TZ7YWnIutkcip%2BJ2LZelsE"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8bf58bed9cff958a-LHR
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: euvjPEiQqoIyb7oQXGPV2pr6EbdZxtztRWLWi0aAgDRCy659u9r74Q==

GET
H3 200 av-cp-logo-wht.png
www.avanan.com/hubfs/website/img/nav/ 26 KB
28 KB 79ms
70ms Image
image/webp 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avanan.com/hubfs/website/img/nav/av-cp-logo-wht.png

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe5f4af17be162aaf3e1dadbc08fe06e678c87620a221b3fef8e2ca7a779986d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-58090235831,FD-21136118110,P-1835778,FLS-ALL
age: 1351127
x-amz-request-id: 1M2KQFYDSNC9K9MH
x-amz-server-side-encryption: AES256
edge-cache-tag: F-58090235831,FD-21136118110,P-1835778,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="av-cp-logo-wht.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "6b25c756c0ec059c8b971ac07c1a44e2"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1634845767354
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 1d01c9eafefacaa6322fccd6199f781c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: r2zJbm9CEK3FOJ9Q8VqLC35kT_FW.6aY
x-amz-cf-pop: LHR3-C2
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=46170
x-cache: Miss from cloudfront
cache-tag: F-58090235831,FD-21136118110,P-1835778,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 27120
x-amz-id-2: Rw294HUVlRVqd2dYCMbkYAyUXMClO4pxjBYx+KdwOZbnqWY9tSsojxoqfcOVLXmN4vwKYf4GbmPqdm/mUeTJjlhepAZnTvqlV3T5e+pENKw=
last-modified: Thu, 21 Oct 2021 19:49:28 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FGkkLtYB9U%2FmgJ2v7JTM9JhRssHf2iFUxsebC1itw5%2FusgaReOvvqSd1uP7SRU3FChlLsF2lvftWbv1QAEsJGvG%2Fj274kJieP8UyKgx5hCirKpl4H03hTUIRTk3GtgeQu%2Fji0BSQU8ycm0zr"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8bf58bedad1b958a-LHR
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: JqATq5-eAJXLSL1P6t3T51sALsgLAtPumYcPtgAbEQkVF3yUlDoTQQ==

GET
H3 200 soc-2-cert.png
www.avanan.com/hubfs/website/img/icons/ 27 KB
28 KB 96ms
88ms Image
image/webp 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avanan.com/hubfs/website/img/icons/soc-2-cert.png

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

49c8d692cb67ec3cc5b35e839c50c5c9eea05fe3ce82894eb02d22240554a0aa

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-24177175536,FD-10543955849,P-1835778,FLS-ALL
age: 92843
x-amz-request-id: F49SX27GCRSW7JEZ
edge-cache-tag: F-24177175536,FD-10543955849,P-1835778,FLS-ALL
content-disposition: inline; filename="soc-2-cert.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "2242d63f47a733e65cdebd6f3be3a08a"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 84e2de61192ccb090a6d645d1117e3ea.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: ENN2NKV.l.gZzdTLCJgVyrfErf7Uu3mK
x-amz-cf-pop: LHR3-C2
cf-polished: origFmt=png, origSize=44339
x-cache: Miss from cloudfront
cache-tag: F-24177175536,FD-10543955849,P-1835778,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 27216
x-amz-id-2: /m/eI0dXQtN5GSn4Bvzo8+YJm1MdPZfOHC7xBCcCYoeB79C3Ne/6ESBPrYkqUpH0ktRQ43alrec=
last-modified: Wed, 08 Jan 2020 19:24:41 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fryfsB%2BKLBC2vNYKjkJu6iejoQuFSbV0ELW9l%2FKeHgtsMx0LRg5qJ1ssQFDJ52RgO7DL%2FfDTwlVtNYbXepCCrLkGk%2FJBZhm1GaSsNM0bSoSyKLfHD1x8P3LG8AVzFxKMhF10uV1%2FZE0w%2B2OK"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8bf58bedad1c958a-LHR
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: masSnPIcKvhs8RXkgEoZaVHbO-ZBnUVHKJiR9zUwKtRpX7wWezndUQ==

GET
H2 200 embed.js Show response
static.hsappstatic.net/content-cwv-embed/static-1.971/ 13 KB
5 KB 170ms
47ms Script
application/javascript 2606:4700::6811:af5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/content-cwv-embed/static-1.971/embed.js

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:af5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98dfeb1d061e8788b320a130a84723813efed0b2518921f30b40cc8a09bf8ecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:06 GMT
x-amz-version-id: 1gm1MaaLzWiIBc2FerIVtLdckhSMSaY7
content-encoding: gzip
cf-cache-status: HIT
via: 1.1 2215055efc8f63c9427a3e4d846b2c66.cloudfront.net (CloudFront)
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: LHR50-P6
age: 833782
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 05 Jun 2024 15:05:39 GMT
server: cloudflare
etag: W/"26c40482b55a607cd44486a2958741d4"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IZ6RzCk%2FXIpTrHFZT4lOSaVbTy1R3KtlzVfx7KORDxLEhk7gk38mEQLL19XjRrOjiONHsOdyVqdDqwRfD2j%2BEcHNeCRgpkrrsJoE4uW5%2BMNkS83Le5TrnmEBOcuxQH2rORlfcMzNX%2BFRKMFa00x3EE0PK0A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8bf58bee5df263f1-LHR
x-amz-cf-id: IJ9StloCJWmyEqJTdH3wL8Xnr96O5I54XE5yTm9V7Gk73GDKDZbcNQ==
expires: Sun, 07 Sep 2025 09:07:06 GMT

GET
H3 200 jquery.js Show response
www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/6476923280/1577975561851/Custom/jacob_redesign/js/ 142 KB
38 KB 160ms
154ms Script
application/javascript 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/6476923280/1577975561851/Custom/jacob_redesign/js/jquery.js

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

057d87ec0edbdb5fe7d60d32da4c3abfe1dc2e6a0aacd6543a5e9dabb7bbd21b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: EDZFMDMT45E74P33
x-evy-trace-route-service-name: envoyset-translator
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"58abfaae2dedf59326b2ea681f828a06"
vary: origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 8fc9659fc06389e49927f68638e9bc94.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: ebM6Jbr9unIlIJHsCtn.BkHxdP32W5Tn
x-amz-cf-pop: IAD89-C1
x-hubspot-correlation-id: 8cedde30-459f-455a-9683-1a72a5434dc1
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 225
alt-svc: h3=":443"; ma=86400
x-amz-id-2: o3F6Lt2uaGbLyFRCvqHG3Cc5wfFuzEd56hQ2nvg6Hb+eC0/F9tUhTRP4V3oEt4ZVa1x2RwnUVIU=
x-request-id: 8cedde30-459f-455a-9683-1a72a5434dc1
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 02 Jan 2020 14:32:42 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B54FD6CMcFrHD1%2B15PLFWm7brG%2B%2B0UEqYJFRJU1SgmkwvlQN2ZZ%2BQJWghnyWbI1Lz1Mp3Axt9s10aRB6BTjS45XaQTEAmGen7KU0g6tdmmZSf6y4UBzB08w0ghct0ZsAoPTserH5mtmi4iev"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-7849459c5c-rz8x5
access-control-allow-credentials: false
cf-ray: 8bf58bed9d06958a-LHR
timing-allow-origin: www.avanan.com
x-amz-cf-id: dJKKaON1rnbPP5WzqCMGHYv_14D0bDHKHJDQ4bz1kPWASVnqWzdFlA==

GET
H3 200 bootstrap.js Show response
www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/6073918834/1577975558617/Custom/jacob_redesign/js/ 112 KB
22 KB 203ms
197ms Script
application/javascript 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/6073918834/1577975558617/Custom/jacob_redesign/js/bootstrap.js

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

71577fb46a22fa031506bab9c5ddb4640e38ef10a1b4959a11288b41ce4b0757

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: HV220ER7B65G4CVS
x-evy-trace-route-service-name: envoyset-translator
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"d810a38ca2781735a27cba0625a027db"
vary: origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 7c4bbd97f5be908e33f403c3794f629a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 3IDp6mXhqSOlZQ4n6QKdC4Peyv0EBjJp
x-amz-cf-pop: IAD89-C1
x-hubspot-correlation-id: b973bd37-b4ef-4059-83f4-41486db48145
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 199
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 375Gp9wMdUYYXZMNlNAAYTjEWpcZc66zGBoyoxnScDl1G3IX4HQaHEu1KmOJ6BTpDeAnQlcW6to=
x-request-id: b973bd37-b4ef-4059-83f4-41486db48145
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 02 Jan 2020 14:32:39 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SmDEdJpWYVa7OkFMtlUQQZEJxk6Sj7A3TMjp6CU2zY%2FzpnREqahg0qcNHs5GcM89iRbrFHcmj3XKc%2FgKAokHXWp4Fq7W%2FUWLGAf1Je3glNNYS7fcqPcV%2FhJ8B210qaSpW%2F4iFZq3jpivYWhY"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-656644bdb-ts7f8
access-control-allow-credentials: false
cf-ray: 8bf58bed9d07958a-LHR
timing-allow-origin: www.avanan.com
x-amz-cf-id: jvYOWCwF9Y8gjz9ZXBbqpaQDtvBbkDVRcEcqTxpEggf0q6ZTyeVTbQ==

GET
H3 200 plugins.js Show response
www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/6084513730/1577975558722/Custom/jacob_redesign/js/ 508 KB
119 KB 173ms
168ms Script
application/javascript 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/6084513730/1577975558722/Custom/jacob_redesign/js/plugins.js

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a82df3611c2166b9b9e824830c57bc09ef40860b9dc83fb2897b9a2a3ab0b98

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: QZ0PH9W880J4F9VM
x-evy-trace-route-service-name: envoyset-translator
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"c612fe430751a00bb8750c6601520596"
vary: origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 263d97c176fc51d1d08116820c013de4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 7fqlaiSrobvA_myCcLItYFNxElIoA1r6
x-amz-cf-pop: IAD89-C1
x-hubspot-correlation-id: f9ed79b0-0b10-4354-81df-f47c66ff98c9
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 277
alt-svc: h3=":443"; ma=86400
x-amz-id-2: IViWzn1yvGTSH5rjySjRkHUncn2GTpDr72U/PWBE0svm79cOYkZ0Tuxa4J+etTVYkF++rK974TR1l638ewDIYDwkgSgVfVQS
x-request-id: f9ed79b0-0b10-4354-81df-f47c66ff98c9
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 02 Jan 2020 14:32:39 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wu2o4Bql5R27D9L%2FcGbxqBHFvyKoLtXLM5yk%2BKrMRkYk%2FTTYSJSmEcPhqfJYGFMe9I5Gv8QxZdaMGXFxM4DLCNr6dQ5WkWHh9fp13qDe51KYROA3OABubpQYRHTu5KjB880L31CcRPRn%2F9Xk"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-7849459c5c-nnksg
access-control-allow-credentials: false
cf-ray: 8bf58bed9d09958a-LHR
timing-allow-origin: www.avanan.com
x-amz-cf-id: 0xTkgx2cID48gLhEEp_I9o714_fd_9rdayU7lxlBZ1X0yarteihrRw==

GET
H3 200 project.js Show response
www.avanan.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 1 KB
1 KB 120ms
113ms Script
application/javascript 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:06 GMT
content-encoding: gzip
via: 1.1 7e7605dff243a25ecb1590c5d7dcc7f0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
age: 11738477
x-amz-cf-pop: LHR50-P6
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests
x-cache: Hit from cloudfront
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
server: cloudflare
etag: W/"61ca66de658cab9587e4636894680d5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VmKIrztsO8Yf3FU7SPjUbzH563216%2Bd6m8W56CDFYfDWPMgGyw5956pmjROhuWbnSIw2f3WFVvbsYoBWDnOQYaTqx%2F7gxtup06OLTXIUmAonwl6iJaLDp3J%2Fu78XN0XW%2F4kCJBdDxODyaPrR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8bf58bed9d0e958a-LHR
x-amz-cf-id: rVf41lsVR0EmWYEF7ckt7NfzQgmrPHH6keF8Vw5SKhRGJugvT8eHRw==
expires: Sun, 07 Sep 2025 09:07:06 GMT

GET
H3 200 1835778.js Show response
www.avanan.com/hs/scriptloader/ 2 KB
1 KB 199ms
191ms Script
application/javascript 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hs/scriptloader/1835778.js?businessUnitId=0

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b399672241d3519341ed5ca7e437979ba73fe944f44d1624b95488efa5b5dab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: cd59ade5-99f8-4f31-ae8d-03033b1d5223
content-security-policy: upgrade-insecure-requests
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=86400
content-length: 639
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: cd59ade5-99f8-4f31-ae8d-03033b1d5223
last-modified: Sat, 07 Sep 2024 09:07:06 GMT
server: cloudflare
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.avanan.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-58bbf9c46c-rcltj
cache-control: public, max-age=90
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zcuNJkb0l80Y4p1z2%2BBI1Vyf9DRlcKohWhxq2PuHZuyQN4%2BBYFDMOMJGCEu%2FjGnYeo%2BPrn06apCTjODkJyaXcnRgWxhuPxuDB6dZXpwznBaTUxnCxeus4%2FeCFoNbeHaPjDE7gJutxylJqBK4"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8bf58bedad1d958a-LHR
expires: Sat, 07 Sep 2024 09:08:36 GMT

GET
H3 200 index.js Show response
www.avanan.com/hs/hsstatic/HubspotToolsMenu/static-1.354/js/ 12 KB
5 KB 74ms
66ms Script
application/javascript 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hs/hsstatic/HubspotToolsMenu/static-1.354/js/index.js

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

42c7e51d284cd7256caf3bfebf641141876657ea0d6e5588ac7e69dce1e9cf7e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:06 GMT
content-encoding: gzip
via: 1.1 0316c07369e8911f4fffe6ae5475e30c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
age: 1345746
x-amz-cf-pop: LHR50-P6
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests
x-cache: Hit from cloudfront
x-amz-version-id: O3iI8Pl3bd7LIBbSsE98q3XHW8vfw5hp
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 21 Aug 2024 20:24:20 GMT
server: cloudflare
etag: W/"3ef0deda0631561665e95645daf500a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cH5Au98KnnVByEmHFC2ra37tXkg3El3d9pCT8z93eDctYWC4vVIRXCl3wAh44dJ956mbN5hBBU6Uyl%2Bq05nQYfnP8yXE4N6BYRpyY4VpjeThq7NE8ythjkFXcCIQzQcH77l8%2FO%2Fr0yWp1UHL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 8bf58bedad1e958a-LHR
x-amz-cf-id: Myu8xb8hRGFqc16zQkMAYvOeELoFxtA6WP_zod8VqltzLnGRT1rT4w==
expires: Sun, 07 Sep 2025 09:07:06 GMT

GET
H3 200 jquery-migrate.js Show response
www.avanan.com/hubfs/website/code/js/ 17 KB
7 KB 80ms
73ms Script
application/javascript 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/js/jquery-migrate.js

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

56f9c5f99829774d0b2fbdcfd9750b617127e913afa0569afef6dfa22165659e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 bfc68ff581bb4e5342af2e46682c1ad0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-10555716746,FD-10555648234,P-1835778,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 1351129
x-amz-cf-pop: LHR3-C2
x-amz-request-id: 92YQCQCVW3CMQ5BE
content-encoding: br
edge-cache-tag: F-10555716746,FD-10555648234,P-1835778,FLS-ALL
cache-tag: F-10555716746,FD-10555648234,P-1835778,FLS-ALL
x-amz-version-id: O.IWEvWv.S2HIJh2gVb3UjxcZN2zO5t0
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: gVMyA8bu4QGzDcdeVv7oZDKxj+YImUhGauCbj1+h0AC9k57FmsSxYLU8j8OfsqYpwb51+Td41mQdRgOC11s49OKQH4MiQnAE
last-modified: Tue, 18 Jun 2019 07:39:43 GMT
server: cloudflare
etag: W/"e16bb3f1cf4b40a9e4de0cf7d4950cb3"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OqkAX2cNo2uw0ZYgBQgNbK%2BGkl4BopziMSdWRfxbf7tKmA7L8iDETVDD2eqkJjYSqhHp1miO8hilHnWBybI%2BgU63k9U103Wv7FG7Pfr3TWUxfURaItc2tSShsCxTGYRegjNhuRaY%2BTFgCY07"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 8bf58bed9d0f958a-LHR
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: O3eKhkiR8DHR0v9eCGxLJ7e7Z9iRDbTgagR43cetYVLBpEkwdSlfZA==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 hs.megamenu.js Show response
www.avanan.com/hubfs/website/code/js/vendor/ 22 KB
6 KB 76ms
69ms Script
application/javascript 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/js/vendor/hs.megamenu.js

