www.hunters.security Open in urlscan Pro
2606:2c40::c73c:671d Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-w...
Submission: On November 29 via api (November 29th 2023, 2:16:11 am UTC) from TR — Scanned from DE

Summary HTTP 90 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 24 IPs in 2 countries across 24 domains to perform 90 HTTP transactions. The main IP is 2606:2c40::c73c:671d, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.hunters.security.
TLS certificate: Issued by GTS CA 1P5 on November 28th 2023. Valid for: 3 months.

This is the only time www.hunters.security was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
45	2606:2c40::c7... 2606:2c40::c73c:671d	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
13	2606:4700:440... 2606:4700:4400::6812:297c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2800:233... 2606:2800:233:66b5:799a:7cd3:f74d:7071	15133 (EDGECAST) (EDGECAST)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:b05d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:880f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
1	2606:4700::68... 2606:4700::6810:bc59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:991b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4eba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:7d0c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e3a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:cff9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:cbcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	() ()
90	24

45 2606:2c40::c73c:671d (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.hunters.security	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:4400::6812:297c (United States)

ASN13335 (CLOUDFLARENET, US)

5765386.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)

www.unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:66b5:799a:7cd3:f74d:7071 (United States)

ASN15133 (EDGECAST, US)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:b05d (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:880f (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:bc59 (United States)

ASN13335 (CLOUDFLARENET, US)

js-na1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4eba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7d0c (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e3a3 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cff9 (United States)

ASN13335 (CLOUDFLARENET, US)

perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cbcc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (None, )

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	hunters.security www.hunters.security	1 MB
13	hubspotusercontent-na1.net 5765386.fs1.hubspotusercontent-na1.net	415 KB
5	hubspot.com app.hubspot.com — Cisco Umbrella Rank: 5456 js.hubspot.com — Cisco Umbrella Rank: 5485 track.hubspot.com — Cisco Umbrella Rank: 2298 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 5222 forms.hubspot.com — Cisco Umbrella Rank: 4747	27 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1186 syndication.twitter.com — Cisco Umbrella Rank: 1447	132 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 778	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	88 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	11 KB
1	doubleclick.net googleads.g.doubleclick.net	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	73 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3361	1 KB
1	hsforms.com perf-na1.hsforms.com — Cisco Umbrella Rank: 5955	1 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3050	4 KB
1	hsleadflows.net js.hsleadflows.net — Cisco Umbrella Rank: 4568	88 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2150	21 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2155	20 KB
1	hs-scripts.com js-na1.hs-scripts.com — Cisco Umbrella Rank: 7422	1 KB
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 4272	2 KB
1	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 5567	6 KB
1	linkedin.com platform.linkedin.com — Cisco Umbrella Rank: 3525 px.ads.linkedin.com Failed	160 KB
1	unpkg.com www.unpkg.com — Cisco Umbrella Rank: 47152	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	994 B
0	google.de Failed www.google.de Failed
0	google.com Failed www.google.com Failed
0	fontawesome.com Failed kit.fontawesome.com Failed
90	24

	Domain	Requested by
45	www.hunters.security	www.hunters.security
13	5765386.fs1.hubspotusercontent-na1.net	www.hunters.security
2	snap.licdn.com	js.hsadspixel.net snap.licdn.com
2	platform.twitter.com	www.hunters.security platform.twitter.com
2	connect.facebook.net	www.hunters.security connect.facebook.net
2	cdnjs.cloudflare.com	www.hunters.security
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	www.googletagmanager.com	js.hsadspixel.net
1	forms.hubspot.com	js.hsleadflows.net
1	api.hubapi.com	js.hsadspixel.net
1	perf-na1.hsforms.com
1	cta-service-cms2.hubspot.com	js.hubspot.com
1	track.hubspot.com
1	js.hsadspixel.net	js-na1.hs-scripts.com
1	js.hsleadflows.net	js-na1.hs-scripts.com
1	js.hs-analytics.net	js-na1.hs-scripts.com
1	js.hubspot.com	js-na1.hs-scripts.com
1	js.hs-banner.com	js-na1.hs-scripts.com
1	js-na1.hs-scripts.com	www.hunters.security
1	syndication.twitter.com	platform.twitter.com
1	app.hubspot.com	www.hunters.security
1	ws.zoominfo.com	www.hunters.security
1	static.hsappstatic.net	www.hunters.security
1	platform.linkedin.com	www.hunters.security
1	www.unpkg.com	www.hunters.security
1	fonts.googleapis.com	www.hunters.security
0	www.google.de Failed
0	www.google.com Failed
0	px.ads.linkedin.com Failed
0	kit.fontawesome.com Failed	www.hunters.security
90	30

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.linkedin.com
github.com
datatracker.ietf.org
developers.google.com
about.gitlab.com
support.google.com
blog.sygnia.co
cloud.google.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
www.hunters.security GTS CA 1P5	`2023-11-28` - `2024-02-26`	3 months	crt.sh
hubspotusercontent-na1.net Cloudflare Inc ECC CA-3	`2023-09-30` - `2024-09-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2023-07-11` - `2024-07-10`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-07` - `2023-12-06`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
syndication.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-01` - `2024-10-31`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
Frame ID: E769130EFD862FA247B6B80E5319ECE1
Requests: 88 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fwww.hunters.security
Frame ID: 3F00F5EB25DEF835231069BAE8E29804
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DeleFriend: Severe design flaw in Domain Wide Delegation could leave Google Workspace vulnerable for takeover

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.linkedin\.com/in\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?slick-theme\.css
(?:/([\d.]+))?/slick(?:\.min)?\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

90
Requests

96 %
HTTPS

96 %
IPv6

24
Domains

30
Subdomains

24
IPs

2
Countries

2460 kB
Transfer

4726 kB
Size

11
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/share?url=https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover&via=gotosage

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover&title=DeleFriend:%20Severe%20design%20flaw%20in%20Domain%20Wide%20Delegation%20could%20leave%20Google%20Workspace%20vulnerable%20for%20takeover&picture=https://5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/Featured%20images%20%286%29.png&description=Team%20Axon%20discovered%20a%20severe%20design%20flaw%20in%20Google%20Workspace%27s%20domain-wide%20delegation%20feature%20that%20can%20allow%20attackers%20to%20misuse%20existing%20delegations,%20enabling%20privilege%20escalation%20and%20unauthorized%20access%20to%20Workspace%20APIs.%20They%20also%20developed%20a%20tool%20to%20to%20assist%20organizations%20in%20detecting%20DWD%20misconfigurations,%20increasing%20awareness,%20and%20reducing%20DeleFriend%E2%80%99s%20exploitation%20risks.

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover&title=DeleFriend:%20Severe%20design%20flaw%20in%20Domain%20Wide%20Delegation%20could%20leave%20Google%20Workspace%20vulnerable%20for%20takeover&summary=Team%20Axon%20discovered%20a%20severe%20design%20flaw%20in%20Google%20Workspace%27s%20domain-wide%20delegation%20feature%20that%20can%20allow%20attackers%20to%20misuse%20existing%20delegations,%20enabling%20privilege%20escalation%20and%20unauthorized%20access%20to%20Workspace%20APIs.%20They%20also%20developed%20a%20tool%20to%20to%20assist%20organizations%20in%20detecting%20DWD%20misconfigurations,%20increasing%20awareness,%20and%20reducing%20DeleFriend%E2%80%99s%20exploitation%20risks.

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/yonatan-k-437b88184/
Title: Yonatan Khanashvilli

Search URL Search Domain Scan URL

URL: https://github.com/axon-git/DeleFriend/
Title: proof-of-concept tool

Search URL Search Domain Scan URL

URL: https://datatracker.ietf.org/doc/html/rfc6749
Title: RFC 6749

Search URL Search Domain Scan URL

URL: https://developers.google.com/identity/protocols/oauth2/scopes
Title: here

Search URL Search Domain Scan URL

URL: https://github.com/axon-git/DeleFriend
Title: https://github.com/axon-git/DeleFriend

Search URL Search Domain Scan URL

URL: https://about.gitlab.com/blog/2020/02/12/plundering-gcp-escalating-privileges-in-google-cloud-platform/
Title: GCP Privilege Escalation

Search URL Search Domain Scan URL

URL: https://github.com/axon-git/threat-hunting/blob/main/Google%20Workspace%20Domain-Wide%20Delegation%20Abuse/%5BGWS%2BGCP%5D%20domain_wide_delegation_on_gcp_service_account_object.sql
Title: here.

Search URL Search Domain Scan URL

URL: https://github.com/axon-git/threat-hunting/blob/main/Google%20Workspace%20Domain-Wide%20Delegation%20Abuse/%5BGWS%5D%20anomalous_oauth%20apis_by_service_account_dwd.sql
Title: here.

Search URL Search Domain Scan URL

URL: https://github.com/axon-git/threat-hunting/blob/main/Google%20Workspace%20Domain-Wide%20Delegation%20Abuse/%5BGCP%5D%20extensive_service_account_key_creations_over_short_period_of_time.sql
Title: here.

Search URL Search Domain Scan URL

URL: https://github.com/axon-git/threat-hunting/blob/main/Google%20Workspace%20Domain-Wide%20Delegation%20Abuse/Posture/%5BGWS%5D%20inactive_delegated_service%20_account%20_entities.sql
Title: here.

Search URL Search Domain Scan URL

URL: https://github.com/axon-git/threat-hunting/blob/main/Google%20Workspace%20Domain-Wide%20Delegation%20Abuse/Posture/%5BGCP%5D%20plain_text_gcp_sa_key_pairs_files.sql
Title: here.

Search URL Search Domain Scan URL

URL: https://support.google.com/a/answer/162106
Title: https://support.google.com/a/answer/162106

Search URL Search Domain Scan URL

URL: https://developers.google.com/identity/protocols/oauth2
Title: https://developers.google.com/identity/protocols/oauth2

Search URL Search Domain Scan URL

URL: https://github.com/googleapis/google-auth-library-python/tree/main
Title: https://github.com/googleapis/google-auth-library-python/tree/main

Search URL Search Domain Scan URL

URL: https://blog.sygnia.co/incident-response-in-google-cloud-foundations
Title: https://blog.sygnia.co/incident-response-in-google-cloud-foundations

Search URL Search Domain Scan URL

URL: https://developers.google.com/identity/protocols/oauth2/policies
Title: https://developers.google.com/identity/protocols/oauth2/policies

Search URL Search Domain Scan URL

URL: https://cloud.google.com/identity/docs/overview
Title: https://cloud.google.com/identity/docs/overview

Search URL Search Domain Scan URL

URL: http://twitter.com/team__axon
Title: @team__axon

Search URL Search Domain Scan URL

URL: https://twitter.com/hunters_ai

Search URL Search Domain Scan URL

URL: https://www.facebook.com/hunters.ai.cyber/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/lifeathunters/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/hunters-ai/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCUufMdZ-6mS4dqEFI81IRKw

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2064881&time=1701224171205&url=https%3A%2F%2Fwww.hunters.security%2Fen%2Fblog%2Fdelefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2064881&time=1701224171205&url=https%3A%2F%2Fwww.hunters.security%2Fen%2Fblog%2Fdelefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2064881%26time%3D1701224171205%26url%3Dhttps%253A%252F%252Fwww.hunters.security%252Fen%252Fblog%252Fdelefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2064881&time=1701224171205&url=https%3A%2F%2Fwww.hunters.security%2Fen%2Fblog%2Fdelefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover&cookiesTest=true&liSync=true

90 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover Show response
www.hunters.security/en/blog/ 165 KB
36 KB 1179ms
1090ms Document
text/html 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd8bc8d28b864110fbeaf0dcbcff8768d830df251a84862928a84a35b83da3af