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3640c9e176b212640e5d1ba0e522d80ebe382b5a18fc55ae4f7be28d1b138be

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 3d81a5fb6988905cee1d06dfcada57dc.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-10555716444,FD-10555825718,P-1835778,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 92929
x-amz-cf-pop: LHR3-C2
x-amz-request-id: 46X4PKQ3YA9DYHH0
content-encoding: br
edge-cache-tag: F-10555716444,FD-10555825718,P-1835778,FLS-ALL
cache-tag: F-10555716444,FD-10555825718,P-1835778,FLS-ALL
x-amz-version-id: Tr8ZpL3KcSID6jBFr2cCd_jZ2gEqr8QS
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: zd0E84nIZI8fRYQeOetN4mNt1sLPFgYaCFqbFK85usUl1pxrW1rFUudjUGw1TLxkg/JrMrDI6roPM2gQANBr3c33HOKS+MiaTIT0UioSCho=
last-modified: Tue, 18 Jun 2019 07:33:15 GMT
server: cloudflare
etag: W/"26676e58c4eb0c77a8d2c99b4bd1ad43"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xitKGTqlNwfh9B7y%2BKgyPfBhCuQxwE3VcGMJ7R3MtQofO4ATGprFc2n9btfsC4hJ9Fa0SRVUqygwoI1pgnHchqWBoeLryBNuJ%2Bpwd2VhxqKULqSp1woea9Z7e9FjN778nRsg9nSeu3uAA7Us"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 8bf58bed9d10958a-LHR
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: gaeDHgFFo2hrCOixFZBPATuetGMSxI4-yWJ6d_kNsTLvkWsQeSdmOw==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 custombox.min.js Show response
www.avanan.com/hubfs/website/code/js/vendor/ 15 KB
5 KB 88ms
80ms Script
application/javascript 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/js/vendor/custombox.min.js

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd0af87d02bf88046acaf36141538c4852763b37b99ad5ea41ab6b07829818f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 b61e218bc35668646b673c626203e5d4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-12524627223,FD-10555825718,P-1835778,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 1351129
x-amz-cf-pop: LHR3-C2
x-amz-request-id: 92YY3GK70DSFY1GP
content-encoding: br
edge-cache-tag: F-12524627223,FD-10555825718,P-1835778,FLS-ALL
cache-tag: F-12524627223,FD-10555825718,P-1835778,FLS-ALL
x-amz-version-id: Tm64yWHx4y9EpRwZ0oVdBIU91wzQQVgx
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: wYipMZ0n7w7jyHEKayjb2+ZTo14sMKVKabGUa67NqI9ONu8R1ksU6x33NwZreJkXD/k/ixjNELaA3jDDleSLig==
last-modified: Thu, 29 Aug 2019 14:19:27 GMT
server: cloudflare
etag: W/"a99f3446cf6471542e7b5103c1e0ad26"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FeeYCCRZL4i4qhPcNpauvdYy8VwZIhy9NoY8BdfD61mcao7EykWTGX5KW4kF10ku2FtJheLhVDsfdAucuvtY76DiVsVAtQd0M7srXvRhemgarnzBVjFG%2BFN2%2Bv0hSamGseYw8zLcfDN8NQoH"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 8bf58bed9d12958a-LHR
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: ko1HZ816T0OdlUzdb3tyT7mzIGbqSe3M1gN2bkC4AhJ0q9PeeIgFeA==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 custombox.legacy.min.js Show response
www.avanan.com/hubfs/website/code/js/vendor/ 102 KB
36 KB 121ms
113ms Script
application/javascript 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/js/vendor/custombox.legacy.min.js

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b4c6df43d8be2860c107af980f4ae9c27dea1b14e0112921c3aef511bb29b07

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 253e41640534a8ebde4c0b8e13b25d54.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-12524756578,FD-10555825718,P-1835778,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 1351130
x-amz-cf-pop: LHR3-C2
x-amz-request-id: 92YMKZCATZGS5BRQ
content-encoding: br
edge-cache-tag: F-12524756578,FD-10555825718,P-1835778,FLS-ALL
cache-tag: F-12524756578,FD-10555825718,P-1835778,FLS-ALL
x-amz-version-id: CNtvX5bcEOKz8jLqkiPSkGvNd2dpptBk
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: kXipHfdExfGGdLYebE6BooCJLpLa6gK4k2WHjy28tYKGUN9/59aeCrxL3mSp0jy+8tozv/FV23k=
last-modified: Thu, 29 Aug 2019 14:19:27 GMT
server: cloudflare
etag: W/"626f9c989ad909171b9c7e56dccfadd0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gZs7J3uXaHfqXn1FSzAZBrUMdbe3USeqEMUUqe4Yti%2F8TZdMyIvkqIPm5i5%2FOhUXxkhBaCjVdll1%2FHZUmG19KXa4P9mCzeoiZ0Ht4%2BGUo4ZRfyAGZTKEZmVxlLxIPF8sVfUQl6RqY7QdbsO5"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 8bf58bed9d13958a-LHR
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: TaFY2DM9W24V_bnEzcQOyqnJOC9C8ydc8hYe9flWcbduNhyj2PuULg==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 hs.core.js Show response
www.avanan.com/hubfs/website/code/js/vendor/ 4 KB
2 KB 92ms
85ms Script
application/javascript 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/js/vendor/hs.core.js

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

87d6c8ca2c4746ba9c42bd4b56b9f8dcb23dc4f4c8a5e338039a915eddbb4cfb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 1d01c9eafefacaa6322fccd6199f781c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-10555648509,FD-10555825718,P-1835778,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 1351129
x-amz-cf-pop: LHR3-C2
x-amz-request-id: 92YVVXMAH4G0TVR7
content-encoding: br
edge-cache-tag: F-10555648509,FD-10555825718,P-1835778,FLS-ALL
cache-tag: F-10555648509,FD-10555825718,P-1835778,FLS-ALL
x-amz-version-id: t39fon58.c8wnVn0KiTmU6Cnt0f.z3k5
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: xtHHJffzGtu4XqkRgpGZQPlqp79jq7t8HG3K06IbqlyKZ7CXVhNzz+foNhR15RcO+yBIYiZIUpY=
last-modified: Tue, 18 Jun 2019 07:35:47 GMT
server: cloudflare
etag: W/"ad96a1d08e41474de9b172376ad8f2a6"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WPUyBxO52QS0Lj3fM6Z%2B7R56vFTWb1BJIHaV9wtSLiwYCaR%2FXrT%2Fxuu1EmUc8%2Fo7D9s75h6Jm3sTArcuIT3vr6nqiOsypnuQJsPobKxXjmtNLb2zaCIEkTSPnL4B4J1vWgBeHvHwYCk00Xek"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 8bf58bed9d14958a-LHR
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: pVrGx-2eC0vhNLbIWEXgkHZlfR2xZ__p2ULJApT3CNmQqdPc21-BSA==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 hs.header.js Show response
www.avanan.com/hubfs/website/code/js/vendor/ 45 KB
6 KB 119ms
111ms Script
application/javascript 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/js/vendor/hs.header.js

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

327f498e13e0a8166699d8d770f3806775c2707dd893d18f0139b84b0b9d8576

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 02b64e603ed38c4fa65e6d087701f8de.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-10658801982,FD-10555825718,P-1835778,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 1351130
x-amz-cf-pop: LHR3-C2
x-amz-request-id: 92YT41EZBFW7JX9N
content-encoding: br
edge-cache-tag: F-10658801982,FD-10555825718,P-1835778,FLS-ALL
cache-tag: F-10658801982,FD-10555825718,P-1835778,FLS-ALL
x-amz-version-id: sLoBYokxi8ZRjPnVZWHiocCdDukS9g6O
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: T38y9RmOxuCM5dhucbjxG/jcIPTQXlX+ehXHIRG+YIHxAE9h7tkVD1Tr2FpIKX+qeqqsfI4MU0Rgmc/jBSERm/a5LG7EDSYCoobvVgXTRuc=
last-modified: Fri, 21 Jun 2019 15:22:17 GMT
server: cloudflare
etag: W/"da8e6062fc6df06d66405f3894ac0090"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BaHEgY2jj9pwzsMRK4kSgFpfXJ%2BMyxJ9FBv%2B6cDLdHmVnUKaaJUxq9Z%2FKfp8LhquMU0ga%2B5vsBJHJafuLMnCKfb%2Bv7FOweJX1a0ddaBCa8clS1pUvSJ54djLwmkGTyp%2B%2FE2RFEGWT%2FGjYK8Z"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 8bf58bedad16958a-LHR
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: knbhCPdHYtQyAml-TBlhYq3KiVLU7ehia55jJLBfhEyj2BTwxUi9kw==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 hs.unfold.js Show response
www.avanan.com/hubfs/website/code/js/vendor/ 16 KB
4 KB 120ms
112ms Script
application/javascript 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/js/vendor/hs.unfold.js

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd6aef7e70901bd5018e23bf8f366b1363e27c9263a2e058df2ca725cf81aab5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 9fef32c73ce85aca1efbc12a810558ca.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-12349469375,FD-10555825718,P-1835778,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 1351129
x-amz-cf-pop: LHR3-C2
x-amz-request-id: 92YPW1W1RTYT802H
content-encoding: br
edge-cache-tag: F-12349469375,FD-10555825718,P-1835778,FLS-ALL
cache-tag: F-12349469375,FD-10555825718,P-1835778,FLS-ALL
x-amz-version-id: jtHI_y0b8Eo2FGwKdP6LEhiHSwPKnVW3
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: a0rUmRk7C2qcG+DvDrZcETpA0x9+6/xdxGMhYi2Sq/nh8QWEdHUFoGxzREQQiSFEEigzreuLjJWfxaThaWQ0qQ==
last-modified: Thu, 22 Aug 2019 18:14:11 GMT
server: cloudflare
etag: W/"cd7294af40bf5e701ac6f8cca4a7ebcc"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=daHZyECXFGOb1ICaMHx%2B1G1vyXyTJVNjwnq6fEkduJI7U1eTKl5%2BeULXiG4HYJtRsAWd%2FiaWukdKlcXiaiSy%2FFeEc6UDS0tAilFUAbOh5kZZuvnQq%2Fd2k23yJMwPE89fIIa6tw5FaOaB7NTI"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 8bf58bedad18958a-LHR
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: Rm9UsLENIbkEilsUgIj2klxrsBtMWGhTTaTvgb9znwHKSAcI3X_dSQ==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 hs.modal-window.js Show response
www.avanan.com/hubfs/website/code/js/vendor/ 9 KB
3 KB 92ms
84ms Script
application/javascript 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/js/vendor/hs.modal-window.js

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6713fb9ddf25585f97a9c877f75edbb8b2c0d0691c1402fe85c145a9098527d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 c2eeef4f658b2933c525a8c9b2d5c896.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-12524633360,FD-10555825718,P-1835778,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 1351129
x-amz-cf-pop: LHR3-C2
x-amz-request-id: 92YGKM0ZKQ5EJ617
content-encoding: br
edge-cache-tag: F-12524633360,FD-10555825718,P-1835778,FLS-ALL
cache-tag: F-12524633360,FD-10555825718,P-1835778,FLS-ALL
x-amz-version-id: 37fiNFmrqmELkFKd5Hej0YGO_cs4_PVG
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: GNydI17WFmShXJzZrSPSClmIyYiOmTMSVHWCWYXtqqF8U4oeXIBwcdGpRMbb1Q3KMAuNN+apAdPo3SKW+jdJ28oCH4FCpkIJi9TbBdAI5cQ=
last-modified: Thu, 29 Aug 2019 14:15:34 GMT
server: cloudflare
etag: W/"e835fc393be7df8bc21680227886c2a8"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zxg3myJC9coYA1fyRHMv45eyEpH4ghC3KOJj%2BdubP6QKxCacEW3kXDT4u%2BZYqmf939BshDIcSisCEu3dIZ1P%2BAAG3Gw0lJtlKd8iuFM1nWW%2FecM2EBRp9fK23nTv2OAVf7a4fxjXd7VlUjSg"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 8bf58bedad19958a-LHR
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: CNAUiwzKUicAz1p0XTEpNxnCg83lqDCdoe3hlm4WlDNK-uDZqLNJYw==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 346 KB
115 KB 226ms
87ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d834891823c6b20ac68e6590fb413b4949911a9fff0371586faeaec5dcd6d35b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 117337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 07 Sep 2024 09:07:06 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 518 KB
141 KB 257ms
119ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5JCRGP

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c4443ff412c264b421885fdf53e9aed519711d3e8df9e4f59b9be27f04564251

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 144692
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 07 Sep 2024 09:07:06 GMT

GET
H2 200 lftracker_v1_OKM7ZEDV9rXg2zo4.js Show response
lftracker.leadfeeder.com/ 31 KB
11 KB 335ms
188ms Script
application/javascript 13.35.58.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lftracker.leadfeeder.com/lftracker_v1_OKM7ZEDV9rXg2zo4.js
Requested by: Host: www.avanan.com
URL: https://www.avanan.com/malicious-url
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-4.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06ba3b16d357fb0a37fc921a8c9fcb6a12e08987da8586a673a6d80735785745

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 9LCCfHPO47R8wNNKVjPkw02A6.SimrQu
content-encoding: br
via: 1.1 b58f4c458263fcafb0c4b2b684d9bc50.cloudfront.net (CloudFront)
date: Sat, 07 Sep 2024 09:07:07 GMT
last-modified: Fri, 26 Jul 2024 07:10:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256
etag: W/"67f2921b1de64af704c448f8e16a0f64"
vary: Accept-Encoding, Origin
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-amz-cf-id: -dF4-TreCoIXPQIwcbZe503IEh6GESLZEw7B7ydXLLKp-BDEr6pmng==

GET
H3 200 close.svg
www.avanan.com/hubfs/jacob_redesign/page_icons/ 513 B
1 KB 207ms
203ms Image
image/svg+xml 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.avanan.com/hubfs/jacob_redesign/page_icons/close.svg

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/6073351973/1693338321987/Custom/jacob_redesign/css/template.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a3a9ccca4cde6a90f28a96467b83fcc8e8b02ae532b85c46d45514e98c9dc9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/hs-fs/hub/1835778/hub_generated/template_assets/6073351973/1693338321987/Custom/jacob_redesign/css/template.min.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 d96c6a517450b169095d23aff6d646a4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-6129363300,FD-6106722142,P-1835778,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 1937157
x-amz-cf-pop: LHR3-C2
x-amz-request-id: NPZ4PV88AYXC580F
content-encoding: br
edge-cache-tag: F-6129363300,FD-6106722142,P-1835778,FLS-ALL
cache-tag: F-6129363300,FD-6106722142,P-1835778,FLS-ALL
x-amz-version-id: aGBLOARAtDK9aU8eL5GIguuA_ii6l6Ic
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: VOZz9bylgU3/fFkRAHGomBFJdGttqpuhMgQmCpMYAgwi3krAkLcOzEy5A2K8h58fXA/gSRq6HsQ=
last-modified: Wed, 14 Aug 2019 14:58:10 GMT
server: cloudflare
etag: W/"cad7540d366ad86e66ac89079055b4b9"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vdUshZGXxZgDtNT0rb1Lpa9%2BfxlIpL495zhNahAANynHCkV19xTcnkJbcfMqvtH%2FDT97ZIQ%2BEsb9oIjDtkOlQHKjtimQJkNCBv%2BzCpEuhskrog3rlrlbOEZcVEv6UI6wQvdPe2cKKJQvkHbv"}],"group":"cf-nel","max_age":604800}
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 8bf58bedad20958a-LHR
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: VOdzFgHRY7AydOuPZ17U4pelGw6_H2P3iZjVO3FkdWiQOz3N6FUvqQ==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 172ms
42ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900idisplay=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.avanan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 13:51:59 GMT
x-content-type-options: nosniff
age: 587707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Aug 2025 13:51:59 GMT

GET
H3 200 theme.css
www.avanan.com/hubfs/website/code/css/ 393 KB
1 KB 71ms
69ms Other
text/css 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/css/theme.css

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9733722790d7fe8f074be99b41ca64a8f066845023c12794512935337c0fd08f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-12350310726,FD-10555529544,P-1835778,FLS-ALL
age: 1351129
x-amz-request-id: 92YKWM87BEAYR7YJ
x-amz-server-side-encryption: AES256
edge-cache-tag: F-12350310726,FD-10555529544,P-1835778,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"dd24981f95399e7f2d5674114004c268"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-meta-created-unix-time-millis: 1566500436528
access-control-allow-origin: *
content-type: text/css
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 a1f249a9bf642aa76e446956825f42a6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: .VuZQK18yvpctq7eWnfEjZ9JXuCTwHN5
x-amz-cf-pop: LHR3-C2
x-cache: Miss from cloudfront
cache-tag: F-12350310726,FD-10555529544,P-1835778,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: zmL4P3qfN7VAWhIhp9DeCO9M26FZyeVh1TiTJmA8ma5Ib/oaReo3OmwmR1D8EWxCs4+DxSi4c64=
last-modified: Tue, 29 Aug 2023 17:12:22 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wTizOuavA0g9twxRGuUYtoZFtmersHLCKgQYMbsqgUkCquQh5ruJfzBtxumB4pyJo%2FCxDkU%2Bh7ioES5bSp14pObpQe%2FZ%2ByilxmcedfiUcsO%2BGgNr8DPvY6FLg9dz4H4Njz6r5foyoLKKWotQ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8bf58bedad22958a-LHR
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: QE0bmL2G4P1E5wNelUlrB2Ioavgha4qCcUCbu7-wCmXPo83sH4uziw==

GET
H3 200 header-slim.css
www.avanan.com/hubfs/website/code/css/components/ 84 KB
1 KB 78ms
77ms Other
text/css 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/css/components/header-slim.css

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f54ad99ac9b8bf0271cc6d19132826863aa3dc7077b4d5c586f99c46130efb30

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-29822257866,FD-10639271059,P-1835778,FLS-ALL
age: 1351129
x-amz-request-id: 92YNZJHZHF9CB648
x-amz-server-side-encryption: AES256
edge-cache-tag: F-29822257866,FD-10639271059,P-1835778,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"b144dc1e3369574aa43f95d44261c80b"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-meta-created-unix-time-millis: 1590586777336
access-control-allow-origin: *
content-type: text/css
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 5d21561f8325da91dd79188f8c919b08.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 42YSFG0lTWtnZ.W1lT05OT2Zcvw1os6c
x-amz-cf-pop: LHR3-C2
x-cache: Miss from cloudfront
cache-tag: F-29822257866,FD-10639271059,P-1835778,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
x-amz-id-2: dhusqSpiqK5XLJtfkLbYA5NMIJlW/vxbecyh+GY7Ze2t/fCRa/WkGo4ap6G/N/f3VQ/6fUNtRz4=
last-modified: Fri, 08 Oct 2021 20:18:11 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O1rnxdVyfBRZyO56B3ef148y22j6CYaeVU4pUM7RG8iIqXSQB2p0MXApB%2FBd8r9%2B5OyXBKDMLIhGPNer5NibJ240p7H6JIz6P6tyC14vEJJxwyEPfwCnc5FPsIa2YWOnM2Jrvhc6zbtlW9SH"}],"group":"cf-nel","max_age":604800}
cf-ray: 8bf58bedad23958a-LHR
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: TePoSty5U49CZlg8UAn5989D8b4CYfRVOVx_A1Pi7lgOH4evnPvgTA==

GET
H3 200 How-Safe-Are-Your-Emails-featured.png
www.avanan.com/hubfs/website/img/infographics/ 621 KB
1 KB 75ms
74ms Other
image/webp 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/img/infographics/How-Safe-Are-Your-Emails-featured.png

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8deb475ac50713a43d3cf93fb2579f1badda5b9dee5704850b032f0f25564895

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-52270339845,FD-10949243896,P-1835778,FLS-ALL
age: 1351128
x-amz-request-id: 37H5TNSTVH8YF5QS
x-amz-server-side-encryption: AES256
edge-cache-tag: F-52270339845,FD-10949243896,P-1835778,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="How-Safe-Are-Your-Emails-featured.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "c633bdada0f0b6b3a8ed9923b6fb540b"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
x-amz-meta-created-unix-time-millis: 1628160146967
access-control-allow-origin: *
content-type: image/webp
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 3fbb1f22a07ea64de9c80aefc9230214.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: .d7FqQt._o1Rnh6A1lokFj0_Ws48Edpl
x-amz-cf-pop: LHR3-C2
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=866167
x-cache: Miss from cloudfront
cache-tag: F-52270339845,FD-10949243896,P-1835778,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
content-length: 635542
x-amz-id-2: 82/1it10kwS3P7iDyxqUGHgQG/PqQ3Ccietc5pChgGJxk8dWmXdSpiuPPCyzyVQAB+vpzJsnPhs=
last-modified: Thu, 05 Aug 2021 10:42:28 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g0gbb%2BpH83Bu3LM5gMlyhfjWmCf7IkZdkCej3xu06hZUAAk95ttuhS0mb6EEV6ZfD3a53eVANwcPDTWBifahyzVux1I%2FqtNK94hikj6h0gstF%2FQGVEzX9kZxICjnyGwqjEBElCpryOj3%2BxC0"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8bf58bedad2a958a-LHR
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: iJJQ4q8pRR2dUnT7SKBXhUm2NSqx_MWUjoLvsHnpcQJU-fJQdc_Jig==

GET
H3 200 checkpoint-logo-bg.png
www.avanan.com/hubfs/ 2 KB
1 KB 80ms
79ms Other
image/webp 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/checkpoint-logo-bg.png

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

072398593a04986b2bfbee736d3197af819bbaa9ebfd69b3a5e871e8d6e668ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-173574442334,P-1835778,FLS-ALL
age: 1351128
x-amz-request-id: 1M2N66EWCDKXZHAX
x-amz-server-side-encryption: AES256
edge-cache-tag: F-173574442334,P-1835778,FLS-ALL
x-amz-replication-status: COMPLETED
content-disposition: inline; filename="checkpoint-logo-bg.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-meta-access-tag: public-indexable
cf-bgj: imgq:85,h2pri
etag: "1408eb7583a3541e5dc580168fa7358f"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
x-amz-meta-created-unix-time-millis: 1721631303778
access-control-allow-origin: *
content-type: image/webp
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 5d21561f8325da91dd79188f8c919b08.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: t33v1QgqfSHCVhCkQC6aP4J6Ii.vqTWQ
x-amz-cf-pop: LHR3-C2
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=3750
x-cache: Miss from cloudfront
cache-tag: F-173574442334,P-1835778,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 1768
x-amz-id-2: 8sPL7leVi1OJU2RggFj6AO8QptjBMIRFr++vZlbVMZ4py/RxiqNoY46vDlMGaeoaIQXZQwabQAM=
last-modified: Mon, 22 Jul 2024 06:55:04 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=buDqPx%2B5cvl1qsptKeP%2BYg%2FFxgB%2BsQQw0Xk0W%2BHlCUPKTlT%2FV3eWO8Xto7BuxAfRLa6BsJKTorwwteJQlEl1n1%2Fu%2BYM5qdxBMONxp1iWDgwsMH5hjZ5lkKJpxiM4lbzBXxisBwUQcWZBEo3X"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 8bf58bedad2b958a-LHR
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: yv5PqoYJKONelNoSm0T_JG3-Xm8FCNlr7aDlRlP9gHzthszXtuhX-w==

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 140ms
42ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900idisplay=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.avanan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 17:30:06 GMT
x-content-type-options: nosniff
age: 574620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Aug 2025 17:30:06 GMT

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.2.0/webfonts/ 63 KB
63 KB 39ms
38ms Font
font/woff2 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589

Request headers

Referer: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Origin: https://www.avanan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1356433
alt-svc: h3=":443"; ma=86400
content-length: 64144
last-modified: Fri, 22 Sep 2023 01:45:27 GMT
server: cloudflare
etag: "6814d0e8136d34e313623eb7129d538e"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Z8Vejmnt%2BTCbNjhNrMUmplKtF%2FWMdOJjvfSW7sWMuvOdENRPoq1BssolIVFF0WF51RBEOp7oqH38x3rL68sEZPJT5nBU%2B5OFTGwjcd4Sp%2BXhc%2FgSw18CfopORPlrKwfZQRBE8HPE5UeIA1cgQMs%2FKKc"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8bf58bedd9a3bd74-LHR

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.2.0/webfonts/ 61 KB
61 KB 74ms
74ms Font
font/woff2 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f

Request headers

Referer: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Origin: https://www.avanan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1349894
alt-svc: h3=":443"; ma=86400
content-length: 62472
last-modified: Fri, 22 Sep 2023 01:45:27 GMT
server: cloudflare
etag: "b75b4bfe0d58faeced5006c785eaae23"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=byyDUGcBMdCXF7Zd%2BC%2BMOVJ2WJB%2BxFp1RUc4pWJDt0CnbQ2a07tpPj6eSFh6bUq3e9ZslhQh8DQw9VHcDLaB15wE5CvRji0QiUHYmRa0eNxCGRlTqW4Cy6PjjPdBtVPyWjlOHadaOCGsX893tjeXLdri"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 8bf58bedd9a5bd74-LHR

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 551 KB
92 KB 176ms
60ms Script
application/javascript 2606:4700::6812:8c11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/hs/scriptloader/1835778.js?businessUnitId=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8c11 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03acc5c7069d79f53c0902c716cc6c6f1463d8ebb87724d39e5cb03f3f9d7890

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avanan.com/
Origin: https://www.avanan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1436/bundle/main/lead-flows-release.js&cfRay=8b1f9360efbf93f6-LHR
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"b6c788efa3b3fd53687b2c92c85a5a5f"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1436/bundle/main/lead-flows-release.js
date: Sat, 07 Sep 2024 09:07:06 GMT
x-amz-version-id: TIDmoMti0Vib7LJNFwT63dnpWuuDUZfu
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 c5f8f8068a88ebb73e505f5e51b5262e.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 50847f2b-1437-4e51-a322-03647d119bb7
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 9
x-evy-trace-route-configuration: listener_https/all
x-request-id: 50847f2b-1437-4e51-a322-03647d119bb7
last-modified: Tue, 23 Jul 2024 12:57:23 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-tmvlw
cf-ray: 8bf58befe8de63e1-LHR
x-amz-cf-id: PrX1MGN04busNIcY0Fa0cC5N7KZ31NugjSvFOUIw3JslMPNScLrxiw==

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/1835778/ 71 KB
26 KB 409ms
294ms Script
text/javascript 2606:4700:4400::ac40:9310
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/1835778/banner.js
Requested by: Host: www.avanan.com
URL: https://www.avanan.com/hs/scriptloader/1835778.js?businessUnitId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9310 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfe1ede216323e004cb709efa886a6d8e235d2174f9291b5f005213e1cdcf046

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:07 GMT
x-amz-version-id: AbzB.UrQ6OLGCUU6tD_CYHsXoM8EAvR0
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-request-id: ZKRC1DKKY4VPMADY
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: a8ac5063-1c07-4882-aef5-3e9aa7d9b637
x-envoy-upstream-service-time: 45
x-amz-id-2: xDYfMDirrAvwLQVjNQ+6DfzgE6o7yLhe43D71kowAg0XZLjuBJdOgm3SyyNouu02pSuB7g3C9Kc=
x-evy-trace-listener: listener_https
x-request-id: a8ac5063-1c07-4882-aef5-3e9aa7d9b637
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 15 Apr 2024 14:04:16 GMT
server: cloudflare
etag: W/"a1570bd4f8e9c4c7f69b737d24256229"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.avanan.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6685c9958f-snf7h
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8bf58befe8f49601-LHR
expires: Sat, 07 Sep 2024 09:12:07 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 168ms
53ms Script
application/javascript 2606:4700::6811:80ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/hs/scriptloader/1835778.js?businessUnitId=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:80ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eeecc1c14b175e0226295f130c6121ddf605878b3489fd61181911c17c9b2a74

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:06 GMT
content-encoding: gzip
via: 1.1 9dc566ff42777d2cad8483451738f334.cloudfront.net (CloudFront)
x-amz-version-id: CKdUucj42qReK_MB.X3dwG61CXEt1Id2
cf-cache-status: HIT
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 4334e710-4d18-4dd4-8fe4-d52dfd9b0c88
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.595/bundles/pixels-release.js&cfRay=8be6fc73995177b2-AMS
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
age: 22
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 4334e710-4d18-4dd4-8fe4-d52dfd9b0c88
last-modified: Thu, 05 Sep 2024 14:32:20 UTC
server: cloudflare
etag: W/"ba2542491f85a69ea1e0553167ab5227"
vary: accept-encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-wcngr
cf-ray: 8bf58befe93f7714-LHR
x-amz-cf-id: 723Krm8dgEmQpfvUQTWuK9VRk9V8JDcgqik0DYlnNKA4cCjwkek1Ww==
x-hs-target-asset: adsscriptloaderstatic/static-1.595/bundles/pixels-release.js

GET
H2 200 1835778.js Show response
js.hs-analytics.net/analytics/1725699900000/ 69 KB
25 KB 277ms
163ms Script
text/javascript 2606:4700::6811:afc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1725699900000/1835778.js
Requested by: Host: www.avanan.com
URL: https://www.avanan.com/hs/scriptloader/1835778.js?businessUnitId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:afc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d079292a08f2c3e8cf154ec8fd75cf6302a51e4ea1f587fc23944c3e6492552

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:07 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: G6ZYNXESZ6NZDNBX
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: a1f77770-1848-4f9b-aea8-84191133b904
x-envoy-upstream-service-time: 25
x-amz-id-2: Z9wZNch7nYj/1rGSQNwYm1S5+m54rvK+PXkbjXzfpFNWW6coqUcPQkc9GAFldAnfjYEZ2yH1ACHTW32NMXYkvjJrZLJgWa0m
x-evy-trace-listener: listener_https
x-request-id: a1f77770-1848-4f9b-aea8-84191133b904
x-evy-trace-route-configuration: listener_https/all
last-modified: Fri, 23 Aug 2024 13:35:53 GMT
server: cloudflare
etag: W/"ae5d2778f6bfe37e684ac14a4392989a"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-b6n95
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8bf58befefd671e6-LHR
expires: Sat, 07 Sep 2024 09:12:06 GMT

GET
H3 200 jquery-migrate.js
www.avanan.com/hubfs/website/code/js/ 17 KB
1 KB 56ms
55ms Other
application/javascript 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/js/jquery-migrate.js

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

56f9c5f99829774d0b2fbdcfd9750b617127e913afa0569afef6dfa22165659e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 bfc68ff581bb4e5342af2e46682c1ad0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-10555716746,FD-10555648234,P-1835778,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 1351129
x-amz-cf-pop: LHR3-C2
x-amz-request-id: 92YQCQCVW3CMQ5BE
content-encoding: br
edge-cache-tag: F-10555716746,FD-10555648234,P-1835778,FLS-ALL
cache-tag: F-10555716746,FD-10555648234,P-1835778,FLS-ALL
x-amz-version-id: O.IWEvWv.S2HIJh2gVb3UjxcZN2zO5t0
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: gVMyA8bu4QGzDcdeVv7oZDKxj+YImUhGauCbj1+h0AC9k57FmsSxYLU8j8OfsqYpwb51+Td41mQdRgOC11s49OKQH4MiQnAE
last-modified: Tue, 18 Jun 2019 07:39:43 GMT
server: cloudflare
etag: W/"e16bb3f1cf4b40a9e4de0cf7d4950cb3"
vary: Accept-Encoding
access-control-allow-methods: GET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JXpinteCHJU78Eff7UP%2FTRtepWsveMUdsz3oJbDY7HpRJbjYq96pO2FhKmsYBd5ZTV474XFN6TTUyDsk2uAJrj266xTlGgtmp9PpE6Q9EiShSYSLHxndAtou9F5%2Bcaj1Nix1dnqWDi2ZAtUh"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
content-type: application/javascript
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 8bf58bef3ed8958a-LHR
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: O3eKhkiR8DHR0v9eCGxLJ7e7Z9iRDbTgagR43cetYVLBpEkwdSlfZA==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 custombox.min.js
www.avanan.com/hubfs/website/code/js/vendor/ 15 KB
1 KB 57ms
55ms Other
application/javascript 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/js/vendor/custombox.min.js