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=10800, max-age=0
cf-ray: 82d758bdae6d4541-TXL
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Wed, 29 Nov 2023 02:16:07 GMT
edge-cache-tag: CT-145529814339,CG-24463927651,P-5765386,W-67518999559,CW-113865751404,CW-114030893094,CW-127063834721,CW-97550317662,E-113857786690,E-113858768455,E-113858809947,E-113865332764,E-114002466428,E-114356373127,E-114370662982,E-126880748318,E-126882284039,E-126882549514,E-126882549552,E-126882575241,E-126882575404,E-126882575644,E-127024241524,E-127040996237,E-127041525412,E-127056743200,E-127662486199,E-127662486200,E-127662695006,E-130719549746,E-133487975192,MENU-67518999559,PGS-ALL,SW-3,B-24463927651,GC-113864403970,GC-113870397194,TS-113857760160
etag: W/"ad330076a5b05dd2b547d1d2d938b925"
last-modified: Wed, 29 Nov 2023 01:23:31 GMT
link: </hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js>; rel=preload; as=script,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
permissions-policy: geolocation=*
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PSB3xZV2l4jgXH5PlilkSFBNsZfoQmROhTqXjd2MyVsdAaaFIx3e3O4uJ0E9yaavnvd9AhxtJet1tjg8e9%2BM7bl3Y8c7eOCBnNan3sNvOOLt0kbe3Hx5soWIfJ%2BopvnaqW9D0r6Lxs0RKsQ5%2BaCloOOR"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: sameorigin
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
x-hs-cache-control: s-maxage=10800, max-age=0
x-hs-cf-cache-status: EXPIRED
x-hs-content-id: 145529814339
x-hs-https-only: worker
x-hs-hub-id: 5765386
x-hs-prerendered: Wed, 29 Nov 2023 01:23:31 GMT

GET
H2 200 project.js Show response
www.hunters.security/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/ 2 KB
1 KB 60ms
59ms Script
application/javascript 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 a510ce56c300e2d885e99cf42a868640.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 438590
x-amz-cf-pop: WAW51-P3
x-amz-server-side-encryption: AES256
x-amz-version-id: gEenO44eZUewxnIWfgj9q6LB.g9OszNv
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 19 Aug 2020 22:24:11 GMT
server: cloudflare
etag: W/"ef84f26c310485299d6b75777414eddb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6sNZlHhTVGC77Af0D7Gu09Y5jWXN41s%2BAo%2F78H9kJRxSbCXfsKNwdSgJ%2F4T3cNbwVRU5duLrFwY4kWYITBMsdEeIXZbtT4E423uoMtDcQX3wSN1Mp36ti3VfulyhhxeHZjBVQ6uAVkWFAjhN%2FVVFoDVP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82d758c48d694541-TXL
x-amz-cf-id: T_T6csmuXeb-s-vMqsT9JPy-rjgjZFxhUPNUcJc0s5QhlAhBikaGVg==
expires: Thu, 28 Nov 2024 02:16:07 GMT

GET
H2 200 project.js Show response
www.hunters.security/hs/hsstatic/cos-i18n/static-1.53/bundles/ 1 KB
1 KB 66ms
66ms Script
application/javascript 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 352057
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
server: cloudflare
etag: W/"61ca66de658cab9587e4636894680d5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7jaIDYPF3h58sitbV0stFUQax3jag6ThVQPdM0lVQAeGcOCmyCWh9MMW6R2jrJ%2Bqqan%2Fr2qQpPenocmQvahQRTb7UkfQmDoY6yIkGcIw3cKQvGC%2BsI%2BWgs4h%2BlO0xaYL4AwIjkuWnRQVlRYOKt4b5dA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82d758c48d6b4541-TXL
x-amz-cf-id: vMxH2clCDRRjd7emHmifSLXhLc2TFOGFc0VsUqlcTSiVQmWY_1aUGQ==
expires: Thu, 28 Nov 2024 02:16:07 GMT

GET
H2 200 F37JudgeBoldCompressed.woff2
5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/F37-Judge-Bold/ 37 KB
37 KB 165ms
107ms Font
application/font-woff2 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/F37-Judge-Bold/F37JudgeBoldCompressed.woff2
Requested by: Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 631550304df547eb64d2d7af3e6bc30bf346fdd47640adefcbe22263b36d65b4

Request headers

Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
Origin: https://www.hunters.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-74685838647,FD-74685881460,P-5765386,FLS-ALL
age: 498992
x-amz-request-id: 8XJAKFESAW8EA4T9
x-amz-server-side-encryption: AES256
edge-cache-tag: F-74685838647,FD-74685881460,P-5765386,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "54e5c65113bb56ee4af633895983b9d3"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1653649201795
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
via: 1.1 4b37353de520ea1ab6c2182115335218.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: oROJePp8ny04DPku2cFXECrZhzDxBHie
x-amz-cf-pop: WAW51-P1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-74685838647,FD-74685881460,P-5765386,FLS-ALL
x-amz-meta-index-tag: all
content-length: 37524
x-amz-id-2: 2oExufemp8scqa/+mG8ewij7ggT2MhcGvIANoqEGeB14verVUzYrG/anvOIcX3dDNHpQfduB8Bg=
last-modified: Fri, 27 May 2022 11:06:03 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 82d758c4edc758f0-TXL
x-amz-cf-id: 9GP9zUx_saOIjQMKoH-HddYM6V8VvT-kncms3k7bRFVIkWR9FweoOw==

GET
H2 200 F37JudgeBoldCompressed.woff
5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/F37-Judge-Bold/ 54 KB
55 KB 166ms
108ms Font
application/font-woff 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/F37-Judge-Bold/F37JudgeBoldCompressed.woff
Requested by: Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4aeece6fda59aeaf7ea1271ac3ecbe1189bd88726b444d8813de296f0ad41ad8

Request headers

Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
Origin: https://www.hunters.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 02:16:07 GMT
via: 1.1 7245e91891539560c1f484b1e46159c8.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-meta-cache-tag: F-74685838648,FD-74685881460,P-5765386,FLS-ALL
x-amz-version-id: bxO6WUkxLECrzA9CObgprRT8g6V_LjJt
age: 498992
x-amz-cf-pop: ZRH50-C1
x-amz-server-side-encryption: AES256
x-amz-request-id: YZ9ZW4BYB81Z0WZM
x-hs-alternate-content-type: text/plain
edge-cache-tag: F-74685838648,FD-74685881460,P-5765386,FLS-ALL
cache-tag: F-74685838648,FD-74685881460,P-5765386,FLS-ALL
x-amz-meta-index-tag: all
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-id-2: ghcP3Q0Op5C5yZ3/TCmVS6ZJbcq3oRVbUyhYw2zPwqXMorX2DRtpQ1yrILIFr9DSwshrCsZb8Kk=
last-modified: Fri, 27 May 2022 11:06:02 GMT
server: cloudflare
etag: W/"fcdb90a6762c4f6d4b1d785202df4df8"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1653649201856
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 82d758c4fdf258f0-TXL
x-robots-tag: all
x-amz-cf-id: 18yH0mEihzPKMWpB5-iNeDxnBYn2FHhgDsg9ZPur9Zj-YJ7bb7CQtQ==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H2 200 GraphikRegularWeb.woff2
5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/Graphik-Regular/ 30 KB
30 KB 146ms
88ms Font
application/font-woff2 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/Graphik-Regular/GraphikRegularWeb.woff2
Requested by: Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5ef33de34661d7ae6bce5bc0b514687f2813f7ade07b4e2511611c62c7494ac

Request headers

Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
Origin: https://www.hunters.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-74688893267,FD-74688893086,P-5765386,FLS-ALL
age: 498992
x-amz-request-id: DMB83NKM0WDQ57XC
x-amz-server-side-encryption: AES256
edge-cache-tag: F-74688893267,FD-74688893086,P-5765386,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "e2d3e1bd2dba862a1c76e2cc88ac1776"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1653650056855
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
via: 1.1 cc308cac72966d971a24d7b2a41ddf70.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: 9bSL54EBoxaoAARqnLg2bUn5vMLmIfW0
x-amz-cf-pop: TLV50-C2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-74688893267,FD-74688893086,P-5765386,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 30480
x-amz-id-2: FZOw+YBsNFhE5D7c/PWtGWZ2dznN2O8aVpWkD11OqHizBsm5gBwNXf/qUXL+EFmYZWO34U9xjO8=
last-modified: Fri, 27 May 2022 11:14:17 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 82d758c4edc558f0-TXL
x-amz-cf-id: YbJNacgGPC-z8YcRJQWYfO63kF115I6Zi1W2BqaZsyRvbaGey8BOgQ==

GET
H2 200 GraphikRegularWeb.woff
5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/Graphik-Regular/ 40 KB
41 KB 163ms
106ms Font
application/font-woff 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/Graphik-Regular/GraphikRegularWeb.woff
Requested by: Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea9a85e8c7b1ba0c225aec7ced73372fd08fba0bb37faa515a47008aceb550a1

Request headers

Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
Origin: https://www.hunters.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-74688947978,FD-74688893086,P-5765386,FLS-ALL
age: 393774
x-amz-request-id: BQA0Q31Q4FTJMYZF
x-amz-server-side-encryption: AES256
edge-cache-tag: F-74688947978,FD-74688893086,P-5765386,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"fc1a5bae62a99fa59c23f0576cebae23"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1653650057194
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
via: 1.1 eda2686dad6c190a4b0f18db47e39f0a.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: 1UScc5WOOidn3hjYnkMBOExxdbhthO8_
x-amz-cf-pop: AMS1-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-74688947978,FD-74688893086,P-5765386,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-id-2: Zj7r92RrHzsbBsyTMRdFzLrUsJUh9uZWfvT5+r0y/dUSDuiipd8YvbMTsZoESIID3lG+n6UwtpA=
last-modified: Fri, 27 May 2022 11:14:18 GMT
server: cloudflare
cf-ray: 82d758c4fdf058f0-TXL
x-amz-cf-id: Tgf1XVdkO7IcYUv34ZK3-iZTw2jphNlJ1QXhOjBobzjUwXvzXpFGVw==

GET
H2 200 GraphikMediumWeb.woff2
5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/Graphik-Medium/ 34 KB
34 KB 165ms
107ms Font
application/font-woff2 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/Graphik-Medium/GraphikMediumWeb.woff2
Requested by: Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc95b09fc339140c69c5136e815b78be4ef324669185635fc3aef462e8d7df83

Request headers

Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
Origin: https://www.hunters.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-74689121951,FD-74686513451,P-5765386,FLS-ALL
age: 498992
x-amz-request-id: A0HS0F1FB9EWBX8P
x-amz-server-side-encryption: AES256
edge-cache-tag: F-74689121951,FD-74686513451,P-5765386,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "aa45b0c2aae2e5fe139bebd1dfdff19e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1653650302473
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
via: 1.1 97cb978bbc25e9e074dab5cb643b1fac.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: nhNd1_3PHI0s79bODgTLIoIpudYFz6ze
x-amz-cf-pop: WAW51-P1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-74689121951,FD-74686513451,P-5765386,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 34712
x-amz-id-2: SZapo7+yfLZyyPADcgZoLClWMFoLUA/EFv5X42gw3GKYBIp0Vg0pdPnUBWkA7fKcYgbcnPCZX7o=
last-modified: Fri, 27 May 2022 11:18:23 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 82d758c4edc258f0-TXL
x-amz-cf-id: wXdktarOVKxfquCVIdpEQYrcC2Qy7Uc3LnX7xtF-Wmhthxk7nS20hA==

GET
H2 200 GraphikMediumWeb.woff
5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/Graphik-Medium/ 45 KB
46 KB 165ms
108ms Font
application/font-woff 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/Graphik-Medium/GraphikMediumWeb.woff
Requested by: Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ee453db69de2afe22f2abc664d11aa3b8720f3b24a8d82d2a1d2306be008e93