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd0af87d02bf88046acaf36141538c4852763b37b99ad5ea41ab6b07829818f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 b61e218bc35668646b673c626203e5d4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-12524627223,FD-10555825718,P-1835778,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 1351129
x-amz-cf-pop: LHR3-C2
x-amz-request-id: 92YY3GK70DSFY1GP
content-encoding: br
edge-cache-tag: F-12524627223,FD-10555825718,P-1835778,FLS-ALL
cache-tag: F-12524627223,FD-10555825718,P-1835778,FLS-ALL
x-amz-version-id: Tm64yWHx4y9EpRwZ0oVdBIU91wzQQVgx
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: wYipMZ0n7w7jyHEKayjb2+ZTo14sMKVKabGUa67NqI9ONu8R1ksU6x33NwZreJkXD/k/ixjNELaA3jDDleSLig==
last-modified: Thu, 29 Aug 2019 14:19:27 GMT
server: cloudflare
etag: W/"a99f3446cf6471542e7b5103c1e0ad26"
vary: Accept-Encoding
access-control-allow-methods: GET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tIz0jO0ugqAppSH3RExy2PtznjVR0jUC5ZHvzJJ7L3zm3Xprhl7A0zJJgSw734snLfEW3%2BiKkmYV4kzyXNwJ7o9qE6w11rKBM%2BddVjQ9CnByty8EjuUQuz3Oupadea8%2BlNFPvk4kyIk3MyCv"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
content-type: application/javascript
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 8bf58bef3eda958a-LHR
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: ko1HZ816T0OdlUzdb3tyT7mzIGbqSe3M1gN2bkC4AhJ0q9PeeIgFeA==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 custombox.legacy.min.js
www.avanan.com/hubfs/website/code/js/vendor/ 102 KB
1 KB 57ms
56ms Other
application/javascript 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/js/vendor/custombox.legacy.min.js

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b4c6df43d8be2860c107af980f4ae9c27dea1b14e0112921c3aef511bb29b07

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 253e41640534a8ebde4c0b8e13b25d54.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-12524756578,FD-10555825718,P-1835778,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 1351130
x-amz-cf-pop: LHR3-C2
x-amz-request-id: 92YMKZCATZGS5BRQ
content-encoding: br
edge-cache-tag: F-12524756578,FD-10555825718,P-1835778,FLS-ALL
cache-tag: F-12524756578,FD-10555825718,P-1835778,FLS-ALL
x-amz-version-id: CNtvX5bcEOKz8jLqkiPSkGvNd2dpptBk
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: kXipHfdExfGGdLYebE6BooCJLpLa6gK4k2WHjy28tYKGUN9/59aeCrxL3mSp0jy+8tozv/FV23k=
last-modified: Thu, 29 Aug 2019 14:19:27 GMT
server: cloudflare
etag: W/"626f9c989ad909171b9c7e56dccfadd0"
vary: Accept-Encoding
access-control-allow-methods: GET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8SVt%2FDlPeMYolCeAzYNGucfBNCzvjcrk5oGm0OmG2Acjd14OUOtLpAnUeVT1CvU%2FPW%2B3V9gc2WXvMsBWPGu%2F9RY3D8LsH%2Fg%2FFROmlZGvqbF8XKaUp7pb6Gs1FpcijEm9txdgm6dNF5Bb4y3i"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
content-type: application/javascript
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 8bf58bef3edb958a-LHR
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: TaFY2DM9W24V_bnEzcQOyqnJOC9C8ydc8hYe9flWcbduNhyj2PuULg==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 hs.core.js
www.avanan.com/hubfs/website/code/js/vendor/ 4 KB
1 KB 56ms
54ms Other
application/javascript 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/js/vendor/hs.core.js

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

87d6c8ca2c4746ba9c42bd4b56b9f8dcb23dc4f4c8a5e338039a915eddbb4cfb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 1d01c9eafefacaa6322fccd6199f781c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-10555648509,FD-10555825718,P-1835778,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 1351129
x-amz-cf-pop: LHR3-C2
x-amz-request-id: 92YVVXMAH4G0TVR7
content-encoding: br
edge-cache-tag: F-10555648509,FD-10555825718,P-1835778,FLS-ALL
cache-tag: F-10555648509,FD-10555825718,P-1835778,FLS-ALL
x-amz-version-id: t39fon58.c8wnVn0KiTmU6Cnt0f.z3k5
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: xtHHJffzGtu4XqkRgpGZQPlqp79jq7t8HG3K06IbqlyKZ7CXVhNzz+foNhR15RcO+yBIYiZIUpY=
last-modified: Tue, 18 Jun 2019 07:35:47 GMT
server: cloudflare
etag: W/"ad96a1d08e41474de9b172376ad8f2a6"
vary: Accept-Encoding
access-control-allow-methods: GET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yAxvaWTjAjXOvzztnq0wVthjwbdnbcsBzjbBxNN0aLtP8VstsAImIXyP0EObU0kh1Q1BPerx0A6pooRYqd8hSxMpir2L9lkOirDDwNpSmqhhps7mp6WNymUT1SZ75Qf9y0P403Q9uy49ngdM"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
content-type: application/javascript
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 8bf58bef3ee2958a-LHR
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: pVrGx-2eC0vhNLbIWEXgkHZlfR2xZ__p2ULJApT3CNmQqdPc21-BSA==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 hs.header.js
www.avanan.com/hubfs/website/code/js/vendor/ 45 KB
1 KB 55ms
53ms Other
application/javascript 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/js/vendor/hs.header.js

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

327f498e13e0a8166699d8d770f3806775c2707dd893d18f0139b84b0b9d8576

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 02b64e603ed38c4fa65e6d087701f8de.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-10658801982,FD-10555825718,P-1835778,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 1351130
x-amz-cf-pop: LHR3-C2
x-amz-request-id: 92YT41EZBFW7JX9N
content-encoding: br
edge-cache-tag: F-10658801982,FD-10555825718,P-1835778,FLS-ALL
cache-tag: F-10658801982,FD-10555825718,P-1835778,FLS-ALL
x-amz-version-id: sLoBYokxi8ZRjPnVZWHiocCdDukS9g6O
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: T38y9RmOxuCM5dhucbjxG/jcIPTQXlX+ehXHIRG+YIHxAE9h7tkVD1Tr2FpIKX+qeqqsfI4MU0Rgmc/jBSERm/a5LG7EDSYCoobvVgXTRuc=
last-modified: Fri, 21 Jun 2019 15:22:17 GMT
server: cloudflare
etag: W/"da8e6062fc6df06d66405f3894ac0090"
vary: Accept-Encoding
access-control-allow-methods: GET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fmv8jedegtVYUsLvYAHeEHmqAE0za5O6hbs0gLKl%2Bioe9%2F4nS3UmUTRaSNcA7TfjnaV6GWJULzNalCj7O5M%2BrGAvmk4ozvRH2mUiTecqe46mgcXu7wGosjXWuU78OjLEXZDFyjh2SfukgmXC"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
content-type: application/javascript
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 8bf58bef3ee4958a-LHR
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: knbhCPdHYtQyAml-TBlhYq3KiVLU7ehia55jJLBfhEyj2BTwxUi9kw==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 hs.unfold.js
www.avanan.com/hubfs/website/code/js/vendor/ 16 KB
1 KB 65ms
63ms Other
application/javascript 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/js/vendor/hs.unfold.js

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd6aef7e70901bd5018e23bf8f366b1363e27c9263a2e058df2ca725cf81aab5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 9fef32c73ce85aca1efbc12a810558ca.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-12349469375,FD-10555825718,P-1835778,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 1351129
x-amz-cf-pop: LHR3-C2
x-amz-request-id: 92YPW1W1RTYT802H
content-encoding: br
edge-cache-tag: F-12349469375,FD-10555825718,P-1835778,FLS-ALL
cache-tag: F-12349469375,FD-10555825718,P-1835778,FLS-ALL
x-amz-version-id: jtHI_y0b8Eo2FGwKdP6LEhiHSwPKnVW3
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: a0rUmRk7C2qcG+DvDrZcETpA0x9+6/xdxGMhYi2Sq/nh8QWEdHUFoGxzREQQiSFEEigzreuLjJWfxaThaWQ0qQ==
last-modified: Thu, 22 Aug 2019 18:14:11 GMT
server: cloudflare
etag: W/"cd7294af40bf5e701ac6f8cca4a7ebcc"
vary: Accept-Encoding
access-control-allow-methods: GET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uZA7XBjUovNJo9d6K%2FqgsqO%2BzcGGHgl6ratyO%2FM9w3iYYHtn3m5Wu0SNH%2FuukV327PqgNfJZ78HWjVW9Qs4X83qB2qPK%2F6zTUNdwIncGPqs6fsDlXTbjg5H9VJtkV4q9peUwA4%2BcMJTX7h0Z"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
content-type: application/javascript
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 8bf58bef3ee6958a-LHR
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: Rm9UsLENIbkEilsUgIj2klxrsBtMWGhTTaTvgb9znwHKSAcI3X_dSQ==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 hs.modal-window.js
www.avanan.com/hubfs/website/code/js/vendor/ 9 KB
1 KB 71ms
69ms Other
application/javascript 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hubfs/website/code/js/vendor/hs.modal-window.js

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6713fb9ddf25585f97a9c877f75edbb8b2c0d0691c1402fe85c145a9098527d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:06 GMT
strict-transport-security: max-age=31536000
via: 1.1 c2eeef4f658b2933c525a8c9b2d5c896.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag: F-12524633360,FD-10555825718,P-1835778,FLS-ALL
content-security-policy: upgrade-insecure-requests
age: 1351129
x-amz-cf-pop: LHR3-C2
x-amz-request-id: 92YGKM0ZKQ5EJ617
content-encoding: br
edge-cache-tag: F-12524633360,FD-10555825718,P-1835778,FLS-ALL
cache-tag: F-12524633360,FD-10555825718,P-1835778,FLS-ALL
x-amz-version-id: 37fiNFmrqmELkFKd5Hej0YGO_cs4_PVG
x-cache: Miss from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
x-amz-id-2: GNydI17WFmShXJzZrSPSClmIyYiOmTMSVHWCWYXtqqF8U4oeXIBwcdGpRMbb1Q3KMAuNN+apAdPo3SKW+jdJ28oCH4FCpkIJi9TbBdAI5cQ=
last-modified: Thu, 29 Aug 2019 14:15:34 GMT
server: cloudflare
etag: W/"e835fc393be7df8bc21680227886c2a8"
vary: Accept-Encoding
access-control-allow-methods: GET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xee0wjUrqEk%2Fl4Ymthsw2b6k0%2BwDTlccn4pveIYXGvuM%2F%2BsxnzAZr30vMqfpfyWCcJ5s02UbYqCl9Cn54V2Gl0Ye0CNdCRYVe%2FJXu9JLW66NwexEdg%2FQ2CWj4x7X5kzXx0BzfsC200TCb3bd"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
content-type: application/javascript
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 8bf58bef3ee7958a-LHR
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: CNAUiwzKUicAz1p0XTEpNxnCg83lqDCdoe3hlm4WlDNK-uDZqLNJYw==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H2 204 has-permission-json Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
1 KB 307ms
201ms XHR
text/plain 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission-json?portalId=1835778

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/hs/hsstatic/HubspotToolsMenu/static-1.354/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: no-sniff
cf-cache-status: DYNAMIC
x-hs-worker-debug-mode: false
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 9428ae97-758c-4b46-b9fb-13e65f079420
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=8bf58befea74943f&resource=unknown"
x-evy-trace-listener: listener_https
x-request-id: 9428ae97-758c-4b46-b9fb-13e65f079420
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
access-control-allow-origin: https://www.avanan.com
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-5f4dcb8bc8-wcngr
cache-control: max-age=0
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
cf-ray: 8bf58befea74943f-LHR

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 148ms
42ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50377d1d3e7dcb2c8298feb8d2505099df1957e3700a358b993b4cf443fd36e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 07 Sep 2024 09:07:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: p+39a+/XEcZfNKybQjgXjA==
age: 51492
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6882
x-ms-lease-status: unlocked
last-modified: Thu, 05 Sep 2024 06:33:12 GMT
server: cloudflare
etag: 0x8DCCD749DA8FD23
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 771b698c-901e-00ec-41c4-ff9bf3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8bf58bf028699461-LHR

GET
H2 200 52127f8b-58c8-43a1-aff0-3c29a26e76d8-test.json Show response
cdn.cookielaw.org/consent/52127f8b-58c8-43a1-aff0-3c29a26e76d8-test/ 5 KB
2 KB 178ms
73ms XHR
application/x-javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/52127f8b-58c8-43a1-aff0-3c29a26e76d8-test/52127f8b-58c8-43a1-aff0-3c29a26e76d8-test.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2f85bc03d72fdd58ac7fb2cb580914b4679bcf8c99533ba20743ee73d0e28ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 07 Sep 2024 09:07:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: zW+nmlOpfOHASPspd29pVQ==
content-length: 1806
x-ms-lease-status: unlocked
last-modified: Wed, 27 Sep 2023 17:33:01 GMT
server: cloudflare
etag: 0x8DBBF7FCC4B93BF
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0ff11047-101e-005c-6505-016273000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8bf58bf1291c9409-LHR

GET
H2 200 /
tr.lfeeder.com/ 43 B
339 B 251ms
102ms Image
image/gif 18.66.112.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.lfeeder.com/?sid=OKM7ZEDV9rXg2zo4&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6W10sImdhQ2xpZW50SWRzIjpbXSwiY29udGV4dCI6eyJsaWJyYXJ5Ijp7Im5hbWUiOiJsZnRyYWNrZXIiLCJ2ZXJzaW9uIjoiMi42NC4wIn0sInBhZ2VVcmwiOiJodHRwczovL3d3dy5hdmFuYW4uY29tL21hbGljaW91cy11cmwiLCJwYWdlVGl0bGUiOiIiLCJyZWZlcnJlciI6IiJ9LCJldmVudCI6InRyYWNraW5nLWV2ZW50IiwiY2xpZW50RXZlbnRJZCI6IjA2ZWZlNmVhMmY1ZWY4ZWEiLCJzY3JpcHRJZCI6Ik9LTTdaRURWOXJYZzJ6bzQiLCJjb29raWVzRW5hYmxlZCI6dHJ1ZSwiY29uc2VudExldmVsIjoibm9uZSIsImFub255bWl6ZUlwIjp0cnVlLCJsZkNsaWVudElkIjoiTEYxLjEuZWJmNWMwYmM2ZTZjMTE4Mi4xNzI1NzAwMDI2OTQ5IiwiZm9yZWlnbkNvb2tpZXMiOltdLCJwcm9wZXJ0aWVzIjp7fSwiYXV0b1RyYWNraW5nRW5hYmxlZCI6dHJ1ZSwiYXV0b1RyYWNraW5nTW9kZSI6Im9uX3NjcmlwdF9sb2FkIn0=
Requested by: Host: www.avanan.com
URL: https://www.avanan.com/malicious-url
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-92.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:07 GMT
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
vary: Origin
x-cache: LambdaGeneratedResponse from cloudfront
content-type: image/gif
cross-origin-resource-policy: cross-origin
content-length: 43
x-amz-cf-id: xWBABBsTx7kGkBnBbqpdJPs9IyFHOLDWcudUugiTPgXZMfz32AqhfQ==

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 69 B
306 B 550ms
433ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26e34b9fbbd2ecafe25af980f19ddc63342ffad01477b0fe851ac8c35bfea847

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 8bf58bf25de5657b-LHR
access-control-allow-headers: Content-Type

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 113 B
1 KB 505ms
391ms XHR
application/json 2606:4700::6812:f36c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=1835778

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f36c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

626e534b9a811f60a8aa88e463a0ffa75ea4d8ba7510ed6a15c267becf680394

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 452c8ccf-df88-4f03-b86c-36469cccbf11
content-encoding: br
x-envoy-upstream-service-time: 4
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 452c8ccf-df88-4f03-b86c-36469cccbf11
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.avanan.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-58bbf9c46c-cv5l8
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zLFBld%2BU%2BVQjmyHt6X%2Fj5KvgwcRUXb%2BOXpqavyi%2Byqq%2BqC4R6657NZRrhOIZ7hlAd1VJuU2ya967rBm0Riot1j2BqbtsWm%2FXfxj4Xgp9KYbsSy%2BjyJQ5S8%2B%2BPS6zQ0ESVjQCGquYxT0HExoC"}],"group":"cf-nel","max_age":604800}
cf-ray: 8bf58bf29fab06c1-LHR
access-control-allow-headers: *

GET
H2 200 insent Show response
checkpointsoftwaretechnologiesincavanan.widget.insent.ai/ 80 KB
23 KB 527ms
60ms Script
binary/octet-stream 2600:9000:225e:b600:f:7ae2:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/insent
Requested by: Host: www.avanan.com
URL: https://www.avanan.com/malicious-url
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:b600:f:7ae2:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c0e96c0f51eb10934d2022f7d30dbeaf05f748f85d32dfe71711f2dbb21621d8

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: dKBWLWw_vbL1JAcGK4FhexuegxSBL79I
content-encoding: gzip
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
date: Sat, 07 Sep 2024 08:12:14 GMT
last-modified: Thu, 22 Aug 2024 08:26:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 3294
etag: "6c640d0008fb2a23a0ff942202f8657c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: binary/octet-stream
content-length: 23142
x-amz-cf-id: NMw7zUjo2IMYJKUjPSIWYIr1Xc43blsH1zbcUUyXL4zeeEwvcZbLLA==

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
586 B 455ms
453ms Image
image/gif 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-gb&bfp=3256498180&v=1.1&a=1835778&ct=standard-page&ccu=https%3A%2F%2Fwww.avanan.com%2F404&pu=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&cts=1725700027217&vi=a36074dfe213ac1edf94a25f24f52d1b&nc=true&u=23485541.a36074dfe213ac1edf94a25f24f52d1b.1725700027214.1725700027214.1725700027214.1&b=23485541.1.1725700027214&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: e510907b-d456-4498-990b-7a25733a244a
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 5
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e510907b-d456-4498-990b-7a25733a244a
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kxb0%2FIBj4RywTtLxXOy7AU9LMnaW1AyFn6QzbAUoZ4nWH9l2IyaBqSbkc7ii41tYUbC3ZqzwfzJohI13q0Dvd451Hbr79zesYADyvqqC1Pht%2F7iq36QbtWQL6ZFM8UCsZdH5Dbf3ysdTS0gBz9X3"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7bf556f6f-qxx8g
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8bf58bf23ccb943f-LHR
x-robots-tag: none

GET
H3 200 favicon.ico
www.avanan.com/hs-fs/hubfs/ 3 KB
3 KB 59ms
58ms Other
image/vnd.microsoft.icon 2606:2c40::c73c:67fe
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.avanan.com/hs-fs/hubfs/favicon.ico?width=15&quality=high

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:67fe , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

50bd971afdaa816feb119030667b2e7011372aaf4f9209ce03cabedf40c516d9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.avanan.com/malicious-url
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 1348426
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
edge-cache-tag: F-174394559573,P-1835778,FLS-ALL
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
x-amz-meta-access-tag: public-indexable
etag: W/"c3343299fcce11318a0a9c8682fa6438"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1722349584333
content-type: image/vnd.microsoft.icon
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Sat, 07 Sep 2024 09:07:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 598d87b7aabfe9af537b98f78145120e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD55-P6
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 536a3792-569d-4aab-9f1c-58aaa2382941
x-cache: RefreshHit from cloudfront
cache-tag: F-174394559573,P-1835778,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 191
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 536a3792-569d-4aab-9f1c-58aaa2382941
last-modified: Fri, 02 Aug 2024 05:10:28 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IJWxOfzxLGaMCDfWjZ9vWQvDCbyvG7In%2B9KGsfDYzkQ1Rzn4w79VzX9eOvcXktr116qNLPF%2BNocvvSwNKckWbDAj4s0p7HVa17PEhtrOe4nBeDsmufbjDp0lOawGkN8SbyylGl%2Frb2C2daGk"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-7849459c5c-rz8x5
access-control-allow-credentials: false
cf-ray: 8bf58bf25a77958a-LHR
timing-allow-origin: www.avanan.com
x-amz-cf-id: It38beo_28D3xmVso44Ofih26hVA-wVWkQRry2OmQyy1hr_Sp-Ihmw==

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 178 B
1 KB 599ms
196ms XHR
application/json 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=1835778&utk=a36074dfe213ac1edf94a25f24f52d1b&__hstc=23485541.a36074dfe213ac1edf94a25f24f52d1b.1725700027214.1725700027214.1725700027214.1&__hssc=23485541.1.1725700027214&contentId=null&currentUrl=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a61709461baabaa9437f5a96b2406d1e3312fb94644d1c25917d3229e05ab841

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 50c25f78-3f64-408e-aea2-f030d4cfc41d
content-encoding: br
x-envoy-upstream-service-time: 62
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 50c25f78-3f64-408e-aea2-f030d4cfc41d
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.avanan.com
x-evy-trace-virtual-host: all
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-6bvmd
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lwt3flMuW26R9kpWlGm8I8xA76EfRbmZmeEDwsvkgX%2BHqmYf4vh0%2FB%2FfQ2%2FcpME%2B4CMq9lRX2hQObRez9Xaf9o6dBYz%2F73lyRgmvz279idGXj4WDNjvsFg9dqefokCZz9VhXJJCC1vAblTg1Uy9n"}],"group":"cf-nel","max_age":604800}
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 8bf58bf51cb34142-LHR

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202308.2.0/ 421 KB
101 KB 40ms
39ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202308.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee39d0cbc9e9cd88b7dac8ebca680b89e8879081f855152f21772c7834474437

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 07 Sep 2024 09:07:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: B7RJGeSCnZZuAb1NQkB81w==
age: 60916
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 103637
x-ms-lease-status: unlocked
last-modified: Wed, 20 Sep 2023 06:26:02 GMT
server: cloudflare
etag: 0x8DBB9A2763B37CA
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 370b2d5d-e01e-0045-3ee5-1dec60000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8bf58bf50dd49461-LHR

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 198ms
60ms Script
application/javascript 2a02:26f0:3500:10::210:a99
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a99 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2024 10:43:55 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=12503
accept-ranges: bytes
content-length: 14628

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/52127f8b-58c8-43a1-aff0-3c29a26e76d8-test/9995d05d-866d-4909-81dd-446d69a173ac/ 95 KB
20 KB 61ms
60ms Fetch
application/x-javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/52127f8b-58c8-43a1-aff0-3c29a26e76d8-test/9995d05d-866d-4909-81dd-446d69a173ac/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad66b40ac6fb0451baa6f252864ee213eb292767fe47d1cfc08656ba5b64e1c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 07 Sep 2024 09:07:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-md5: pCQHbcaD3ojQOlHiOLzeTw==
content-length: 19837
x-ms-lease-status: unlocked
last-modified: Wed, 27 Sep 2023 17:32:56 GMT
server: cloudflare
etag: 0x8DBBF7FC9B25E29
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4ab6b3ae-101e-00f6-2a05-01b49c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8bf58bf59dd79409-LHR

GET
H2 200 otFloatingRounded.json Show response
cdn.cookielaw.org/scripttemplates/202308.2.0/assets/ 10 KB
3 KB 49ms
48ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202308.2.0/assets/otFloatingRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef072b9ae1b3c29f94781c86bcdfdb71c1e06bbc7a2f05bc65dcfa2eefdde02c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 07 Sep 2024 09:07:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: JBYz6y0YLdPMjkmPCHT4iQ==
age: 4073
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2644
x-ms-lease-status: unlocked
last-modified: Wed, 20 Sep 2023 06:25:55 GMT
server: cloudflare
etag: 0x8DBB9A271F46AFD
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 371020e1-501e-0079-2a0f-cbfac0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8bf58bf62e869409-LHR

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/202308.2.0/assets/v2/ 62 KB
13 KB 48ms
47ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202308.2.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b0a210e89ac35b54a9b4ccb0336ea91c561e6dc5f8bda49574da98d40799c6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 07 Sep 2024 09:07:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 3yHA5F3oKJDlMPXEHc+wYA==
age: 47
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 12708
x-ms-lease-status: unlocked
last-modified: Wed, 20 Sep 2023 06:25:57 GMT
server: cloudflare
etag: 0x8DBB9A2735C2A8F
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 39a674ab-b01e-0074-38d1-9bc72f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8bf58bf62e8c9409-LHR

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202308.2.0/assets/ 21 KB
4 KB 78ms
78ms Fetch
text/css 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202308.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 07 Sep 2024 09:07:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: c7xAZ9MSGAobGaTYg/Qtag==
age: 72662
x-ms-lease-status: unlocked
last-modified: Wed, 20 Sep 2023 06:26:05 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 802bc850-201e-009f-55d3-9b39d3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8bf58bf64eb79409-LHR

GET
H3

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=13r3r3r3r5l1&tag_exp=0&rnd=416348279.1725700028&url=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&dma=0&npa=0&gtm=45He4940n81MQZBTTXv79081916za200&...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13r3r3r3r5l1&tag_exp=0&rnd=416348279.1725700028&url=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&dma=0&npa=0&gtm=45He4940n81MQZBTTXv7...

42 B
65 B

182ms
57ms

Ping
image/gif

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13r3r3r3r5l1&tag_exp=0&rnd=416348279.1725700028&url=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&dma=0&npa=0&gtm=45He4940n81MQZBTTXv79081916za200&auid=2010277551.1725700028

Protocol

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 09:07:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 07 Sep 2024 09:07:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13r3r3r3r5l1&tag_exp=0&rnd=416348279.1725700028&url=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&dma=0&npa=0&gtm=45He4940n81MQZBTTXv79081916za200&auid=2010277551.1725700028
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 318 KB
105 KB 68ms
67ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-48VXKGDGCV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aa9007db2ca20c195efb8d23119f19f0e2a43673d1ef521225a92185c08b978a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 107223
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 07 Sep 2024 09:07:07 GMT

GET
H2 200 e1efa08e-e135-4766-9e10-b54f0663900a.js Show response
j.6sc.co/j/ 4 KB
5 KB 624ms
443ms Script
application/javascript 23.53.43.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://j.6sc.co/j/e1efa08e-e135-4766-9e10-b54f0663900a.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-58.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9930008a31667afab09cc391c46f645342425e0444d945f0fda44ae280ad192e

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: av3XAVivh5QPJn4VDMwX4hhYAAyIf3eR
date: Sat, 07 Sep 2024 09:07:08 GMT
last-modified: Thu, 06 Jun 2024 18:35:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
x-amz-server-side-encryption: AES256
etag: "a64ce1f148f0cd68c9c7a1ab5595c13d"
vary: Accept-Encoding
content-type: application/javascript
x-amz-meta-content-type: application/json
cache-control: private, max-age=1800
accept-ranges: bytes
content-length: 4576
x-amz-cf-id: XcW27nNPDNycJ5MdA-dVNkDSvJmEBnHRE-83-gh3UipQaZXro2tsuA==
expires: Sat, 07 Sep 2024 09:37:08 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 230ms
40ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

60ed45fe20ede817f77c4e774e77fd9a9a4f4046c67456f1442eac2095918438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 07 Sep 2024 09:07:07 GMT
last-modified: Fri, 06 Sep 2024 21:17:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 875B7C89947A4AD49DD55A3B69868218 Ref B: LON04EDGE1006 Ref C: 2024-09-07T09:07:08Z
etag: "016326a20db1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14305

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 239 KB
85 KB 75ms
75ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-881234066&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c79ac805eec5dbb354de9451a5561c1970765243c2489f8f51218302e387b4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86950
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 07 Sep 2024 09:07:07 GMT

GET
H2 200 hotjar-2523353.js Show response
static.hotjar.com/c/ 12 KB
5 KB 248ms
90ms Script
application/javascript 18.66.102.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2523353.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-11.fra56.r.cloudfront.net

Software

Resource Hash

f4ec68af7148e560141516bb2a0f7609619e3addabc79f877fbacae99ed61e53

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Sat, 07 Sep 2024 09:07:08 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/dd2d28b205449e472b624a2bd26e87f8
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 9VPmd4ahKsFFd5K88bfA-KYgm0Tobn9C-cgOCAtuIrMEfJir7Z5l7Q==

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 191ms
46ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 07 Sep 2024 09:07:08 GMT
document-policy: force-load-at-top
x-fb-server-load: 37
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58953
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=47, rtx=0, c=23, mss=1232, tbw=5573, tp=10, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: Kh4Q65jITbrMdayYpaR1W+EkOEnbb+eYNyN++WGZukACGTR5el+rBT9LEphc3HVUwBVSbYRFWWwhIZ00j/eEUQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 w.js Show response
d10lpsik1i8c69.cloudfront.net/ 5 KB
3 KB 238ms
60ms Script
application/javascript 143.204.205.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by: Host: www.avanan.com
URL: https://www.avanan.com/malicious-url
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.205.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-205-137.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6cb6821219dae9fa9a21519d86d7ec7acaf0c4dd61463eb336eb92964feebef3

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 08:57:13 GMT
content-encoding: gzip
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified: Thu, 25 Jan 2024 18:19:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 596
x-amz-server-side-encryption: AES256
etag: W/"e31293f40e8a324de552ff593ee76a9b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: ReVyY63S8fEDLtCm_Q-wnbeb6d0ZQluiHgCGCTsATbIHTR5rnRfAZw==

GET tbw_analytics_v1.0.js
d26x5ounzdjojj.cloudfront.net/tbw/ 0
0

GET
H3 200 capterra_tracker.js Show response
ct.capterra.com/ 29 B
789 B 259ms
140ms Script
text/javascript 104.18.40.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.capterra.com/capterra_tracker.js?vid=2117953&vkey=f73241bb49d31b9ed492b4202bbe1244

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.40.158 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b521cf21eb734ff6b687aef8f56b3ab1be44709262716e6817b1898bbc2b986d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:08 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-bot-score: 98
x-permitted-cross-domain-policies: none
x-j3-hash: f13012a341ed6abc26086dd46b346c72
x-js-detection-passed: false
alt-svc: h3=":443"; ma=86400
content-length: 29
x-xss-protection: 1; mode=block
x-request-id: 53b2d7a5-981e-4351-bc35-b03d24340a21
x-runtime: 0.008858
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"b521cf21eb734ff6b687aef8f56b3ab1"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
cf-ray: 8bf58bf70ac594c7-LHR

GET
H2 200 tracker Show response
www.influ2.com/ 5 KB
2 KB 275ms
132ms Script
application/javascript 34.107.254.219
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.influ2.com/tracker?clid=94f01642-c25e-4c39-b6b1-8eb7959ff1af

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQZBTTX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.254.219 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

219.254.107.34.bc.googleusercontent.com

Software

Resource Hash

fca09d9ea551f47718d60aa717acf8f585a75e24265399ed726c7b75f38b0ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 07 Sep 2024 09:07:08 GMT
via: 1.1 google
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block

GET
H2 200 tracking.js Show response
trk.techtarget.com/ 3 KB
2 KB 233ms
82ms Script
text/javascript 2606:4700::6812:1247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk.techtarget.com/tracking.js

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1247 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:08 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 15:01:39 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
age: 62112
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1200
cf-ray: 8bf58bf75e946511-LHR
expires: Sat, 07 Sep 2024 09:27:08 GMT