Request headers

Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
Origin: https://www.hunters.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-74686513466,FD-74686513451,P-5765386,FLS-ALL
age: 211176
x-amz-request-id: ZYHJ56GDGRJH2GMF
x-amz-server-side-encryption: AES256
edge-cache-tag: F-74686513466,FD-74686513451,P-5765386,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"fcffb480afa2b61f3e96a65a4371050c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1653650302463
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
via: 1.1 a0c77ad2e3f5bbf63535bc898f348e5a.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: rLgVVtHx16aoM4Ice3_nDtYzGojOWLuA
x-amz-cf-pop: TXL50-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-74686513466,FD-74686513451,P-5765386,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-id-2: +dYXBu99YypXun11AsFI8CCHlALZt086tKl8DvVk1L13TYigNMbgmNpjlJkwFRm6FCE19RC9Pyk=
last-modified: Fri, 27 May 2022 11:18:23 GMT
server: cloudflare
cf-ray: 82d758c4edc058f0-TXL
x-amz-cf-id: ivYwd8ve1MnZh3A9M2GBYiPFKEh5LkFt0WlFj-GPZGPKO6Ra2kov7A==

GET
H2 200 GraphikSemiboldWeb.woff2
5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/Graphik-Semibold/ 34 KB
34 KB 164ms
106ms Font
application/font-woff2 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/Graphik-Semibold/GraphikSemiboldWeb.woff2
Requested by: Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a28d627f3677c456980de2b9026548c69a9f542993b2b5b6d8608882fe1e878

Request headers

Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
Origin: https://www.hunters.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-74689240845,FD-74689122096,P-5765386,FLS-ALL
age: 498992
x-amz-request-id: 3BQCTRC0EM9PM1AT
x-amz-server-side-encryption: AES256
edge-cache-tag: F-74689240845,FD-74689122096,P-5765386,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "e13cf054833eb8ba8d3ffc1e1c2cb82e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1653650498635
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
via: 1.1 6be75ff863b55a1a90b2db7b05c127b6.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: E4J3u.P1u8zLJOqkt22N.5.YJpbVcz61
x-amz-cf-pop: WAW51-P1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-74689240845,FD-74689122096,P-5765386,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 34772
x-amz-id-2: L9b923b4Zvb4MSpXVH7Z1MwCBZxmCJkUO/uItFf4kr6416XfNVWg7upsDp8YYHGrRH7DQsdM9GM=
last-modified: Fri, 27 May 2022 11:21:39 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 82d758c4edbf58f0-TXL
x-amz-cf-id: IoMh44HHEff4NaMfSmTrng074Rg2cPpo3Go39uNaeWO7D7aW6gAQqg==

GET
H2 200 GraphikSemiboldWeb.woff
5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/Graphik-Semibold/ 45 KB
46 KB 145ms
88ms Font
application/font-woff 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/Graphik-Semibold/GraphikSemiboldWeb.woff
Requested by: Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90eefa1db290de170e8127aa6f3ad079f38762aa27b4c885670cf5d757c0f2fa

Request headers

Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
Origin: https://www.hunters.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-74689122130,FD-74689122096,P-5765386,FLS-ALL
age: 211176
x-amz-request-id: CWF320EX4035J54R
x-amz-server-side-encryption: AES256
edge-cache-tag: F-74689122130,FD-74689122096,P-5765386,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"9f90b54a350e13f1a49e108263dc77fd"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1653650498577
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
via: 1.1 1bccf6a872dd296ef2ffc6656debd1f0.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: Gi5MSgpYdkr_yWE00VeiwtpigLTzp4EV
x-amz-cf-pop: TXL50-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-74689122130,FD-74689122096,P-5765386,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-id-2: f1g/S2O8+tbPFAd+EuCa5UzB9RFe5gbTrWwzgWENlVZBuwvA+DI3ITCdlKHr8sA3qN2qGdzcnK8=
last-modified: Fri, 27 May 2022 11:21:39 GMT
server: cloudflare
cf-ray: 82d758c4edc458f0-TXL
x-amz-cf-id: 44__K92JVLeCx_cLDFyqjyHUEcKB6jmDbD1KiTufjNE9A_aXA2eeJw==

GET
H2 200 GraphikBoldWeb.woff2
5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/Graphik-Bold/ 36 KB
37 KB 164ms
107ms Font
application/font-woff2 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/Graphik-Bold/GraphikBoldWeb.woff2
Requested by: Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 424560f6d441470e553c5c2d0e31a7df189ddb73ea43d909714d57b16f024624

Request headers

Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
Origin: https://www.hunters.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-74687526932,FD-74689491725,P-5765386,FLS-ALL
age: 211177
x-amz-request-id: Q3JGKB0QMBJB27HN
x-amz-server-side-encryption: AES256
edge-cache-tag: F-74687526932,FD-74689491725,P-5765386,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "0fb4b480278277d351d7afefe46bf6e8"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1653650613120
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
via: 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: aqs.ab3Smnu9FGL_UhGDqku4oUVVMHEq
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
cache-tag: F-74687526932,FD-74689491725,P-5765386,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 37044
x-amz-id-2: YSZtGGO4jW3/Q/xqK1SVo2w2ibHESHleJAz85JKnrS1ILd6rAQ+eJM5UJ5BwVNFHnqXOElfw4u8=
last-modified: Fri, 27 May 2022 11:23:34 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 82d758c4edbc58f0-TXL
x-amz-cf-id: 2LmKWba8pOWfgGy4FDxLpzTvNCiHsXKo3J6O--V59B5otwrlwk2ibA==

GET
H2 200 GraphikBoldWeb.woff
5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/Graphik-Bold/ 48 KB
49 KB 162ms
106ms Font
application/font-woff 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/May%202022/Fonts/Graphik-Bold/GraphikBoldWeb.woff
Requested by: Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef4bfee18eaf9bb02c3d3c93ce39551cff6effb9b29678a118c808b0b92489a0

Request headers

Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
Origin: https://www.hunters.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-74689255197,FD-74689491725,P-5765386,FLS-ALL
age: 211107
x-amz-request-id: CA67MK9M2JMQF5VF
x-amz-server-side-encryption: AES256
edge-cache-tag: F-74689255197,FD-74689491725,P-5765386,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"911f0d5fac02bc40cd5381f22e2fcaba"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1653650613108
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
via: 1.1 a89f27dcb39a061266ddc18ab5416cba.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: S2hh5ffEdgyJNoO5lDEhL2UBGwqv.dRz
x-amz-cf-pop: FRA56-P4
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-74689255197,FD-74689491725,P-5765386,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-id-2: C+bcTroVDcyyDh+VzsUXzw743rzsNzAtatM/FDKj3xVXPCvhhXYQJkqYCcZ6WxThg0UcfX2P2mdnICcvzdXatA==
last-modified: Fri, 27 May 2022 11:23:34 GMT
server: cloudflare
cf-ray: 82d758c4edbd58f0-TXL
x-amz-cf-id: e2agVHTmIDSAo9Q6Cm4hB4BSE26Layq_Q8iOWmu4tiG4KLTqSLwwEg==

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
994 B 240ms
83ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 29 Nov 2023 02:16:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 00:17:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Nov 2023 02:16:07 GMT

GET
H2 200 main.min.css
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/113858768455/1697625788767/Hunters_Theme_May_2023/css/ 163 KB
30 KB 67ms
64ms Stylesheet
text/css 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/113858768455/1697625788767/Hunters_Theme_May_2023/css/main.min.css

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bc29c5599015bf466152eafa6da3eaee72241e110589ee6dd2de350569ebfea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: 0YAZ3KMRD8559QZ5
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"73e077186d2af2b2296c580c550e91ca"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1697625790075
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 f7f49dad2d783fde3adeef21381de800.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: DE4Xk3HRzG8RHPiVZRLOxFO5AdnbO2Gp
x-amz-cf-pop: IAD61-P3
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 10036150-08c8-4f9e-9bab-5aa6ddd0e323
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 252
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 5TKOs2mHSJ6bSXgMQutuW0muxbrUOyOFQE+8fzUwlADxFMDoQNQBM9bbLTB8Xe+6KSDVKxVyXdQHOKtD9CtLKuiGyVWB/RWp
x-evy-trace-route-configuration: listener_https/all
x-request-id: 10036150-08c8-4f9e-9bab-5aa6ddd0e323
last-modified: Wed, 18 Oct 2023 10:43:11 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0M5d%2F6jRScBtZvd7f3cMcJRdHnR8K6Uzlu%2F%2Bi3j23oM9UUiUJYsX8S6VPNDuLaTPycERal2%2FTH08nKba6Zsya2F8KA9fXhhEh9uYMVUsWNimATObJp9oAEP4%2F9druZNegz9orinCc2pHyhzu5nRSyvvF"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-2skps
access-control-allow-credentials: false
cf-ray: 82d758c48d6f4541-TXL
x-amz-cf-id: FdBOsb_m_ajNEcfZjQxBSw5xxI-8cFZ08kypWiZTG_VfABGvlsynzg==

GET
H2 200 aos.css
www.unpkg.com/aos@2.3.1/dist/ 25 KB
2 KB 848ms
794ms Stylesheet
text/css 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.unpkg.com/aos@2.3.1/dist/aos.css

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 02:16:07 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 17 May 2018 22:11:13 GMT
fly-request-id: 01HGCDSDSGFE1FNMM8HB17P1H5-fra
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
server: cloudflare
etag: W/"65c5-BVfTdFS2f0LyyxAeV+UHD7EZNXA"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 82d758c4dd1444fe-TXL

GET
H2 200 slick-theme.css
www.hunters.security/hubfs/Theme%20-%202022/Coded_file/ 4 KB
2 KB 66ms
63ms Stylesheet
text/css 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hubfs/Theme%20-%202022/Coded_file/slick-theme.css

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

238b1cf831e99615cf4d403ccdecbc5a3a615f2f0f8e92179cc69f9ec7d60b0a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-69248747294,FD-69248485214,P-5765386,FLS-ALL
age: 564112
x-amz-request-id: QAFTATE023V1NG5T
x-amz-server-side-encryption: AES256
edge-cache-tag: F-69248747294,FD-69248485214,P-5765386,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"ac139110825d34d1df5de4182f5faa12"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1648029640205
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: z1bsZX54c1Duha0qf2GLwEA1Ju475_Hl
x-amz-cf-pop: FRA56-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-69248747294,FD-69248485214,P-5765386,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ot+zpkoZQN5DoRh04mArwEpH2vjmnEb/FfhuC8gLTYc81+TT0VxvtxGVMwAs4aO+CgLU/PGxwRw=
last-modified: Wed, 06 Apr 2022 12:25:58 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wuyvN1o6HdunaJ6e7S4gAqVCEAY3un31yC2FJ28JETOu5zdXnuCPue0xlR%2FfMDcsjKBdkBHxIvkp7gsrNoBFH7CXUaTdQPMJYILoF8Cq3eJaenZ9XyvPbVF%2FInXnAybrFfnb5MTe%2BZEx9RAeMuhgKML0"}],"group":"cf-nel","max_age":604800}
cf-ray: 82d758c48d704541-TXL
x-amz-cf-id: _PSieVHvCKUCVuBt1AcWVHiJ3AkEnPTbhcEqGybowZnENm84AqyN3Q==

GET
H2 200 easy-responsive-tabs.min.css
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/114002466428/1688126129748/Hunters_Theme_May_2023/css/ 3 KB
1 KB 67ms
65ms Stylesheet
text/css 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/114002466428/1688126129748/Hunters_Theme_May_2023/css/easy-responsive-tabs.min.css