GET t.js
vidassets.terminus.services/f3f76756-1d1f-4392-b34d-e3ac799fbf5d/ 0
0

GET
H2 200 4393.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 2 KB
2 KB 242ms
116ms Script
text/javascript 2606:4700::6812:1eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/4393.js?p=https://www.avanan.com/malicious-url&e=

Requested by

Host: www.avanan.com
URL: https://www.avanan.com/malicious-url

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1eb0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa578f7e1d61b829750d78931be9d8e6e505c229190e03ac796367bbc1633f07

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:08 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
content-disposition: inline
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
origin-agent-cluster: ?1
cf-ray: 8bf58bf888178891-LHR

GET
H2 200 /
checkpointsoftwaretechnologiesincavanan.widget.insent.ai/ Frame 37CE 0
0 226ms
41ms Document
text/html 2600:9000:225e:b600:f:7ae2:7780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/?project_key=p2xERwhuLXXni4npvQaI&blog_url=www.avanan.com%2Fmalicious-url&event_listener=gKdX1pPr9784qub&hubspot_cookies=[%22a36074dfe213ac1edf94a25f24f52d1b%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
Requested by: Host: checkpointsoftwaretechnologiesincavanan.widget.insent.ai
URL: https://checkpointsoftwaretechnologiesincavanan.widget.insent.ai/insent
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:b600:f:7ae2:7780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.avanan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age: 1384848
cache-control: max-age=31536000
content-encoding: gzip
content-type: text/html
date: Thu, 22 Aug 2024 08:26:21 GMT
etag: W/"abfc76a518b767b04cc5a721d0330eba"
last-modified: Thu, 22 Aug 2024 08:26:10 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-id: b3VTQwjSIudFZCg6dAmlKNV8YAYY23eVPGXz0IuuZ8A7_hNqvJQRHw==
x-amz-cf-pop: FRA60-P4
x-amz-version-id: Ar1tPoopX04hIQRW5NKyURSpBC.w_Yui
x-cache: Error from cloudfront

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
1 KB 320ms
179ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=110528&time=1725700027894&url=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: *
Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:07 GMT
content-encoding: gzip
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-cache: CONFIG_NOCACHE
x-li-uuid: AAYhg9kqRlbI5eRI+6A1Bg==
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: C3FC1D6001284D4B878B23A8B7838A72 Ref B: LTSEDGE1511 Ref C: 2024-09-07T09:07:08Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-ltx1
access-control-allow-origin: *
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-fs-uuid: 00062183d92a4656c8e5e448fba03506

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=110528&time=1725700027894&url=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=110528&time=1725700027894&url=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&e_ipv6=AQJOdGLcTOkXMgAAAZHLvLeGPCnFbxe0D8s9ymhk5QqMfiRHNwMg4X37p0Rg8RT...

0
483 B

281ms
166ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=110528&time=1725700027894&url=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&e_ipv6=AQJOdGLcTOkXMgAAAZHLvLeGPCnFbxe0D8s9ymhk5QqMfiRHNwMg4X37p0Rg8RT307HRx3cNfQ
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:08 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 97ADCCF6645D446782F54CB4DA948C88 Ref B: LON04EDGE0810 Ref C: 2024-09-07T09:07:08Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/javascript
x-li-fabric: prod-ltx1
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYhg9kw+kHnA8jvTmnMQA==

Redirect headers

date: Sat, 07 Sep 2024 09:07:07 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 899F00269BF44E9797353CC03E143195 Ref B: LON04EDGE1009 Ref C: 2024-09-07T09:07:08Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=110528&time=1725700027894&url=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&e_ipv6=AQJOdGLcTOkXMgAAAZHLvLeGPCnFbxe0D8s9ymhk5QqMfiRHNwMg4X37p0Rg8RT307HRx3cNfQ
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYhg9kszVaqfTYkbcctQw==

GET
H2 200 ot_close.svg
cdn.cookielaw.org/logos/static/ 651 B
600 B 53ms
52ms Image
image/svg+xml 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/ot_close.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 07 Sep 2024 09:07:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: pcXWFGpuVeSg/jVnYCseRg==
age: 70266
x-ms-lease-status: unlocked
last-modified: Thu, 05 Sep 2024 06:33:14 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: edb13b1b-901e-00a8-0598-ff479f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8bf58bf6cfea9461-LHR

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 48ms
47ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900idisplay=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.avanan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 08:31:10 GMT
x-content-type-options: nosniff
age: 2157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Sep 2025 08:31:10 GMT

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
495 B 46ms
45ms Fetch
image/svg+xml 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202308.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 07 Sep 2024 09:07:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: tXyZydHjxQshFMbbBT1/8A==
age: 82433
x-ms-lease-status: unlocked
last-modified: Thu, 05 Sep 2024 06:33:13 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 37a529c1-701e-00cf-467c-fff438000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8bf58bf6df349409-LHR

GET
H2 200 privacy-center.png
cdn.cookielaw.org/logos/47e3c59c-0525-4547-bb04-4b39430f40a8/ab35f60a-5fe3-425a-8fd3-54a1c7472028/5abbcdb5-e783-4bba-8ec5-526bf2f46f6a/ 1 KB
2 KB 49ms
47ms Image
image/png 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/47e3c59c-0525-4547-bb04-4b39430f40a8/ab35f60a-5fe3-425a-8fd3-54a1c7472028/5abbcdb5-e783-4bba-8ec5-526bf2f46f6a/privacy-center.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cfe2988dd0e1d6bcc63e394d2818003d0a121a5a8de88a6ba8caf91dbc48c96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 07 Sep 2024 09:07:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: HnzIqzk5bF7upvrzwNVyQA==
age: 49139
content-length: 1478
x-ms-lease-status: unlocked
last-modified: Tue, 25 Oct 2022 18:30:06 GMT
server: cloudflare
etag: 0x8DAB6B6F07B96CC
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
x-ms-request-id: d0df24a7-001e-002e-4272-cd134d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8bf58bf6e8049461-LHR

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 48ms
46ms Image
image/svg+xml 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 07 Sep 2024 09:07:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 46927
x-ms-lease-status: unlocked
last-modified: Thu, 05 Sep 2024 06:33:14 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: f2de5db3-801e-001d-04ce-ff4a60000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8bf58bf6e8079461-LHR

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 175ms
54ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-48VXKGDGCV&gtm=45je4940v881001595z879081916za200zb79081916&_p=1725700026393&_gaz=1&gcs=G111&gcd=13r3r3r3r5l1&npa=0&dma=0&tag_exp=0&cid=1450467391.1725700028&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&dl=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&dp=%2Fmalicious-url&sid=1725700028&sct=1&seg=0&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&ep.host_property=www.avanan.com&ep.page_level1=malicious-url&tfd=2790
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-48VXKGDGCV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 09:07:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.avanan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 176ms
56ms Ping
text/plain 2a00:1450:400c:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-48VXKGDGCV&cid=1450467391.1725700028&gtm=45je4940v881001595z879081916za200zb79081916&aip=1&dma=0&gcs=G111&gcd=13r3r3r3r5l1&npa=0&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-48VXKGDGCV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 09:07:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.avanan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame E9FC 0
0 260ms
125ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-48VXKGDGCV&gacid=1450467391.1725700028&gtm=45je4940v881001595z879081916za200zb79081916&dma=0&gcs=G111&gcd=13r3r3r3r5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=384536770

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-48VXKGDGCV&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.avanan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Sep 2024 09:07:08 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 180ms
65ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-48VXKGDGCV&cid=1450467391.1725700028&gtm=45je4940v881001595z879081916za200zb79081916&aip=1&dma=0&gcs=G111&gcd=13r3r3r3r5l1&npa=0&frm=0&tag_exp=0&tag_exp=0&z=564893495

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 09:07:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/881234066/ 5 KB
2 KB 213ms
64ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/881234066/?random=1725700028095&cv=11&fst=1725700028095&bg=ffffff&guid=ON&async=1&gtm=45be4940v9175590393z879081916za201zb79081916&gcd=13r3r3r3r5l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=2010277551.1725700028&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-881234066&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28271a516dca7d6dd3d565272593ddd1580a57d10b71f1c5789a12489dada231

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 09:07:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 881234066
td.doubleclick.net/td/rul/ Frame 9137 0
0 175ms
125ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/881234066?random=1725700028095&cv=11&fst=1725700028095&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4940v9175590393z879081916za201zb79081916&gcd=13r3r3r3r5l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=2010277551.1725700028&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-881234066&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.avanan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Sep 2024 09:07:08 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/881234066/ 5 KB
2 KB 187ms
57ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/881234066/?random=1725700028123&cv=11&fst=1725700028123&bg=ffffff&guid=ON&async=1&gtm=45be4940v9175590393z879081916za201zb79081916&gcd=13r3r3r3r5l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=2010277551.1725700028&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-881234066&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54720fbe5dacdca88cdf060684d8213d5aafcafc9ea3fd307224f33fb5f63714

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 09:07:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2303
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 881234066
td.doubleclick.net/td/rul/ Frame 7192 0
0 173ms
126ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/881234066?random=1725700028123&cv=11&fst=1725700028123&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4940v9175590393z879081916za201zb79081916&gcd=13r3r3r3r5l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=2010277551.1725700028&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-881234066&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.avanan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Sep 2024 09:07:08 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1936026250043111 Show response
connect.facebook.net/signals/config/ 66 KB
13 KB 174ms
173ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1936026250043111?v=2.9.167&r=stable&domain=www.avanan.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

410363544865468962ab0ea8c82ae70873adfa2616a2f96ad78c4a235939044d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 07 Sep 2024 09:07:08 GMT
document-policy: force-load-at-top
x-fb-server-load: 32
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=74, mss=1232, tbw=68243, tp=64, tpl=0, uplat=130, ullat=0
pragma: public
x-fb-debug: QCHEoDGyWZioLA+UuW1f8/o1JJx3vebccNda1tyPb4E+lDhGbctwV7DWsUoM5xCrSXmgMrr2+dTm9N5pEiWAaQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
settings.luckyorange.net/ 129 B
768 B 269ms
143ms Fetch
application/json 104.26.11.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.luckyorange.net/?u=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&s=128904

Requested by

Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.11.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bfb6389f80ddd586b66a540370f89f40e7eb39d388e8d9410f57caa732dc5cd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:08 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.avanan.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dWqAE%2Bdge3O4MKmJ%2F1Jbzi2EKKosRwjBgpWknRVzaxV6QA%2B8JQ2g30UPenDfWMkw%2FwPHHWv%2Fbqy2Sn1JKYTYXyYKWbivqhskAAIt9oNTRuleB65gGhW9iVTruXefSBKn2sTwyH9sOGu4cg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cf-ray: 8bf58bf8e87fbeb5-LHR
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since
content-length: 121

GET
H2 200 modules.8da33a8f469c3b5ffcec.js Show response
script.hotjar.com/ 223 KB
56 KB 216ms
60ms Script
application/javascript 13.33.187.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2523353.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.187.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-187-19.fra60.r.cloudfront.net

Software

Resource Hash

76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 14:23:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 6641a812839e5267ee0880e96b41efc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
age: 3350642
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56385
last-modified: Tue, 30 Jul 2024 14:22:40 GMT
etag: "0728625a147ca79276a1790b9cf3175d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: qrduE0DUJqUYBM0e2EY0RSEd6igCGMKVdX5gYvmFEMBAtAp6TeBnCw==

GET
H2 200 25018126.js Show response
bat.bing.com/p/action/ 370 B
421 B 39ms
38ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/25018126.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

17f546aa40c3a05dc3868e6faa44176b85d0ccd3a1082c184d7f35ff91d9e321

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Sat, 07 Sep 2024 09:07:07 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C8400F0125254B1D9B561D6D2B5071D8 Ref B: LON04EDGE1006 Ref C: 2024-09-07T09:07:08Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=1800

GET
H2 200 gif.gif Show response
ibc-flow.techtarget.com/a/ 43 B
440 B 131ms
130ms XHR
image/gif 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=1237514&r=1725700028169&ref=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&version=2.4
Requested by: Host: trk.techtarget.com
URL: https://trk.techtarget.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

ibc_rate_tier: 1237514
Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:08 GMT
via: 1.1 google
x-guploader-uploadid: AD-8ljsWtOTn4AG8TXgRFYJNoRyrVrcMIMfOjnzI0gsZc0yyAyYA00lbBVRna8pFTFh3qUAcVA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Thu, 08 Dec 2022 21:19:29 GMT
server: nginx/1.20.2
etag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
vary: Origin
x-goog-generation: 1670534369365034
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
cache-control: public, max-age=3600
access-control-allow-methods: GET, POST, OPTIONS
x-goog-stored-content-length: 43
accept-ranges: bytes
access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
expires: Sat, 07 Sep 2024 10:07:08 GMT

OPTIONS
H2 200 gif.gif
ibc-flow.techtarget.com/a/ Frame 0
0 246ms
118ms Preflight
text/html 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=1237514&r=1725700028169&ref=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&version=2.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ibc_rate_tier
Access-Control-Request-Method: GET
Origin: https://www.avanan.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 07 Sep 2024 09:07:08 GMT
expires: Sat, 07 Sep 2024 09:07:08 GMT
server: nginx/1.20.2
vary: Origin
via: 1.1 google
x-guploader-uploadid: AD-8ljvzabqGsXsycNAFPEbdij-ok5t5mylh3leJi31mr1yd_VoCQghyCXBrOouWhbiWCuRA-A

GET
H2 204 0
bat.bing.com/action/ 0
287 B 42ms
42ms Image
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=25018126&tm=gtm002&Ver=2&mid=9ffdbffe-d9c2-4179-a7b8-94424d605078&sid=8f351f106cf811ef881cd7391bdec184&vid=8f353a206cf811efb5eccfd65f872b5a&vids=1&msclkid=N&pi=918639831&lg=en-GB&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&r=&lt=2000&evt=pageLoad&sv=1&cdb=AQET&rn=500732

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 07 Sep 2024 09:07:07 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 164D34EB2AE84F24A646D9C8F2D4AB27 Ref B: LON04EDGE1006 Ref C: 2024-09-07T09:07:08Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/881234066/ 42 B
64 B 51ms
50ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/881234066/?random=1725700028123&cv=11&fst=1725699600000&bg=ffffff&guid=ON&async=1&gtm=45be4940v9175590393z879081916za201zb79081916&gcd=13r3r3r3r5l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=2010277551.1725700028&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfKaZ3Rs1RdwduEoDnzZKNQRYKGBpf8g&random=2153590511&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 09:07:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.co.uk/pagead/1p-user-list/881234066/ 42 B
64 B 50ms
50ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/881234066/?random=1725700028123&cv=11&fst=1725699600000&bg=ffffff&guid=ON&async=1&gtm=45be4940v9175590393z879081916za201zb79081916&gcd=13r3r3r3r5l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=2010277551.1725700028&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfKaZ3Rs1RdwduEoDnzZKNQRYKGBpf8g&random=2153590511&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 09:07:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/881234066/ 42 B
64 B 50ms
50ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/881234066/?random=1725700028095&cv=11&fst=1725699600000&bg=ffffff&guid=ON&async=1&gtm=45be4940v9175590393z879081916za201zb79081916&gcd=13r3r3r3r5l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=2010277551.1725700028&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfQDCTEQ2Y4rJjdmb-1VD7c9qloRLi-w&random=2794968490&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 09:07:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.co.uk/pagead/1p-user-list/881234066/ 42 B
64 B 48ms
48ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/881234066/?random=1725700028095&cv=11&fst=1725699600000&bg=ffffff&guid=ON&async=1&gtm=45be4940v9175590393z879081916za201zb79081916&gcd=13r3r3r3r5l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&hn=www.googleadservices.com&frm=0&npa=0&pscdl=noapi&auid=2010277551.1725700028&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfQDCTEQ2Y4rJjdmb-1VD7c9qloRLi-w&random=2794968490&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 09:07:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 229ms
96ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1936026250043111&ev=PageView&dl=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&rl=&if=false&ts=1725700028355&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1725700028352.995767601360288039&ler=empty&cdl=API_unavailable&it=1725700028159&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=10, mss=1392, tbw=2798, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 07 Sep 2024 09:07:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 303ms
170ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1936026250043111&ev=PageView&dl=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&rl=&if=false&ts=1725700028355&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1725700028352.995767601360288039&ler=empty&cdl=API_unavailable&it=1725700028159&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Sat, 07 Sep 2024 09:07:08 GMT
document-policy: force-load-at-top
x-fb-server-load: 28
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7411825184338942630", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1392, tbw=3116, tp=-1, tpl=-1, uplat=117, ullat=0
pragma: no-cache
x-fb-debug: A955XqaSY0MWjRExEnNQ3GJeajYcDc3GhtNwrbO9ZcW/NjGNdbfU+g7tpyzWATzWbkJWpRd56D7VKl4gyc1DrQ==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7411825184338942630"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 assign
tracking.g2crowd.com/attribution_tracking/conversions/ 0
0 149ms
147ms Ping
text/html 2606:4700::6812:1eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.g2crowd.com/attribution_tracking/conversions/assign
Requested by: Host: tracking.g2crowd.com
URL: https://tracking.g2crowd.com/attribution_tracking/conversions/4393.js?p=https://www.avanan.com/malicious-url&e=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryQwhZ9sMBx0eCo8lC