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

10dc028779c21e5b3f1bc41e19eaccdca81a38e53e7712439d271ceb6174f534

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: 40RCWAF6RWMACJDM
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"9b3e369494f25ea9c18f4f72ef2213ec"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1688126130469
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 7a99ed3f39c18af8fe138a695e5f657c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: BY9GNWlAAug9FlkNRr2aEQugpO0wA3Rx
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 748a2b7b-74c6-44b0-b75c-bfd84260a117
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 168
alt-svc: h3=":443"; ma=86400
x-amz-id-2: ze9vitm/XoVRHPomkNQkHbi43n2+Legx5rjUIruk++QMhIr2u3F2NnYZ6DwdKHLyp8egjgFxTLU=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 748a2b7b-74c6-44b0-b75c-bfd84260a117
last-modified: Fri, 30 Jun 2023 11:55:31 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tcGs%2FyRL9pGf1TNyZzR7pO1jW%2FenVnlJwoC3ETImwCBmg1Wl7Uc%2B8TeBYlrxekOqr%2BaJ1AFNZyycDrTr2wPNRePFmK5tXT4%2Ftb3XWHFgQ0S4zoKpReVVnUMR5phv%2BCEup5GKEkg4ysaAb83WqM0B5yqO"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-5d487f56c7-kcqwc
access-control-allow-credentials: false
cf-ray: 82d758c48d714541-TXL
x-amz-cf-id: bIxMSJz_HM5AXrs4UnARQveRRd0wgke2h8hEjyj_jBZSuZKV4xiskw==

GET
H2 200 slick.css
www.hunters.security/hubfs/Theme%20-%202022/Coded_file/ 2 KB
2 KB 64ms
62ms Stylesheet
text/css 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hubfs/Theme%20-%202022/Coded_file/slick.css

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-69248658105,FD-69248485214,P-5765386,FLS-ALL
age: 393774
x-amz-request-id: QAFWA7T5H4X8PCYP
x-amz-server-side-encryption: AES256
edge-cache-tag: F-69248658105,FD-69248485214,P-5765386,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"f38b2db10e01b1572732a3191d538707"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1648029640205
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 318dc0d466d2a355ca0bbeb0721ef1b8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: lv8LwiVh7O8FnrKTBtURlNZDqFrl1rNS
x-amz-cf-pop: TLV50-C2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-69248658105,FD-69248485214,P-5765386,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 7hxqSY12sb1Ar4KYwfdep4V8LidyCniGl50YDuQxIX4qDlqZQq1G0e+I/Bu6VrdGAMnShVsH4nQ=
last-modified: Wed, 23 Mar 2022 10:00:41 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pkwGSIqfgzbK7rkvO0oJ1NMhKbCu9%2BE63MKgS%2Bxh9IwtCnQAcpw0ayxvAqb%2F12T9m7R02o40idxiiQtdiBNSp7%2ByA94Pbip8bxfOyzC9mCRQ6sheVVBWHsbcgllfR5gJG3ilAeO81EGnt6YN8pNl%2FJCa"}],"group":"cf-nel","max_age":604800}
cf-ray: 82d758c48d724541-TXL
x-amz-cf-id: dOaSh4qd4076a3G70bV_QjyVrZAM-61Rq5pa6DYr00xehkPIQpAsQw==

GET
H2 200 jquery-1.11.2.js Show response
www.hunters.security/hs/hsstatic/jquery-libs/static-1.4/jquery/ 94 KB
35 KB 84ms
82ms Script
application/javascript 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 1a620bb236f3df5588fc787c47ccfafa.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 519312
x-amz-cf-pop: TXL50-P4
x-amz-version-id: null
content-encoding: br
x-cache: RefreshHit from cloudfront
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 08 Jan 2015 18:08:00 GMT
server: cloudflare
etag: W/"5790ead7ad3ba27397aedfa3d263b867"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cxEWlyICUfrC844Cc1BhmhpMkH6kUvCmFu1faHl5BRx3SU8U0zcUEyJpLgMZyaCMp3N5bT0Bu0uG7GFaVQtaDz5sevmTx6AJphQck5V3okBqycCT2Z5dr%2F%2Fol7YjCVDfJfAAHXftlWGgd7dFHiueteAR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82d758c4ad834541-TXL
x-amz-cf-id: O_5hEe5tH1TbmdsFBs2adAfaGuVRQ00VGDlObtptUqeYtG31BCrPGg==
expires: Thu, 28 Nov 2024 02:16:07 GMT

GET
H2 200 jquery-migrate-1.2.1.js Show response
www.hunters.security/hs/hsstatic/jquery-libs/static-1.4/jquery-migrate/ 7 KB
4 KB 72ms
70ms Script
application/javascript 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs/hsstatic/jquery-libs/static-1.4/jquery-migrate/jquery-migrate-1.2.1.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 7135e74802b850169bf88eb66663d5a6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 518183
x-amz-cf-pop: WAW51-P3
x-amz-version-id: null
content-encoding: br
x-cache: Hit from cloudfront
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 08 Jan 2015 18:08:00 GMT
server: cloudflare
etag: W/"eb05d8d73b5b13d8d84308a4751ece96"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFB6Y%2FRl%2FAybZTjvNnlKJTYZwHCKUCz6eVtfjHH%2FIuTPXuz8ETsbyPAB2indc6LrP2KSAP2R8UxoBFiuL7FyYLIwWu6jYSV%2BCMLXPu48YRS9yNciekCitl5U0k9oFzmYxQoeNJvSaIJQQsTEg9GNu7rq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82d758c4ad844541-TXL
x-amz-cf-id: -0xXxN5Pl2IFWGoSTjTO6WBKAbMCE4srFxUl49-_aOJMxviQ1ezKnw==
expires: Thu, 28 Nov 2024 02:16:07 GMT

GET
H2 200 blog.css
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/133487975192/1693974557567/Hunters_Theme_May_2023/css/ 28 KB
7 KB 77ms
75ms Stylesheet
text/css 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/133487975192/1693974557567/Hunters_Theme_May_2023/css/blog.css

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ca9ec4f49125ea152ded022ed0a178beb354a30a8823573a1e5393cd5a79414

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: 5Y09A0JT3JF011QN
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"45658854b6f8310ea6f1b2ea639eb5e0"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1693974557567
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 16dfaf786e60aa9bf3b94684a08564c6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: dCce4DcX.EWnfvXcZgwLCpVoIBoMqDCJ
x-amz-cf-pop: IAD61-P1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 46b86bc1-14a4-40bb-9e63-31ce0cea234c
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 199
alt-svc: h3=":443"; ma=86400
x-amz-id-2: nW5YL4wwXVfM0ClRaKraQrPSj0B8ERd49X0ma+o9WYEMjQsYJSekIDwWmZeuMcUrWuzeLrXRPDw=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 46b86bc1-14a4-40bb-9e63-31ce0cea234c
last-modified: Wed, 06 Sep 2023 04:29:18 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2BOJWQhaAtLv8wc4urai9%2F4iyVVLRQTOePFEHA6qgWpjnDulugS2%2B4AHiEIAe6JDHGjp%2Belm6Pv1Fe%2FGm%2B13QOTuap%2Bm7LrcmEsWwXkrY6Vj%2FqepGgie3vWArNLA3AzDH9aSSMBTRpDQfGmObLbiF7oy"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-gb4w5
access-control-allow-credentials: false
cf-ray: 82d758c48d734541-TXL
x-amz-cf-id: XVnLuW06wGwhDH9sqWz5_tl3tCzmpRFdjRK4Umm05zHTwTvRuccIlw==

GET
H2 200 magnific-popup.min.css
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/130719549746/1693291612591/Hunters_Theme_May_2023/css/ 5 KB
3 KB 81ms
79ms Stylesheet
text/css 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/130719549746/1693291612591/Hunters_Theme_May_2023/css/magnific-popup.min.css

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d92e113ac3031b838001ddddf965d045f470ff748ff2e116b30378910eeaecb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: M6H2WQ8AQV3V7XS5
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
x-evy-trace-listener: listener_https
etag: W/"64912a79884a20761ab19de42f85218c"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1693291612591
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 eb9a7c491927f70f3921f0803caae61c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: Xjt7jqVG9NhQHsz_IZzhHZq6jRGc4F63
x-amz-cf-pop: IAD61-P1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 7e79e979-2535-4710-8356-a9ddb4c6be03
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 173
alt-svc: h3=":443"; ma=86400
x-amz-id-2: D0StWFMFO89PQmDl4psV6i6UwSRTlQBGKelJP+MFBU1wg5BVoT3bUhfvxpSg0VP0Pmc7QPgfwQs=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 7e79e979-2535-4710-8356-a9ddb4c6be03
last-modified: Tue, 29 Aug 2023 06:46:53 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6j1%2Bnqvsu%2F8V%2FHNe6y7wfYO5OrgzxCIDdZ5OErtNNvr5H3P9kqvSI34yG2j2z63eG1hM9YqIXlZYcRk0Bqiv%2BLyXbeZG3REhiKtzPDOfN6N6y9D5mHtCpwiJ%2BFk6zK2Ei%2FHc7aUiNZsXsMYCrmkCsvgf"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-xmwnv
access-control-allow-credentials: false
cf-ray: 82d758c48d744541-TXL
x-amz-cf-id: -7Nr4Tp4RWuSvHqaNFpX0fH0cZJjjGcSMv2fJHRu904XooTY5T6ggg==

GET
H2 200 easy-responsive-tabs.min.css
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/114002466428/1693291614672/Hunters_Theme_May_2023/css/ 3 KB
2 KB 102ms
101ms Stylesheet
text/css 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/114002466428/1693291614672/Hunters_Theme_May_2023/css/easy-responsive-tabs.min.css

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

10dc028779c21e5b3f1bc41e19eaccdca81a38e53e7712439d271ceb6174f534

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: FRK449C362JC251E
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
x-evy-trace-listener: listener_https
etag: W/"9b3e369494f25ea9c18f4f72ef2213ec"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1693291615367
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 95ad9d4dc596fb803e3114c8dbdc4b60.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: WRfDjq3ykki5RbUHXjGTj2jUB4D3Ghw8
x-amz-cf-pop: IAD61-P1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: be7cefc9-b316-46c1-bb10-3632446c8b09
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 155
alt-svc: h3=":443"; ma=86400
x-amz-id-2: +pNtPLF0whmWKkpVibEASmYIZ7QzSw61bgCyzBGl0gfUkDH8UQ44CzHY4Wj2iytXIVMdCMnE74Y=
x-evy-trace-route-configuration: listener_https/all
x-request-id: be7cefc9-b316-46c1-bb10-3632446c8b09
last-modified: Tue, 29 Aug 2023 06:46:56 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9tqZQg8d9Ihzh%2BQt%2BItY5yceJYua18PRAI4rtd9o%2BhWxXtqmuTvwIkqYn3K2aDJ9Y9rMWHMn0evZQEM1LrnLDDeOz7IDBOyEvhjIWVO57IOLA%2FQlkkpSuTSEV99ZCUqA5zZ%2BVi0VjAbtb8CGIo4E5L2c"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-nlblb
access-control-allow-credentials: false
cf-ray: 82d758c48d764541-TXL
x-amz-cf-id: UGEA8g5WvwSYwY9JfpXk5vXewKqMK6oQ_yZtys2Q8NsSAhL0iyMzKQ==

GET
H2 200 style.min.css
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/127041525412/1698317188910/Hunters_Theme_May_2023/css/ 97 KB
17 KB 79ms
78ms Stylesheet
text/css 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/127041525412/1698317188910/Hunters_Theme_May_2023/css/style.min.css

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9393b6db2f748aa64f0c5dc27a53a7ff16c27ba58513ba2ac47c7af606efcf0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: 3PDJWFG4E1ZSJMX2
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"c78b6fb81c12b91290f971858552a435"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1698317190137
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 7c4bbd97f5be908e33f403c3794f629a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: qrTj3keVvhEwyDQQiEQKk8fY.RK2OjHI
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: f59557bc-ff3c-42f3-9b99-77132f7245b4
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 313
alt-svc: h3=":443"; ma=86400
x-amz-id-2: /CwSYL/7+KgLaIa4FCh7rdbk7YeKppbIJA7IJ2Te3GFk9lVN7qt4aJ6JhZvzelbaTE2rY4vVVMU=
x-evy-trace-route-configuration: listener_https/all
x-request-id: f59557bc-ff3c-42f3-9b99-77132f7245b4
last-modified: Thu, 26 Oct 2023 10:46:31 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9cOCDR%2Fjvvzy%2BcwH4KOOOTHI5ge2uvib41Lv%2FkwFQToeU4PMMlX7j8NxbDk4ebI6t%2BXSvtqYg5iWeLeuue%2FQwqAibxdkcM9WF4PM50wCDrhsZayqpKoMembCOZIiqMmTVQgOkHVGHuMnMICshN8a4tuC"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-5d487f56c7-2p6jk
access-control-allow-credentials: false
cf-ray: 82d758c48d774541-TXL
x-amz-cf-id: _dssdoapYGHe91WRqo0PcXkbhAALEcFVRgdqnu2DHYiMbT3bIfqPBw==

GET
H2 200 additional_style.min.css
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/127040996237/1695109377064/Hunters_Theme_May_2023/css/ 34 KB
7 KB 93ms
91ms Stylesheet
text/css 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/127040996237/1695109377064/Hunters_Theme_May_2023/css/additional_style.min.css

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b2ccfa8e6a3381d936fcb339a2254dfff4ea71f5114197724a4e2c1eb1c8115

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: GR8FJQTD7KMYQJXN
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"92110aaff8b12bcdab7138e8b0b9b716"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1695109377981
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 95ad9d4dc596fb803e3114c8dbdc4b60.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: HKd8PmJ0HSoi6apjcPCH_Xg.hT55sHns
x-amz-cf-pop: IAD61-P1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: d1b47204-9b24-4c92-aacc-ca73e1431231
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 228
alt-svc: h3=":443"; ma=86400
x-amz-id-2: KHbSZqd/N0Z7TuecJsncQbn3wyBefEB8d5HYjtRjHvxCK0l3jyk4ANunK9jaYZfmQFAjn6FmFPw=
x-evy-trace-route-configuration: listener_https/all
x-request-id: d1b47204-9b24-4c92-aacc-ca73e1431231
last-modified: Tue, 19 Sep 2023 07:42:58 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=llwuqaE3GBBX2NpY9etu0hO5jXIGm2wQRQm3CTUiNlvpuYQEegHMn%2BsFj1DFAkJsUWwE%2FXlM%2FXbgn8KXDjSRb8oCbeIMXKeyNdoIP97B0dqxdz0AdH3e8meWpWxBUu4zosECX38nmEgE7uN29zN3%2Bdsg"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-5sf4f
access-control-allow-credentials: false
cf-ray: 82d758c4ad7f4541-TXL
x-amz-cf-id: rYzFvjzBcfHJH2r_pv-RGXdO3GXTOAOMRzGrYboNQ7bv_zErmy5u3Q==

GET
H2 200 theme-overrides.min.css
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/113858809947/1693977471236/Hunters_Theme_May_2023/css/ 13 KB
3 KB 134ms
133ms Stylesheet
text/css 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/113858809947/1693977471236/Hunters_Theme_May_2023/css/theme-overrides.min.css

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b1d913f0ef5cc8fd8d0c483772f5d511071ccc1d441f64292fb7659616f5b79

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: N2SG43G3SM17R76F
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
x-evy-trace-listener: listener_https
etag: W/"55ca2988b2dcdc64c0d28ce220832d86"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1693977471960
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 e32f3698b8d39139f138de8a86d00996.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: MwZEdO.RtzwbqpCFNnZDvkHS1VL3JhKQ
x-amz-cf-pop: IAD61-P1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: e4f6aeef-74a5-4390-a3f9-c9dbe9b698b6
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 160
alt-svc: h3=":443"; ma=86400
x-amz-id-2: pRgU+XPJ4+KbDNLCMUUD3OLw7dUiE3VeJ9x35CRYM9t6zEWZV1L+Mzsbk9VaqPMKQoVJiLM6Xqw=
x-evy-trace-route-configuration: listener_https/all
x-request-id: e4f6aeef-74a5-4390-a3f9-c9dbe9b698b6
last-modified: Wed, 06 Sep 2023 05:17:52 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NvueZp%2FvLyaMVZ2o99krtRxWw%2FQWQgfiHN3N8U53YZ2GVr4lvQEu1%2FbD3mkE64qz4PH4cVAEgVRoB29EHLcQuTx%2B63R0YkxlfwpK%2FwSGtnfJaqhexWWH032PqAtNGlIu%2BfRqGyX8ptADqvCIdDZgoEt4"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-9jn6n
access-control-allow-credentials: false
cf-ray: 82d758c4ad814541-TXL
x-amz-cf-id: vsOq4TVkYsVSZlwW8ejL0AlRhYdkC4jJctmo2GHYrpad1taslCp4aA==

GET
H2 200 module_127063834721_related-post-listing-blog.min.css
www.hunters.security/hs-fs/hub/5765386/hub_generated/module_assets/127063834721/1690369454140/ 669 B
1 KB 100ms
100ms Stylesheet
text/css 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/module_assets/127063834721/1690369454140/module_127063834721_related-post-listing-blog.min.css

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

23a2777cbbd78b114125c9276a3b42d568e17909104309e46e94dd2d93b3abd3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: WWWHRKR57EXC1ARH
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"70d8f9f86b8f7fcd77f9fd2c13570bad"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1690369454140
content-type: text/css
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 8beba0476250d2240f748269153a9f96.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: GiPU_UuzFWyC3bxaBqwbunFBlwZVwxQV
x-amz-cf-pop: IAD55-P1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: dc4897a2-44ef-4b18-84e9-f1c64dae13e0
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 182
alt-svc: h3=":443"; ma=86400
x-amz-id-2: u+Qwf4d9H7jDe3Gx/xVc4/7uj4/UckO2a2oe595mBPhcq6Wpd5QG0AUPQENelVQrVQXmrv06/GcVmnwlxun9NQ==
x-evy-trace-route-configuration: listener_https/all
x-request-id: dc4897a2-44ef-4b18-84e9-f1c64dae13e0
last-modified: Wed, 26 Jul 2023 11:04:15 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7iBDW4i%2Bor718SkRiHNDe%2BGfJEorz%2Ft4taBJrr68OW0Olv%2B6VRFVd0dLbBt57teKlQWqKlcm6YoFUxBd5w844TBnCC2uU0F5w8JdEdenxVZ1JRjquB08Ck0L79goYtV8CNw51Gw6dsV1%2FpyiwnFLCvUN"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-vbm4n
access-control-allow-credentials: false
cf-ray: 82d758c4ad824541-TXL
x-amz-cf-id: ifwUTZy1D5Kp8eNpY0on_vM65mNuozGi28CcmYKRejRSWJzwYCj1XQ==

GET
H2 200 in.js Show response
platform.linkedin.com/ 510 KB
160 KB 258ms
150ms Script
text/javascript 2606:2800:233:66b5:799a:7cd3:f74d:7071
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.linkedin.com/in.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:66b5:799a:7cd3:f74d:7071 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CE6) /

Resource Hash

87c3ae1ebf322a010fb2191df1679d6e6b7efa7c1bd8e0f8a90f79d43581954b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 02:16:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn-client-ip-version: IPV6
x-cdn: ECST
age: 2556
x-cache: HIT
x-cdn-proto: HTTP2
content-length: 163638
x-li-uuid: AAYLQIXQLXKgVrL5GfqTDg==
last-modified: Wed, 29 Nov 2023 01:33:31 GMT
server: ECAcc (frc/4CE6)
x-li-pop: prod-ltx1-x
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
x-li-fabric: prod-lva1
x-li-source-fabric: prod-ltx1
cache-control: public, max-age=3600
x-li-proto: http/1.1
accept-ranges: bytes
expires: Wed, 29 Nov 2023 02:33:31 GMT

GET
H3 200 black-logo.svg
www.hunters.security/hubfs/Imported%20images/ 2 KB
2 KB 71ms
70ms Image
image/svg+xml 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hunters.security/hubfs/Imported%20images/black-logo.svg

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

368406900c890220c314afd610820f1e635e69e4d3e0275ec060057865f563c0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-71680581388,FD-36925193306,P-5765386,FLS-ALL
age: 211177
x-amz-request-id: VR0XWWJGCEPFCC36
x-amz-server-side-encryption: AES256
edge-cache-tag: F-71680581388,FD-36925193306,P-5765386,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"88d1cec7ef908496d2e8aa6c03895c82"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1650604878426
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 52e36d36d4be47cb53b8d42c679428e6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: VnnFkSmT.uR334htBJTUR8Yrxz9yrp6X
x-amz-cf-pop: TXL50-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-71680581388,FD-36925193306,P-5765386,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
x-amz-id-2: kzQwoW9lhZvhdRjdeH2/ANL6C0SGWImGHy4K9csbD87WVp19+Ac3vNLXUmXAveeGbv2ts65EHTs=
last-modified: Fri, 22 Apr 2022 05:21:19 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QcwisrTQFBZcmKZWL2y6KsP5ZcBEBeMFZ4Xfs%2F2RccARxEePOdKOnQETEWN49NKPH%2FtP0sy64C4Nti%2FzNSdr%2FvEsUUck9CdTvLU9JGM8ZyC%2BurPsY%2FyzJPgVfI6VmW0gyaUqaPnVUlruSulVIVEuCkkg"}],"group":"cf-nel","max_age":604800}
cf-ray: 82d758c6adc46a76-TXL
x-amz-cf-id: etoIDFIoIWv2qgzGM_1g0Czu55EuHqnXCeqMRS6vMPIFxttL4DELjg==

GET
H2 200 Featured%20images%20%285%29-2.png
www.hunters.security/hubfs/ 197 KB
198 KB 84ms
83ms Image
image/webp 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hunters.security/hubfs/Featured%20images%20%285%29-2.png

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b83025c6af427c862bf1f6599330a1dff8ea8effa9bd200614b5e7a6fed36c64

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-140864712274,P-5765386,FLS-ALL
age: 35029
x-amz-request-id: VJKF43KVTR9SH5PF
x-amz-server-side-encryption: AES256
edge-cache-tag: F-140864712274,P-5765386,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Featured%20images%20%285%29-2.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "5e71f6e99d836fd4c727f0183a9f7de5"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1697663072549
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 ce9a2abd25eed1f472711c23f8a0adae.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: .kW3g32t9JHA4lbGsCfqupyqElRZSFMj
x-amz-cf-pop: HAM50-C1
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=298115
x-cache: RefreshHit from cloudfront
cache-tag: F-140864712274,P-5765386,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 201218
x-amz-id-2: aBKicUljFtaC1PqzjoyUZEONQBruXmv3+Ioz+0TGeERL4ROqAdnhdUMd7YrzhKmP5huBimqaNJvY6E1bOCRSuPVmEnGfHK3SEbt7xi7oHvo=
last-modified: Wed, 18 Oct 2023 21:04:33 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0fcIG4CTToQbv3DNTOu5qLBPSVrd4bktY8%2BVCg5vjGndG8aEClbnKQzeI7Qpg9cOISBoPWcW1mfeWX9qT1ymNSq%2BrFEP%2FfYZwD8y1dnyv7opT0apQpvDjgya7A71epWe1jU0c%2Bz%2BRXUjd5cgivSvbt7"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 82d758c4ad894541-TXL
x-amz-cf-id: G1Xo0PhPFUFiJLrJYrysykUXbkhmlz4AVfHr5MCVa408DEYQy2MArg==

GET
H2 200 Detecting%20Ransomware%20%281%29.png
www.hunters.security/hubfs/ 208 KB
209 KB 78ms
78ms Image
image/webp 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hunters.security/hubfs/Detecting%20Ransomware%20%281%29.png