Response headers

GET
H2 204 2523353 Show response
vc.hotjar.io/sessions/ 0
231 B 391ms
98ms XHR
text/plain 18.66.112.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2523353?s=0.25&r=0.07447132764147879
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-19.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 07 Sep 2024 09:07:08 GMT
cache-control: no-store
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: B0tx9tJAC230J_WDVFdG_poJ8rfEEn-okQsT2uuzz56hVNTu9D23ig==
x-cache: Miss from cloudfront

GET
H2 200 browser-perf.8417c6bba72228fa2e29.js Show response
script.hotjar.com/ 5 KB
2 KB 47ms
47ms Script
application/javascript 13.33.187.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/browser-perf.8417c6bba72228fa2e29.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.187.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-187-19.fra60.r.cloudfront.net

Software

Resource Hash

70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jan 2024 14:32:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 6641a812839e5267ee0880e96b41efc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
age: 19593301
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1782
last-modified: Wed, 24 Jan 2024 14:31:37 GMT
etag: "b83b61bc5871e9a23a0434e2c539f4f3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: pw8qjYB8hOkzpO1R5Ua8BB_D6Uopg8iEzgXp-gxLZ8fRWb8OE5Zm2w==

GET
H2 200 6si.min.js Show response
j.6sc.co/ 68 KB
19 KB 44ms
42ms Script
application/javascript 23.53.43.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/j/e1efa08e-e135-4766-9e10-b54f0663900a.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-43-58.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

aea136527ca962a15eea8eb338c7667b5a44d98bff65dc09a36f5493ddbacb99

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Sep 2024 16:37:55 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "66d9de63-10fec"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, proxy-revalidate, max-age=10800
accept-ranges: bytes
content-length: 18709
expires: Sat, 07 Sep 2024 12:07:08 GMT

GET
H2 200 / Show response
t.influ2.com/u/ 63 B
334 B 374ms
136ms Fetch
text/plain 34.117.110.211
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.influ2.com/u/?cb=1725700028494
Requested by: Host: www.influ2.com
URL: https://www.influ2.com/tracker?clid=94f01642-c25e-4c39-b6b1-8eb7959ff1af
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.110.211 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 211.110.117.34.bc.googleusercontent.com
Software: nginx/1.25.5 /
Resource Hash: dc51a9846dfc97c35fbb093ca977e209b634f08ed7d46200fc5463e7538cb836

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:08 GMT
via: 1.1 google
server: nginx/1.25.5
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.avanan.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63

GET
BLOB 200
OK d83fc258-61f5-4dcd-93c7-9a15fa4cefaf
https://www.avanan.com/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.avanan.com/d83fc258-61f5-4dcd-93c7-9a15fa4cefaf
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length: 43
Content-Type: image/gif

GET
H2 200 getuidj Show response
secure.adnxs.com/ 11 B
702 B 201ms
65ms XHR
application/json 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 09:07:08 GMT
an-x-request-uuid: b4bbf15b-053a-427d-bf48-95676bdd7066
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.avanan.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 194.74.212.77; 194.74.212.77; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
193 B 59ms
44ms XHR
text/html 23.53.43.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-43-58.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 07 Sep 2024 09:07:08 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.avanan.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 21 B
312 B 255ms
97ms XHR
text/html 2a02:26f0:7100::210:172
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::210:172 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c5de2e78e24784f62951b73f35baa7f072b7dcfc8d516f20788e3571d52ae53f

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 09:07:08 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.avanan.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a00:2381:5374:1a::77
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1725700028872_34603374_943511254_38_1139_16_42_219";dur=1
content-length: 21
expires: Sat, 07 Sep 2024 09:07:08 GMT

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 1 KB
973 B 178ms
64ms XHR
application/json 76.223.9.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.9.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software: nginx /
Resource Hash: 8e872e218dfbe8b2a99c14806fc0bd2e2c1025565d559b8cf06ff92098a7742d

Request headers

Referer: https://www.avanan.com/
Authorization: Token 88f41a99bd1fcf8636165556d51c5d9423931073
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
X-6s-CustomID: WebTag e1efa08e-e135-4766-9e10-b54f0663900a

Response headers

x-trace-id: 366433223376893266
date: Sat, 07 Sep 2024 09:07:09 GMT
content-encoding: gzip
server: nginx
vary: Origin, Accept-Encoding
content-type: application/json
x-6si-region: eu-central-1a
access-control-allow-origin: https://www.avanan.com
access-control-expose-headers: X-6si-Region
access-control-allow-credentials: true
timing-allow-origin: https://6sense.com, https://www.ssga.com
content-length: 653

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 235ms
96ms Preflight 76.223.9.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.9.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-6s-customid
Access-Control-Request-Method: GET
Origin: https://www.avanan.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,x-6s-customid
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://www.avanan.com
access-control-expose-headers: X-6si-Region
access-control-max-age: 1800
date: Sat, 07 Sep 2024 09:07:09 GMT
server: nginx
timing-allow-origin: https://6sense.com, https://www.ssga.com
x-6si-region: eu-central-1a
x-trace-id: 4704356367722179860

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 161ms
142ms Image
image/gif 23.53.43.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=null&visitor=b93190e0-12bf-4f20-8748-065f61fa6ceb&session=7059694b-87f1-4c42-8d7e-0222d9a11016&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Sat%2C%2007%20Sep%202024%2009%3A07%3A08%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Back%20Button%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&pageViewId=65a0903f-fa2e-4863-81b0-625a8dd8930f&webTagId=e1efa08e-e135-4766-9e10-b54f0663900a&v=1.1.24

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-43-58.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 09:07:09 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 07 Sep 2024 09:07:09 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 174ms
155ms Image
image/gif 23.53.43.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=null&visitor=b93190e0-12bf-4f20-8748-065f61fa6ceb&session=7059694b-87f1-4c42-8d7e-0222d9a11016&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22af1e717890f3605d16fc823643e05b8c%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sat%2C%2007%20Sep%202024%2009%3A07%3A08%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22disableCookies%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sat%2C%2007%20Sep%202024%2009%3A07%3A08%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%2288f41a99bd1fcf8636165556d51c5d9423931073%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sat%2C%2007%20Sep%202024%2009%3A07%3A08%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIPv6Ping%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sat%2C%2007%20Sep%202024%2009%3A07%3A08%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIgnorePageUrlHash%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sat%2C%2007%20Sep%202024%2009%3A07%3A08%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sat%2C%2007%20Sep%202024%2009%3A07%3A08%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setWhiteListFields%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sat%2C%2007%20Sep%202024%2009%3A07%3A08%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sat%2C%2007%20Sep%202024%2009%3A07%3A08%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%22e1efa08e-e135-4766-9e10-b54f0663900a%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sat%2C%2007%20Sep%202024%2009%3A07%3A08%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sat%2C%2007%20Sep%202024%2009%3A07%3A08%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCompanyDetailsExpiration%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sat%2C%2007%20Sep%202024%2009%3A07%3A08%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableMapCookieCapture%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sat%2C%2007%20Sep%202024%2009%3A07%3A08%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Sat%2C%2007%20Sep%202024%2009%3A07%3A08%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Back%20Button%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&pageViewId=65a0903f-fa2e-4863-81b0-625a8dd8930f&webTagId=e1efa08e-e135-4766-9e10-b54f0663900a&v=1.1.24

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-43-58.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 09:07:09 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 07 Sep 2024 09:07:09 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 142ms
142ms Image
image/gif 23.53.43.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=null&visitor=b93190e0-12bf-4f20-8748-065f61fa6ceb&session=7059694b-87f1-4c42-8d7e-0222d9a11016&event=ipv6&q=%7B%22address%22%3A%222a00%3A2381%3A5374%3A1a%3A%3A77%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Back%20Button%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&pageViewId=65a0903f-fa2e-4863-81b0-625a8dd8930f&an_uid=0&webTagId=e1efa08e-e135-4766-9e10-b54f0663900a&ipv6=2a00%3A2381%3A5374%3A1a%3A%3A77&v=1.1.24

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-43-58.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 09:07:09 GMT
x-content-type-options: nosniff
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 07 Sep 2024 09:07:09 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 33ms
32ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-48VXKGDGCV&gtm=45je4940v881001595za200zb79081916&_p=1725700026393&gcs=G111&gcd=13r3r3r3r5l1&npa=0&dma=0&tag_exp=0&cid=1450467391.1725700028&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1725700028&sct=1&seg=0&dl=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&dt=&en=scroll&epn.percent_scrolled=90&_et=66&tfd=4102
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-48VXKGDGCV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 09:07:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.avanan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 41ms
41ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-48VXKGDGCV&gtm=45je4940v881001595z879081916za200zb79081916&_p=1725700026393&gcs=G111&gcd=13r3r3r3r5l1&npa=0&dma=0&tag_exp=0&cid=1450467391.1725700028&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=3&sid=1725700028&sct=1&seg=0&dl=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&dt=&en=6si_data_loaded&ep.e_action=6si_company_details&ep.e_label=6si_data_loaded&_et=1241&up.company_name_6s=Butterfield%20Group&up.company_domain_6s=butterfieldgroup.com&up.industry_6s=Financial%20Services&up.employee_range_6s=1%2C000%20-%204%2C999&up.revenue_range_6s=%24500M%20-%20%241B&up.employee_count_6s=1261&up.country_6s=United%20States&up.company_match_6s=Match&up.company_is_blacklisted_6s=false&up.company_is_6qa_6s=false&tfd=4116
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-48VXKGDGCV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 09:07:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.avanan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 137ms
137ms Image
image/gif 23.53.43.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=null&visitor=b93190e0-12bf-4f20-8748-065f61fa6ceb&session=7059694b-87f1-4c42-8d7e-0222d9a11016&event=active_time_track&q=%7B%22currentTime%22%3A%22Sat%2C%2007%20Sep%202024%2009%3A07%3A09%20GMT%22%2C%22lastTrackTime%22%3A%22Sat%2C%2007%20Sep%202024%2009%3A07%3A08%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%221002%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Back%20Button%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&pageViewId=65a0903f-fa2e-4863-81b0-625a8dd8930f&an_uid=0&webTagId=e1efa08e-e135-4766-9e10-b54f0663900a&ipv6=2a00%3A2381%3A5374%3A1a%3A%3A77&v=1.1.24

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-43-58.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 09:07:09 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 07 Sep 2024 09:07:09 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
257 B 139ms
138ms Image
image/gif 23.53.43.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=null&visitor=b93190e0-12bf-4f20-8748-065f61fa6ceb&session=7059694b-87f1-4c42-8d7e-0222d9a11016&event=active_time_track&q=%7B%22currentTime%22%3A%22Sat%2C%2007%20Sep%202024%2009%3A07%3A10%20GMT%22%2C%22lastTrackTime%22%3A%22Sat%2C%2007%20Sep%202024%2009%3A07%3A09%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222003%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Back%20Button%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&pageViewId=65a0903f-fa2e-4863-81b0-625a8dd8930f&an_uid=0&webTagId=e1efa08e-e135-4766-9e10-b54f0663900a&ipv6=2a00%3A2381%3A5374%3A1a%3A%3A77&v=1.1.24

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-43-58.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 09:07:10 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 07 Sep 2024 09:07:10 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 140ms
140ms Image
image/gif 23.53.43.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=null&visitor=b93190e0-12bf-4f20-8748-065f61fa6ceb&session=7059694b-87f1-4c42-8d7e-0222d9a11016&event=active_time_track&q=%7B%22currentTime%22%3A%22Sat%2C%2007%20Sep%202024%2009%3A07%3A11%20GMT%22%2C%22lastTrackTime%22%3A%22Sat%2C%2007%20Sep%202024%2009%3A07%3A10%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%223003%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Back%20Button%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&pageViewId=65a0903f-fa2e-4863-81b0-625a8dd8930f&an_uid=0&webTagId=e1efa08e-e135-4766-9e10-b54f0663900a&ipv6=2a00%3A2381%3A5374%3A1a%3A%3A77&v=1.1.24

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-43-58.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 09:07:11 GMT
x-content-type-options: nosniff
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 07 Sep 2024 09:07:11 GMT

POST
H2 204 /
metrics.hotjar.io/ 0
80 B 253ms
95ms Ping
text/plain 52.209.121.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.hotjar.io/?v=6&site_id=2523353
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2523353.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.209.121.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-121-68.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 07 Sep 2024 09:07:12 GMT
access-control-max-age: 86400

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
258 B 140ms
138ms Image
image/gif 23.53.43.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=af1e717890f3605d16fc823643e05b8c&svisitor=null&visitor=b93190e0-12bf-4f20-8748-065f61fa6ceb&session=7059694b-87f1-4c42-8d7e-0222d9a11016&event=active_time_track&q=%7B%22currentTime%22%3A%22Sat%2C%2007%20Sep%202024%2009%3A07%3A12%20GMT%22%2C%22lastTrackTime%22%3A%22Sat%2C%2007%20Sep%202024%2009%3A07%3A11%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%224003%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Back%20Button%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&pageViewId=65a0903f-fa2e-4863-81b0-625a8dd8930f&an_uid=0&webTagId=e1efa08e-e135-4766-9e10-b54f0663900a&ipv6=2a00%3A2381%3A5374%3A1a%3A%3A77&v=1.1.24

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.43.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-43-58.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avanan.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 Sep 2024 09:07:12 GMT
x-content-type-options: nosniff
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sat, 07 Sep 2024 09:07:12 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d26x5ounzdjojj.cloudfront.net
URL: https://d26x5ounzdjojj.cloudfront.net/tbw/tbw_analytics_v1.0.js?10

Domain: vidassets.terminus.services
URL: https://vidassets.terminus.services/f3f76756-1d1f-4392-b34d-e3ac799fbf5d/t.js