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

858e1cac76fe710471dd8ce21a84aaee4264ae16ec6df497e37880a6e5d2f86b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-133207288649,P-5765386,FLS-ALL
age: 35029
x-amz-request-id: M79PWSVFK667G13X
x-amz-server-side-encryption: AES256
edge-cache-tag: F-133207288649,P-5765386,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Detecting%20Ransomware%20%281%29.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "41bae027b0905fd449448d3a36b15e75"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1693814382382
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 19d23243200e63f987eb95cd84ad557c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: vmyqYTjmGiM1RtpUQ9sE0GhnCSxriaAV
x-amz-cf-pop: VIE50-P1
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=315905
x-cache: RefreshHit from cloudfront
cache-tag: F-133207288649,P-5765386,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 212778
x-amz-id-2: MBJIol+Bj1safqIUxIoDiJwZJ3duPlPik+c9jKoAnTaFyfyOzctqdJwNxIVMR7y7jnjx5aGlM4k=
last-modified: Mon, 04 Sep 2023 07:59:43 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IhYtabXsh9HQWHhffBY0t%2BnLUpKwxDMQLR1DkxR27dBbZlRpGKrqZTeiy2WL9ZGPxKTS6hAAy2hqrkbozgzVUpMDiClj5PqYjM%2BzcSFWRlk9efqheKsGE98tk4KzBZxP1A296%2Bsj0I62hPH7Viyx48XL"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 82d758c4ad8b4541-TXL
x-amz-cf-id: yRe48EJBXSwTqQ2bJZQAlNDzB22zM3TK6sQKDK0mAo50wHtzmsUFvg==

GET
H3 200 Featured%20images%20%283%29-3.png
www.hunters.security/hubfs/ 182 KB
183 KB 42ms
42ms Image
image/webp 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hunters.security/hubfs/Featured%20images%20%283%29-3.png

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c401405a7e3650dbf6db13ec242dd3ce0656f4356838e6e030c7099b96ae152

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-130408934718,P-5765386,FLS-ALL
age: 35028
x-amz-request-id: TRJKEJ9CGVTFGB7F
x-amz-server-side-encryption: AES256
edge-cache-tag: F-130408934718,P-5765386,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Featured%20images%20%283%29-3.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "31fe0fdcf0698be73d21c5e2de3a1c3c"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1692179641518
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 432b13056093689871d6c14aa8f1c81e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 2CecJmaBZOjfvnn8vSAkiSo.UiN5ngQj
x-amz-cf-pop: HAM50-C1
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=277440
x-cache: Miss from cloudfront
cache-tag: F-130408934718,P-5765386,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 186418
x-amz-id-2: 1X2oGzIVHavV9pIQi+fgP7fl5A5XiQFGK+wj9c9Po7hjxkg8aMfJkuY5tkMonxGLpW6R05errhyiQNyTsHNlLz7hMingv/P9TklTr51h6rs=
last-modified: Wed, 16 Aug 2023 09:54:02 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNIS%2BMXkaoYtuoq6PH3%2Byq18HuyaATSltITarQHOOUfTX2CmTV9M5kaVwrvthW%2B5R1d6C1Q7G3imlhkoymmm51Hqx1jzNH0V%2F8g2NJ6ex2mOZeVdYEQIivJHexZD6Hq2pB%2Fa1LpXiCx7HmZ3PKSBlr7X"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 82d758c53c7a6a76-TXL
x-amz-cf-id: 3TxyWedoBG-0xZlOwu78r1NYA5f2LFr2L8aPPmNRtKWRQ1F0dp5ndQ==

GET
H3 200 Featured%20images%20%282%29-2.png
www.hunters.security/hubfs/ 195 KB
196 KB 106ms
106ms Image
image/webp 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hunters.security/hubfs/Featured%20images%20%282%29-2.png

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

39dfef8659a1ca6b7b72796a29b2a9a3fde995d66d1a2eb8dd4b62d0f5e37a03

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-127582134896,P-5765386,FLS-ALL
age: 35028
x-amz-request-id: VJK0R3WDSPGEC91D
x-amz-server-side-encryption: AES256
edge-cache-tag: F-127582134896,P-5765386,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Featured%20images%20%282%29-2.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "d4be4d7f9b5a11944ee964401796e71e"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1690720108190
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 6c0cf54c85a45b06ce06eb9b5a31a1c6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 1bPpE9jxHOibM.26gJFWueanfyV6mtq1
x-amz-cf-pop: HAM50-C1
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=311892
x-cache: RefreshHit from cloudfront
cache-tag: F-127582134896,P-5765386,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 199636
x-amz-id-2: z9Krt8+6GT3NEgR26VPad96giJ5cY1Fc3foA8MpVTKTBlU46fAQ19TkytX4/fWgRcoryH77Hu8E=
last-modified: Sun, 30 Jul 2023 12:28:29 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GtY9M3qZRNP4cMJfLT41Yn0o4D%2FbVGnO6XqA0Ry47B%2Fsi3CyAn%2BRrPIGK%2BAI83rIWNFsvHSnJWBjaXPpuEbGilTkQz43anXHNTjNPE%2FSRtrC7BEXufnJdPjobAyRfx7j5FsCx615r0Dh16U6Vmr%2FTToH"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 82d758c54c7d6a76-TXL
x-amz-cf-id: 8aKKtuVlQvADV--nwLRSvRMkOX7fvShI4NQJyKBH65GFq1uMLnlv6A==

GET
H3 200 Detecting%20Ransomware.png
www.hunters.security/hubfs/ 211 KB
213 KB 40ms
39ms Image
image/webp 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hunters.security/hubfs/Detecting%20Ransomware.png

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

114684b8fee4cea8c797eb72e7a55cc761ed8f5907bce24454d3f23c2df270f1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-124291394205,P-5765386,FLS-ALL
age: 35028
x-amz-request-id: D79NCFSHPPHEJ81K
x-amz-server-side-encryption: AES256
edge-cache-tag: F-124291394205,P-5765386,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
content-disposition: inline; filename="Detecting%20Ransomware.webp"
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "fcebded3c4798987b7bef4361e3451f2"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1689167151188
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 cc91f4cc360b8afb58871d3847b754c4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: DFA9BpQK.Gk0MO5er9uxPcU9UG6VNrdW
x-amz-cf-pop: TLV50-C2
x-hs-alternate-content-type: text/plain
cf-polished: origFmt=png, origSize=323094
x-cache: RefreshHit from cloudfront
cache-tag: F-124291394205,P-5765386,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 216414
x-amz-id-2: yh4lD7M7gw7TuerWRa80C6bijCEPAXCCyJd9ae2VwGq3c/T4O2aYU89DLy+Gzlw8iPlGEasifwU=
last-modified: Wed, 12 Jul 2023 13:05:52 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hp9cPUG1GFeJD%2B8gj5A35UBTGZEYtw3DtAeIRdBlhX4xAToYAFd6HR9d%2BxPQOr2zR5QxgSWiZJJKDVRFLj8FesrdhfW%2FZgpwUqqFuarLgiMC%2FyRT%2FxKHKycoTU4ddOgn89B%2BqK30SesLH3VtQeSileJO"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 82d758c5ed1d6a76-TXL
x-amz-cf-id: -Wb-UfgYdcJn75cojYQCYCo_Z7BYItdJLuCySPAbpIFxPZG7WXx97Q==

GET
H3 200 magic-mouse.min.js Show response
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/126882284593/1693291612618/Hunters_Theme_May_2023/js/ 7 KB
4 KB 57ms
57ms Script
application/javascript 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/126882284593/1693291612618/Hunters_Theme_May_2023/js/magic-mouse.min.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

91f0116d893ce32487b8b683a408b135c15809c7e1b3d8d26bdb5889126f2077

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: B6J5AS2A4E5XSYJJ
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"54c961291b27575b217ab9dc804ff844"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1693291612886
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 18591001335591ffb831001ad8b75762.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: nkLfko.VU99ei9urIHGN_QjnPno3EX44
x-amz-cf-pop: IAD61-P3
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 3cca2d76-f747-41bc-849f-295e0cd3c4cf
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 163
alt-svc: h3=":443"; ma=86400
x-amz-id-2: aN7balKOcccy9wwh4FYKp0GyfzVzCPcMRtm96AQkeXdpQ9kSIkEafK/L0pvhiJ8/BRcOX6t0Rr2XK3qs4itpfA==
x-evy-trace-route-configuration: listener_https/all
x-request-id: 3cca2d76-f747-41bc-849f-295e0cd3c4cf
last-modified: Tue, 29 Aug 2023 06:46:53 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TwvAM2EqqGYtU7StpKxLDu3ghDlhS%2BaRnnt0qG9EBT8d03LjhR%2BlKHvsHyubGi5NQQpCDTQdg9IrsVKYgwN5b%2FY9HgO0l8yKP9hV4vmHcgkgvtQ3O4RK8U6zknMf3V42SVGPSEo8pNErDK5aS1ifRJJQ"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-b6rgr
access-control-allow-credentials: false
cf-ray: 82d758c60d4a6a76-TXL
x-amz-cf-id: moJO84O1F1XVcrzOTRE7Ef0kC5lmu_3GG5rrTfR6b-gpf8hpqF8QCQ==

GET
H2 200 jquery.magnific-popup.min.js Show response
cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/ 20 KB
7 KB 60ms
23ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/jquery.magnific-popup.min.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 02:16:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 260049
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6546
last-modified: Mon, 04 May 2020 16:12:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed4-4ef8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hu3GXBlW1y62gsvoSX%2BLjcRpSR5bxb26A0QJ9spq7PpeX0sQTgQDRKzx%2B%2B5RacRUlf3HpEvxeT5lMCYC18aNRCteqf9IzKFry5eO7vRyFW7vDZiAE2g%2FJA2QATgEcCW%2Fwbq5YSqbShRdR%2BMwvpQnATT4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82d758c688bd44f8-TXL
expires: Mon, 18 Nov 2024 02:16:07 GMT

GET a076d05399.js
kit.fontawesome.com/ 0
0

GET
H2 200 modernizr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/ 11 KB
4 KB 25ms
22ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 02:16:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 589393
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3980
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-2b4c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Af1Y%2B6noq0eymD3QK29HMghFOE4IQYNVZnFKsyY2vPzENbsqBFsWafY%2BrITNtjSObLZEhR8c0YC1nmOp3xrLviv3XwSN4nmcpcb3KzFJlR6nXJpAgfCQAhyodq6AQG%2Fb7b7vtxMPaQtZYK657jcdhk%2B6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82d758c6a8d544f8-TXL
expires: Mon, 18 Nov 2024 02:16:07 GMT

GET
H2 200 embed.js Show response
static.hsappstatic.net/content-cwv-embed/static-1.388/ 14 KB
6 KB 64ms
27ms Script
application/javascript 2606:4700::6812:b05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/content-cwv-embed/static-1.388/embed.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34942d531ecf961a2a6777526aef0c7d17f28a4ce9afcac868eb132c700bfe5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 02:16:07 GMT
x-amz-version-id: GNgANes_HpxlXMl5IDFfVeYnBgfaeeYN
via: 1.1 ec556e7b2261ec9453578c3e51f5214a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: WAW51-P3
age: 589393
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 15 Aug 2023 19:48:57 GMT
server: cloudflare
etag: W/"8741985292d64b839be39c64b14f3783"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kiGCuyuHIgc5SeYJN7TsM6aHe0y6A9ERkF59WVSva7EmzEHXs3ARowog2ijXs6IrMs4%2FAYpuIxnB41gXBTSJEsyL5Ta2c6RWet7Mpd6MFhzkGS4mp1aoJK0%2FVus%2BZ9PbEHk73%2FrM2F6RpANVBARnJxMGipI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82d758c6efb758f6-TXL
x-amz-cf-id: Pz5_7WasWN-ISGawE00PIJQkoJ94VrRPw2B5EdsLm5nltYy1CqUY5A==
expires: Thu, 28 Nov 2024 02:16:07 GMT

GET
H3 200 Owl-carousel.min.js Show response
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/114356373127/1693291620234/Hunters_Theme_May_2023/js/ 40 KB
12 KB 69ms
67ms Script
application/javascript 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/114356373127/1693291620234/Hunters_Theme_May_2023/js/Owl-carousel.min.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc507001be80bda64a1378c7f6edce7a6fe445dd6712c4eeaed70db462a7e934