Verdicts & Comments Add Verdict or Comment

140 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.avanan.com/	1970-01-20 23:21:41	Name: __cf_bm Value: BgkZFKWEozY8v9Z2WMe2KbUtlsIxtN9H7pXOhDIGPF4-1725700026-1.0.1.1-D7twSs8NrMwDFVdQRJ5GnLSwcU4r1O91QyFW.AkLVB16I4xiXLjpks2uRt8Hr86m3bc9gITlV6Oh3kpWwyPg6Q
.www.avanan.com/	1969-12-31 23:59:59	Name: __cfruid Value: 35741103ccd45fecc785fccfa907883c84f6d7f8-1725700026
.avanan.com/	1970-01-21 08:07:16	Name: _lfa Value: LF1.1.ebf5c0bc6e6c1182.1725700026949
.hubspot.com/	1970-01-20 23:21:41	Name: __cf_bm Value: 18Q3kJNoXwyOLX1VjAtaydNBH7ViXLQqVociaK7sg_M-1725700027-1.0.1.1-flwrc9oWVhwC7aN9sBbYopR.a6Wtu1t5MsPRW4yV3JZx0IYNLJgzhstHkwmN4bJauk6vBXK6N8VjTQfl23ReHg
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: Rixpc5kIc9LfBJBn5sQRY_IdD1zg6ToUEyTAcML5qdE-1725700027039-0.0.1.1-604800000
.avanan.com/	1970-01-21 03:40:52	Name: __hstc Value: 23485541.a36074dfe213ac1edf94a25f24f52d1b.1725700027214.1725700027214.1725700027214.1
.avanan.com/	1970-01-21 03:40:52	Name: hubspotutk Value: a36074dfe213ac1edf94a25f24f52d1b
.avanan.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.avanan.com/	1970-01-20 23:21:41	Name: __hssc Value: 23485541.1.1725700027214
.avanan.com/	1970-01-21 01:31:16	Name: _gcl_au Value: 1.1.2010277551.1725700028
www.avanan.com/	1970-01-21 08:57:40	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Sat+Sep+07+2024+10%3A07%3A07+GMT%2B0100+(British+Summer+Time)&version=202308.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=04bc7d76-512a-4e07-abb2-3c6857eef3fa&interactionCount=0&landingPath=https%3A%2F%2Fwww.avanan.com%2Fmalicious-url&groups=C0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1
.avanan.com/	1970-01-21 08:57:40	Name: _ga Value: GA1.1.1450467391.1725700028
.techtarget.com/	1970-01-20 23:21:41	Name: __cf_bm Value: p_QSTh61SXWr6PnhtPxgvcbns4BLh323LC.6_yh1.Ao-1725700028-1.0.1.1-wAfvuOz_nH2FnTIIRVPz02lmSTQoMwwbEuC0TPbmz54.ACZbhiGvCBDoXmNbUgiXM.XD1X4rGK501xSiUvrFwQ
.capterra.com/	1970-01-20 23:21:41	Name: __cf_bm Value: EGvxuSsde59XaqGQCzsQvwBLH1jWv1G5ax5cbneb._g-1725700028-1.0.1.1-u3Oi_3CFS1xmAd2xnkbwjzp6.4q_yV7zswBnwnApimcN5EtCyIv3dwdz62Fkt4C4kjbdKaAGhjEPkLGTh727Pg
.capterra.com/	1969-12-31 23:59:59	Name: _cfuvid Value: HVWWP4P0C5SzXRXZLoTQvsaASyKtF55kBLNR1TwdVZ8-1725700028115-0.0.1.1-604800000
.avanan.com/	1970-01-20 23:23:06	Name: _uetsid Value: 8f351f106cf811ef881cd7391bdec184
.avanan.com/	1970-01-21 08:43:16	Name: _uetvid Value: 8f353a206cf811efb5eccfd65f872b5a
.bing.com/	1970-01-21 08:43:16	Name: MUID Value: 212954BA48F9619E356740494919607D
.doubleclick.net/	1970-01-20 23:21:40	Name: test_cookie Value: CheckForPermission
.g2crowd.com/	1970-01-20 23:21:41	Name: __cf_bm Value: ZaZcNV1ijjN6SGX_TfOER_FH9jWMlA_mWBZeQ21ZMcA-1725700028-1.0.1.1-aOpf14bsVDS7CRq7jQ5uRUY.EjuPrna4tBcAzH7squJik40zDSi5UKhdclk6u7B40GAQ3Clucy9pWWKKf2UWEQ
.avanan.com/	1970-01-21 01:31:16	Name: _fbp Value: fb.1.1725700028352.995767601360288039
.linkedin.com/	1970-01-21 08:07:16	Name: bcookie Value: "v=2&78936bea-4f09-463d-8abb-aeb9723247f4"
.linkedin.com/	1970-01-21 03:40:52	Name: li_gc Value: MTswOzE3MjU3MDAwMjg7MjswMjHHaTRCQrlvuKatDF1DRZ5qxuWl0qie4YIaaGhrX5j5VQ==
.linkedin.com/	1970-01-20 23:23:06	Name: lidc Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2875:u=1:x=1:i=1725700028:t=1725786428:v=2:sig=AQGHEbHEKpHNPa6gqXd7DEWHJZ_yPEpS"
.avanan.com/	1970-01-21 08:07:16	Name: _hjSessionUser_2523353 Value: eyJpZCI6ImNhNGZjYjc0LTA2ODUtNWE3OC05YzI2LWJiNWUzMzQ2NDU2MCIsImNyZWF0ZWQiOjE3MjU3MDAwMjg0MzcsImV4aXN0aW5nIjpmYWxzZX0=
.avanan.com/	1970-01-20 23:21:41	Name: _hjSession_2523353 Value: eyJpZCI6Ijc4ZjYzMjk2LWU4ZWEtNDgyYy04ODc1LWQ0OTUwZjZkODliOSIsImMiOjE3MjU3MDAwMjg0MzgsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.influ2.com/	1970-01-21 08:07:16	Name: R Value: 4b76fbf2f6525da5271b42a7
www.avanan.com/	1970-01-21 08:57:40	Name: _gd_visitor Value: b93190e0-12bf-4f20-8748-065f61fa6ceb
.adnxs.com/	1970-01-21 08:57:40	Name: receive-cookie-deprecation Value: 1
www.avanan.com/	1970-01-20 23:21:54	Name: _gd_session Value: 7059694b-87f1-4c42-8d7e-0222d9a11016
www.avanan.com/	1970-01-20 23:31:44	Name: _an_uid Value: 0
.avanan.com/	1970-01-21 08:57:40	Name: _ga_48VXKGDGCV Value: GS1.1.1725700028.1.0.1725700029.59.0.0
.avanan.com/	1970-01-21 08:57:40	Name: insent-user-id Value: GsW2wlXe66XDynBi21725700028844

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.avanan.com/malicious-url Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://d26x5ounzdjojj.cloudfront.net/tbw/tbw_analytics_v1.0.js?10 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
app.hubspot.com
b.6sc.co
bat.bing.com
c.6sc.co
cdn.cookielaw.org
cdn2.hubspot.net
cdnjs.cloudflare.com
checkpointsoftwaretechnologiesincavanan.widget.insent.ai
connect.facebook.net
ct.capterra.com
d10lpsik1i8c69.cloudfront.net
d26x5ounzdjojj.cloudfront.net
epsilon.6sense.com
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
geolocation.onetrust.com
googleads.g.doubleclick.net
ibc-flow.techtarget.com
ipv6.6sc.co
j.6sc.co
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hsleadflows.net
lftracker.leadfeeder.com
malicious-url.com
metrics.hotjar.io
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
script.hotjar.com
secure.adnxs.com
settings.luckyorange.net
snap.licdn.com
static.hotjar.com
static.hsappstatic.net
stats.g.doubleclick.net
t.influ2.com
td.doubleclick.net
tr.lfeeder.com
track.hubspot.com
tracking.g2crowd.com
trk.techtarget.com
use.fontawesome.com
vc.hotjar.io
vidassets.terminus.services
www.avanan.com
www.facebook.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.influ2.com
d26x5ounzdjojj.cloudfront.net
vidassets.terminus.services
104.18.40.158
104.26.11.16
13.107.42.14
13.33.187.19
13.35.58.4
143.204.205.137
18.66.102.11
18.66.112.19
18.66.112.92
2001:4860:4802:34::36
23.53.43.58
2600:9000:225e:b600:f:7ae2:7780:93a1
2606:2c40::c73c:67fe
2606:4700:3036::6815:1b98
2606:4700:4400::6812:2089
2606:4700:4400::ac40:9310
2606:4700::6810:7574
2606:4700::6811:180e
2606:4700::6811:80ac
2606:4700::6811:af5b
2606:4700::6811:afc9
2606:4700::6812:1247
2606:4700::6812:1eb0
2606:4700::6812:562a
2606:4700::6812:583e
2606:4700::6812:8c11
2606:4700::6812:f36c
2620:1ec:21::14
2620:1ec:33:1::10
2a00:1450:4001:802::2003
2a00:1450:4001:802::2004
2a00:1450:4001:808::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:81d::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:830::200a
2a00:1450:400c:c1d::9a
2a02:26f0:3500:10::210:a99
2a02:26f0:7100::210:172
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.33.251.168
34.107.254.219
34.111.208.231
34.117.110.211
37.252.171.21
52.209.121.68
76.223.9.105
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
03817f3f6505178f6f24ef977ac8cd844ba3427f0353759e41bea905c565020a
03acc5c7069d79f53c0902c716cc6c6f1463d8ebb87724d39e5cb03f3f9d7890
057d87ec0edbdb5fe7d60d32da4c3abfe1dc2e6a0aacd6543a5e9dabb7bbd21b
06ba3b16d357fb0a37fc921a8c9fcb6a12e08987da8586a673a6d80735785745
072398593a04986b2bfbee736d3197af819bbaa9ebfd69b3a5e871e8d6e668ce
0b0a210e89ac35b54a9b4ccb0336ea91c561e6dc5f8bda49574da98d40799c6e
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
17f546aa40c3a05dc3868e6faa44176b85d0ccd3a1082c184d7f35ff91d9e321
1b5055f0e4f12757f77cb6a296d6dcf95a02784c987731892dcfa730d12dd0f3
24a3a9ccca4cde6a90f28a96467b83fcc8e8b02ae532b85c46d45514e98c9dc9
26e34b9fbbd2ecafe25af980f19ddc63342ffad01477b0fe851ac8c35bfea847
28271a516dca7d6dd3d565272593ddd1580a57d10b71f1c5789a12489dada231
2b399672241d3519341ed5ca7e437979ba73fe944f44d1624b95488efa5b5dab
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
327f498e13e0a8166699d8d770f3806775c2707dd893d18f0139b84b0b9d8576
356bb4bf2245a68ee5de5732b5574260dd2016a2c3987e17ad97fb2586a883d1
3636e8810aa8b16828af450174251147977372f0201e77d464c719f110b0924f
410363544865468962ab0ea8c82ae70873adfa2616a2f96ad78c4a235939044d
42c7e51d284cd7256caf3bfebf641141876657ea0d6e5588ac7e69dce1e9cf7e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
49c8d692cb67ec3cc5b35e839c50c5c9eea05fe3ce82894eb02d22240554a0aa
4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589
4eed62e19ef261a18dade30aac09258399bbead589a04d061bce834f0d5a2bcd
50377d1d3e7dcb2c8298feb8d2505099df1957e3700a358b993b4cf443fd36e8
50bd971afdaa816feb119030667b2e7011372aaf4f9209ce03cabedf40c516d9
54720fbe5dacdca88cdf060684d8213d5aafcafc9ea3fd307224f33fb5f63714
56f9c5f99829774d0b2fbdcfd9750b617127e913afa0569afef6dfa22165659e
5a6284f5e68fe70bb17c9aecb532fdb513b37ec0096d21e9a7231fbcfeda6794
5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
60ed45fe20ede817f77c4e774e77fd9a9a4f4046c67456f1442eac2095918438
626e534b9a811f60a8aa88e463a0ffa75ea4d8ba7510ed6a15c267becf680394
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6cb6821219dae9fa9a21519d86d7ec7acaf0c4dd61463eb336eb92964feebef3
70712c8650feecc46403b5801b9d5b72d5b2d6ba1d1cf0317e105603982321bf
71577fb46a22fa031506bab9c5ddb4640e38ef10a1b4959a11288b41ce4b0757
739b870ffe58acc3c4ee52c53450855d175099275cd66405cf1521cf8aedc389
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
78aa01cd352a2c773a89d1176dac5ba563cbe99f1d85795ab1a64b686de30201
7a82df3611c2166b9b9e824830c57bc09ef40860b9dc83fb2897b9a2a3ab0b98
7b4c6df43d8be2860c107af980f4ae9c27dea1b14e0112921c3aef511bb29b07
7cfe2988dd0e1d6bcc63e394d2818003d0a121a5a8de88a6ba8caf91dbc48c96
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
87d6c8ca2c4746ba9c42bd4b56b9f8dcb23dc4f4c8a5e338039a915eddbb4cfb
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8bfb6389f80ddd586b66a540370f89f40e7eb39d388e8d9410f57caa732dc5cd
8d079292a08f2c3e8cf154ec8fd75cf6302a51e4ea1f587fc23944c3e6492552
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
8deb475ac50713a43d3cf93fb2579f1badda5b9dee5704850b032f0f25564895
8e872e218dfbe8b2a99c14806fc0bd2e2c1025565d559b8cf06ff92098a7742d
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
92544ed57b172f513a507fe6d3e09d763bc23c413e47d110d8dc03ef896490dd
9733722790d7fe8f074be99b41ca64a8f066845023c12794512935337c0fd08f
98dfeb1d061e8788b320a130a84723813efed0b2518921f30b40cc8a09bf8ecf
9930008a31667afab09cc391c46f645342425e0444d945f0fda44ae280ad192e
996d6f9827e688d21be65b59c81929110381b405656ab22fdccd87f880efceed
a61709461baabaa9437f5a96b2406d1e3312fb94644d1c25917d3229e05ab841
aa578f7e1d61b829750d78931be9d8e6e505c229190e03ac796367bbc1633f07
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aa9007db2ca20c195efb8d23119f19f0e2a43673d1ef521225a92185c08b978a
ad66b40ac6fb0451baa6f252864ee213eb292767fe47d1cfc08656ba5b64e1c4
aea136527ca962a15eea8eb338c7667b5a44d98bff65dc09a36f5493ddbacb99
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b521cf21eb734ff6b687aef8f56b3ab1be44709262716e6817b1898bbc2b986d
c0e96c0f51eb10934d2022f7d30dbeaf05f748f85d32dfe71711f2dbb21621d8
c2f85bc03d72fdd58ac7fb2cb580914b4679bcf8c99533ba20743ee73d0e28ce
c4443ff412c264b421885fdf53e9aed519711d3e8df9e4f59b9be27f04564251
c5de2e78e24784f62951b73f35baa7f072b7dcfc8d516f20788e3571d52ae53f
c79ac805eec5dbb354de9451a5561c1970765243c2489f8f51218302e387b4fe
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cf53806c2a4cef2c89a8502411683c83162fe73859d7d24244259e7e793df68a
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d834891823c6b20ac68e6590fb413b4949911a9fff0371586faeaec5dcd6d35b
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc51a9846dfc97c35fbb093ca977e209b634f08ed7d46200fc5463e7538cb836
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddd0af87d02bf88046acaf36141538c4852763b37b99ad5ea41ab6b07829818f
deb3d40a52e939dc606cacea278753f149b56d19b6619994069659687e3a7728
dfdfda9e62136a7572265ec7eebffc6baacb8365095dfdd314f316cb7e418678
dfe1ede216323e004cb709efa886a6d8e235d2174f9291b5f005213e1cdcf046
e3640c9e176b212640e5d1ba0e522d80ebe382b5a18fc55ae4f7be28d1b138be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6713fb9ddf25585f97a9c877f75edbb8b2c0d0691c1402fe85c145a9098527d
e94bb9eafa09b4181f7208f1466552561329b27bc870ea785be1fbbeb32661d8
ee39d0cbc9e9cd88b7dac8ebca680b89e8879081f855152f21772c7834474437
eeecc1c14b175e0226295f130c6121ddf605878b3489fd61181911c17c9b2a74
ef072b9ae1b3c29f94781c86bcdfdb71c1e06bbc7a2f05bc65dcfa2eefdde02c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f4ec68af7148e560141516bb2a0f7609619e3addabc79f877fbacae99ed61e53
f54ad99ac9b8bf0271cc6d19132826863aa3dc7077b4d5c586f99c46130efb30
fca09d9ea551f47718d60aa717acf8f585a75e24265399ed726c7b75f38b0ea3
fd6aef7e70901bd5018e23bf8f366b1363e27c9263a2e058df2ca725cf81aab5
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fe5f4af17be162aaf3e1dadbc08fe06e678c87620a221b3fef8e2ca7a779986d

www.avanan.com Open in urlscan Pro 2606:2c40::c73c:67fe Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

139 Requests

96 %HTTPS

65 %IPv6

40 Domains

54 Subdomains

48 IPs

5 Countries

2333 kBTransfer

7736 kBSize

33 Cookies

11 Outgoing links

Page URL History

Redirected requests

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.avanan.com Open in urlscan Pro
2606:2c40::c73c:67fe Public Scan

Screenshot
Live screenshot

Full Image

139
Requests

96 %
HTTPS

65 %
IPv6

40
Domains

54
Subdomains

48
IPs

5
Countries

2333 kB
Transfer

7736 kB
Size

33
Cookies

139 HTTP transactions
0 data transactions