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: FRK854ZRT3ZZTKFM
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
x-evy-trace-listener: listener_https
etag: W/"b563bf018685e7895cfd162d6dffaf88"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1693291620646
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 38fe40c6774277cdcda429bb053fbc1e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: v7yQPkPfKxlswQf6LteLuXRiDwl435C8
x-amz-cf-pop: IAD61-P1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 17903546-6313-4bf0-bb77-309579b963e3
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 297
alt-svc: h3=":443"; ma=86400
x-amz-id-2: cnyuKQbhNRyJLWeSm4WCnVTbmqu5o8K4ymlLKDvNvlf6MnJ2GNVH3Lsg1eBDNvuEY9WKCHvB1e8=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 17903546-6313-4bf0-bb77-309579b963e3
last-modified: Tue, 29 Aug 2023 06:47:01 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRhY2%2F1U0jvfusf3eoQ%2BmFTvlR3%2BRPYtQw8DA5uih47gWFJGtrUpqfzcgM4ffsq1bEq%2B%2BK29xm1jA8aSJtAv8wpapcWN9KTR6rm860kpLBiYg%2Bj%2BRn8joEgI5DkJmTCt6TBo8H5fAcGUyk8NpHi7mpOu"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-9jn6n
access-control-allow-credentials: false
cf-ray: 82d758c6adaf6a76-TXL
x-amz-cf-id: L-SmnmMwLzWa4jXfgmcQFRdDGPmLdXaN2OHspWHcLe3nCkV9NBkw8w==

GET
H3 200 magnific-popup.min.js Show response
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/127662486200/1693291616579/Hunters_Theme_May_2023/js/js_plugins/ 20 KB
9 KB 63ms
62ms Script
application/javascript 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/127662486200/1693291616579/Hunters_Theme_May_2023/js/js_plugins/magnific-popup.min.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: FRK3VHXJ6YGGWNC1
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
x-evy-trace-listener: listener_https
etag: W/"ba6cf724c8bb1cf5b084e79ff230626e"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1693291616579
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 be4fef3f6c1b2c76e0341ff49a27ce40.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: Al9aEv2E0deAwAfGacCRBEskazOldysU
x-amz-cf-pop: IAD61-P1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: f1731f3e-2a25-4f33-a1ba-ffd71e131e72
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 157
alt-svc: h3=":443"; ma=86400
x-amz-id-2: NTTAwoftwLxmB9KRZ4fZ/7bx5NaJMHxdVNBi6k7r1g0jhDCocZV4/iLTDMLdhm9Gng9CQtEL0rc=
x-evy-trace-route-configuration: listener_https/all
x-request-id: f1731f3e-2a25-4f33-a1ba-ffd71e131e72
last-modified: Tue, 29 Aug 2023 06:46:57 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LxaiYJJZgTxqN1znNytZ3kYF6S4VZE3XIAcyMkQXXsGncNPqWwL5pWYVdBQwugDy24FwjCEIWSEG4ZpE4O1xNcrGzLgawU%2BgoanE13jBKlfvmMOrUMdSjb4pSGcJ2wP0nmQ11P4HhMgkp3JMX3roTWgE"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-pfskq
access-control-allow-credentials: false
cf-ray: 82d758c6adb06a76-TXL
x-amz-cf-id: _KdDv8hve3IOUxJOYRi1wKk6eyyQQXVRZNxH6gwHmsC-cFXzJNEozg==

GET
H3 200 mousewheel.min.js Show response
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/127662695006/1693291622639/Hunters_Theme_May_2023/js/js_plugins/ 3 KB
3 KB 95ms
94ms Script
application/javascript 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/127662695006/1693291622639/Hunters_Theme_May_2023/js/js_plugins/mousewheel.min.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: A1M0YVZM514YWZ9X
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"d5843dbdc71ff8014a5eafd346a262da"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1693291622639
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 be4fef3f6c1b2c76e0341ff49a27ce40.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: EB4B3aQyiLb5JuXTAcZzRVAQLRHIpKLi
x-amz-cf-pop: IAD61-P1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 2fa4ea5c-842b-4c92-ab28-eb52c4312b5a
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 170
alt-svc: h3=":443"; ma=86400
x-amz-id-2: x4WCL25bILbcTstBzN1FCGmmf20uzz64XchgiAaxx4eb9/txISMX+fXUHf5kgvsFlSP59idD3oQ=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 2fa4ea5c-842b-4c92-ab28-eb52c4312b5a
last-modified: Tue, 29 Aug 2023 06:47:03 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cj5rYms6ex99durK56jHjxF37j%2BVz3krCN2EnP10c8Ldk9npANqbcTQQkLboiUwYfOS5fYLUW7rs3CN6q7UPKtsiyRCcvGZGxxpBkoCvuV3cLWX8cPakijrbOntOebQOaJQhkuimx5Xr9Nq4w7zfZF7B"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-2skps
access-control-allow-credentials: false
cf-ray: 82d758c6adb26a76-TXL
x-amz-cf-id: 2jJswxiN28w8snwQNDNaM-wbFC2aK_R8kz9ARWMxeGHWQyI2jEdBhg==

GET
H3 200 aos.min.js Show response
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/127662486199/1693291612611/Hunters_Theme_May_2023/js/js_plugins/ 14 KB
6 KB 74ms
72ms Script
application/javascript 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/127662486199/1693291612611/Hunters_Theme_May_2023/js/js_plugins/aos.min.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c29e718b023d06a8824bd6cc3d2856124f2c41af363a256936e7c7a79a4b8af

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: RZ5N7JY9BD28G49B
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"ede6e7843492ab4c25dcb5ff2fb243e0"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1693291612977
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 d640ec12547ee097cb75dd5bdc8787b8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: WX4f.toIuFDPXZmixmFRY3dgQMbUPcRt
x-amz-cf-pop: IAD61-P1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: dbb35e1e-f7a2-4fec-a16b-9e1083efce42
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 255
alt-svc: h3=":443"; ma=86400
x-amz-id-2: YQj3rsy1x2mTPwWVLw3l39AzNYUxk5pSTRHghKfleEx4Ga1cfkC809E8JS1nC8HiytAuYU+cEb4IQo77OnXlGMzbEKidOoHq
x-evy-trace-route-configuration: listener_https/all
x-request-id: dbb35e1e-f7a2-4fec-a16b-9e1083efce42
last-modified: Tue, 29 Aug 2023 06:46:53 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HZn5eCFHHQjqxwBmKrFAAUjjZjOAjj2Dbs%2FGfuANY2Wu6dDwrRzXZsUvWzhZLOj16mjVwaKkCPX7D15xzVnFJ4W3KyEQdX%2FAj8KhrxQLXxfGQWErpDpZ70lfqg1%2FVP7Ij89b%2F0yIz1JnFIH1dhf2tsqd"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-gb4w5
access-control-allow-credentials: false
cf-ray: 82d758c6adb66a76-TXL
x-amz-cf-id: 5t8-IxJnQfBAWT_JVo3n4FJeCbPeEjmcuJRVqUwqjeDJoPGBnSnD8A==

GET
H3 200 ScrollMagic.min.js Show response
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/126882575644/1693291613854/Hunters_Theme_May_2023/js/ 17 KB
7 KB 76ms
75ms Script
application/javascript 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/126882575644/1693291613854/Hunters_Theme_May_2023/js/ScrollMagic.min.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

da9dad45994fa30a773ffd383f0daba950926e1c95fc807b644554825ac34bf7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: ZA7DCTMK2Z760PJN
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"6ac0def42e0780c817de6097d1607a27"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1693291613854
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 999e0c944d96e4c2945aab8389961e9c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: .pBAd2cfgI71wmAPubCRyFgyotetpu1F
x-amz-cf-pop: IAD61-P2
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 4f31d538-9d29-48c8-b02c-07f0d66b3d28
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 143
alt-svc: h3=":443"; ma=86400
x-amz-id-2: U6s0GrF1YFdcaVEuNieDIEOhJil8vrO5UuIi07/oQZMxMWWKYK1+7DoiA+UDUcHvnsWNnjvN9+4=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 4f31d538-9d29-48c8-b02c-07f0d66b3d28
last-modified: Tue, 29 Aug 2023 06:46:54 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVjoVxZQZj5RvA5aAl1ExzeGIOC4Tuo9Usag0wqjb4IDFgo4EHPRNDsn02BXUkPDG%2BpXnJydULIiDkt9BK1sZbaLVc5WrHps3fHuHDtJ4Sac4FvqjbgHNz1bl96gq4IY5lmt0n8yvsit%2F2JCd5FSkjES"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-vbm4n
access-control-allow-credentials: false
cf-ray: 82d758c6adb86a76-TXL
x-amz-cf-id: k_k6-1gdr3BL3AQQfFZkDcIuP0L_wmNAjsT_PhUBD7cf-vis8DrwFw==

GET
H3 200 debug.addIndicators.min.js Show response
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/126882549514/1693291622778/Hunters_Theme_May_2023/js/ 7 KB
4 KB 67ms
66ms Script
application/javascript 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/126882549514/1693291622778/Hunters_Theme_May_2023/js/debug.addIndicators.min.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c15402dcdd0b03490883b62681c0d676af10894c7ce55218650d0f3827c6f0f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: FRK5A20DVVYHK4B4
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 2
x-evy-trace-listener: listener_https
etag: W/"2ca110d3d8bfbf577de0d2339e952d19"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1693291622778
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=1814400, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 2
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 d640ec12547ee097cb75dd5bdc8787b8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: G_XOawQsOWl3pTEmVM.aigCXZh2FBzqq
x-amz-cf-pop: IAD61-P1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: a6da0697-b020-47c7-a09b-4b3f68b0383d
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 164
alt-svc: h3=":443"; ma=86400
x-amz-id-2: abttKMgq0mlzKN4VqT0vN8vSLa6SukSXW/YBgj8bDRYlZGVZasl4weZ26m1kcEk9JvZlNda+ewU=
x-evy-trace-route-configuration: listener_https/all
x-request-id: a6da0697-b020-47c7-a09b-4b3f68b0383d
last-modified: Tue, 29 Aug 2023 06:47:03 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3E9hPwjVBIhGNA0RkC%2Fp%2BaCZaO2td4C8Dh5nwrgid6%2FiOPjgbO%2FeOyte3B75UV%2BtWRXxCp1o0N52AuOBXn1Xw6qNAdqWVdNEr2%2BPhfReINJyQNN%2Fzum6ck6oTTPvmaH2JNtAsa7sbame7kKT0hjeOd4L"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-fd8f7bc74-pfskq
access-control-allow-credentials: false
cf-ray: 82d758c6adba6a76-TXL
x-amz-cf-id: RJmQQKZl0Jt_F6ZaiWg1xylAMTjW0PjRG2lvszfl-pcsSywY35F58Q==

GET
H3 200 easyResponsiveTabs.min.js Show response
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/114370662982/1693291620440/Hunters_Theme_May_2023/js/ 6 KB
3 KB 92ms
90ms Script
application/javascript 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/114370662982/1693291620440/Hunters_Theme_May_2023/js/easyResponsiveTabs.min.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d5ac74ae7bad75e342eeb77f0c16005fcb01eaf5473b584030feb2f9f07e23df

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: RAF4D21CP56HMQHV
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"cb4427cd8f350ccfbe2447e487ced2f1"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1693291620639
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 db190417d0f5689511af25059af21b3a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: GXs4GlqPQXBqS3kFTrlfj_Tb_2NZavMh
x-amz-cf-pop: IAD61-P2
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: d2b937e3-b1ac-4021-a946-2a18e43b1506
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 172
alt-svc: h3=":443"; ma=86400
x-amz-id-2: yNnFqW8epXGoyVy8K+axIS5jlIAZ5n+4ljk+MaZ72/csclz5VtGyfS8eKijVvn471KWX97vqvhpChVJulABgTQIYxgRwu9+4rd7h0ztegN4=
x-evy-trace-route-configuration: listener_https/all
x-request-id: d2b937e3-b1ac-4021-a946-2a18e43b1506
last-modified: Tue, 29 Aug 2023 06:47:01 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5njen5QT9LuMMRSEypTkX9rOaW1HRifNP2Fu6wKmG9MeR2Euhkv3N7CueH60WEI%2Btp1355OQUfkN%2Bbgnby52qL92upYgMzlMpFP31AA0%2FP4cARM1W7rEzCRr7bEW7Rq7zp0utSatL5JmLnbGEehz4uMC"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-vbm4n
access-control-allow-credentials: false
cf-ray: 82d758c6adbc6a76-TXL
x-amz-cf-id: otfLgrKlBb8AN9Iq8kNkEkkiwi7xdEXOYKu4ky8yRiTvVNATZBhJFw==

GET
H3 200 slick.min.js Show response
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/126882284039/1693291624252/Hunters_Theme_May_2023/js/ 42 KB
12 KB 89ms
88ms Script
application/javascript 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/126882284039/1693291624252/Hunters_Theme_May_2023/js/slick.min.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

27bebe78e3b6a4b1664dd4fa83a8cd0187f051631a06248fefa3ef3991a5a92a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: YBA284TXCHY14EGF
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"efe2dc57bf7b73137e9642e586ee272b"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1693291624252
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 ebd7b246dc1b8bef0a7a10752563dc62.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: Fb072li6tYjBxDBknsVKEvzOtP5mz1G5
x-amz-cf-pop: IAD55-P1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: f5590456-dbd2-4a7e-9802-87551a7cd1ba
x-cache: Miss from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 213
alt-svc: h3=":443"; ma=86400
x-amz-id-2: f20HhH/cCMaAkM3WqMX2CufK7lEJ4c5eXHtZTFCpvn7mW2VCrI7RWjTmZTnimThoHURY9In5s0I=
x-evy-trace-route-configuration: listener_https/all
x-request-id: f5590456-dbd2-4a7e-9802-87551a7cd1ba
last-modified: Tue, 29 Aug 2023 06:47:05 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PBGZ%2BDnSuH24zMMOqRxN30DjTS%2F%2BTYtfbRR1QNKxX8jKUR0mGkRYW3QWVJXsEKQQ3ltJ3TICBj%2FemvVvztlsD9KWBmnw%2BhZQHjHIoh7DnfsxbzbfgJJ7510vPED0B1HFanArf8P%2BFmFnVUz3JiABnfii"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-gb4w5
access-control-allow-credentials: false
cf-ray: 82d758c6adbe6a76-TXL
x-amz-cf-id: n1IXj4g40sc5_33YV9unGWBrr8gjw1isccm-_WDuOOMEeTtayQ_4UA==

GET
H3 200 jquery.matchHeight.min.js Show response
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/126882575404/1693291617490/Hunters_Theme_May_2023/js/ 5 KB
3 KB 84ms
83ms Script
application/javascript 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/126882575404/1693291617490/Hunters_Theme_May_2023/js/jquery.matchHeight.min.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

762a5cce3355f95306400b6113dd70cbb8bcf2ce3601fa27297d1899d007ec54

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: BMAKQJ2V76A0EYAJ
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"3a5a31244d61d9cd0778b47e2d60374e"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1693291617668
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 8dd4c7f1d7b55b5ac0fc5b7f8532cf32.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 2Pt0BYwvDy8cMMES08pnbHuhXdNpbKtt
x-amz-cf-pop: IAD61-P2
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 60251c4b-8fb8-4c34-9a7f-444fdd554df5
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 139
alt-svc: h3=":443"; ma=86400
x-amz-id-2: AyeruhUz+09CN5UUWCEapNw5sOsTgihK15Ch4v062mbYOdEQFhQ62TIOzbbETnQ4Y+wWIvqfaQI=
x-evy-trace-route-configuration: listener_https/all
x-request-id: 60251c4b-8fb8-4c34-9a7f-444fdd554df5
last-modified: Tue, 29 Aug 2023 06:46:58 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7jn7g0lNeRisZQg12jdGsH6Xm60Xi9%2FtS8gduQpArEYGhIIGUx7IpwwbxKmyEU7TGaCNVhaaKawGq2rNAZYFSRlPskkre8bREUDObC63FsuuL7%2FpPdeipPCcqrAMVT7U2y5aTfqgZzyTEhMF0SM1QfNx"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-b6rgr
access-control-allow-credentials: false
cf-ray: 82d758c6adbf6a76-TXL
x-amz-cf-id: W8-Lnye2yH3b8pe24Sdzhc6nrThLo526XdWstwFX9zpTyEUtjGKPQg==

GET
H3 200 isotope.pkgd.min.js Show response
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/126882549552/1693291622937/Hunters_Theme_May_2023/js/ 54 KB
15 KB 87ms
85ms Script
application/javascript 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/126882549552/1693291622937/Hunters_Theme_May_2023/js/isotope.pkgd.min.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e31677db4782bc8c9162fa1b42005aad15d67853f7a496e9fbb493fe2309759

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: ZA779DG8ZKTDHE10
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"d171d2b83a97424cf2f260c1fc1394e1"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1693291623392
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 e28efd1a65ea5d8d42e5dac75c735524.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: WhIw.DQXpL.ZBq74aHMGtTHmE6XKg.AO
x-amz-cf-pop: IAD61-P3
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: df288e53-1f3f-4009-a27c-a507e26c6a4e
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 244
alt-svc: h3=":443"; ma=86400
x-amz-id-2: khr6yIRoSaZSkAZ9cDd1eB/UoTedm+7FU0IYH9G4ToXxTj9fBLo8tBEez+c9ZSbod6gRcvTz1zQ=
x-evy-trace-route-configuration: listener_https/all
x-request-id: df288e53-1f3f-4009-a27c-a507e26c6a4e
last-modified: Tue, 29 Aug 2023 06:47:04 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dukMpnxFUzTVUcPCPPDb1vO1pMv3pCjeKL7dIbwHAkGaM3zaG8OMb2eZWerdu%2FS8yK9qhJL84Ox8etvKoMfXeXgqzXccvesm1bqcklhWy%2BRRciAQQ2zTCaY1iLKFnxXjZFE%2FApEHJhSr5iS2ID7Y%2BB7A"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-2skps
access-control-allow-credentials: false
cf-ray: 82d758c6adc06a76-TXL
x-amz-cf-id: zwPCRNW7xwXCuxQfAs8j39lvYNly_YKIex2mope4mZFtLhHVL2zJTA==

GET
H3 200 main.min.js Show response
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/127024241524/1695189289311/Hunters_Theme_May_2023/js/ 12 KB
5 KB 75ms
74ms Script
application/javascript 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/127024241524/1695189289311/Hunters_Theme_May_2023/js/main.min.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9973a75239c936fe392a8984622fb34a5f05056607db2a06c62580986a0c7caf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: 3K9C78ZXZYRDTKZD
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"8ed21499a619228fdb2e3357640ca8cb"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1695189289533
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 417c242b19212928b079740e6dd8f54c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: a85j8fi31SRJLt90cxms.k7i21mjM0Yj
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: e6fb4b55-542f-4ab2-8832-1f58c0804429
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 127
alt-svc: h3=":443"; ma=86400
x-amz-id-2: bQmEGXHQdpZF9/iuj3FhFf7z+BlK7/36wGuicLC5U87L9UG6YKI7g6WY9czfQLIThs1ruG7f+qM=
x-evy-trace-route-configuration: listener_https/all
x-request-id: e6fb4b55-542f-4ab2-8832-1f58c0804429
last-modified: Wed, 20 Sep 2023 05:54:50 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0MoeLf%2FeWyhXz5SVAbBhhoFcUnRUrM7D4YuUXQ9bzD%2FZCWebeLjNZ7EPPZ7JjkNpdYd6l7tI8HTTaMaA5bJ9Nk3Xq4Ig3mue78grCH1UHFCOwhUkyZt9L7rb7BGphescoOkDlf2HP6S%2BTnSMaMVb7xn7"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-5d487f56c7-v96mf
access-control-allow-credentials: false
cf-ray: 82d758c6adc16a76-TXL
x-amz-cf-id: KfcBWFjh8-z1wT2Da6MJ9yC6SKIzK1MLO8is3e6Yocd_whMEYmwosg==

GET
H3 200 custom_script.min.js Show response
www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/126882575241/1693291612623/Hunters_Theme_May_2023/js/ 151 B
2 KB 87ms
86ms Script
application/javascript 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/126882575241/1693291612623/Hunters_Theme_May_2023/js/custom_script.min.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fa2622bbcafa420ce5be37bca0ff1e87dacede5fba4f42641d000313b4a1d49

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-request-id: JG6PAG5TAPN1ZDDK
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"4ca3117ba95e8789d0b706f44b545073"
vary: origin, Accept-Encoding
x-amz-meta-created-unix-time-millis: 1693291612737
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 1ac532da7db85d551ad10ca7bd9957b8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: Wh.fFmcfNGDyyXMIXV3QBJ1mayq8w00j
x-amz-cf-pop: IAD61-P1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: ecc7c91a-1848-4521-b8d2-961b31368f55
x-cache: RefreshHit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 243
alt-svc: h3=":443"; ma=86400
x-amz-id-2: RYj5Sh07rbN+WSQnqWiTyWvvTxcP1NeVMdVNuwBoFncLh4dGJIpV809AFVbDbDZdFE97wkc1ohQ=
x-evy-trace-route-configuration: listener_https/all
x-request-id: ecc7c91a-1848-4521-b8d2-961b31368f55
last-modified: Tue, 29 Aug 2023 06:46:53 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XK%2FbteAwLepP8eCvrFBCVrJ3QTyV3H%2BC4XSK884Aa3zNsH99UIcDPH9mIEtmjikuTzeXTU8Um%2FgWcD6ub347lBAQsXikj9Zqt61BhZM0bsGWOinF1fR1%2F%2FTB17yLE%2B14CkkWfsMyRlkZRMpP9BH4fSCC"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-hubfs-td/envoy-proxy-6c8d5c7998-5sf4f
access-control-allow-credentials: false
cf-ray: 82d758c6adc26a76-TXL
x-amz-cf-id: n9K4FWnZCgk9dZ8uBhcx5BAOWY0-VEKIj0thLgGgtBwc_ewr4rnFQw==

GET
H3 200 index.js Show response
www.hunters.security/hs/hsstatic/HubspotToolsMenu/static-1.191/js/ 11 KB
5 KB 60ms
59ms Script
application/javascript 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd5e0c3a0682f03217f201588e51e77bf778d5506224074918f505423f0e25a2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 58c4087ee7253768e2670cf3ebe54ce2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 508612
x-amz-cf-pop: WAW51-P3
x-amz-server-side-encryption: AES256
x-amz-version-id: inhS2tX2f2C4tITR3p2haS.uhsvA9eGz
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 21 Apr 2023 15:17:56 GMT
server: cloudflare
etag: W/"0bbd63c0750f141fd5cec04a9393647e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=msy%2BNKI2upQYGmL%2F2yMDe393SJQPSnjQc9TXa68Nf575694ZpTl1%2Fz7apB1ncAF3q7SO9H62o8UFnRz1JUrFXqwRc2m2F0hl4l%2BEhCBAr24%2FBOIReX2pecss%2BOl%2BtQ4fyQystYNAc2dCsP0XIQOQ991B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 82d758c6adc56a76-TXL
x-amz-cf-id: YwkGN7i7zm0Eu1GuH2hmAzF4eDviW_A27jkj3v7KqTzhRz5kt-Upcg==
expires: Thu, 28 Nov 2024 02:16:07 GMT

GET
H3 200 GraphikSemiboldWeb.woff2
www.hunters.security/hubfs/May%202022/Fonts/Graphik-Semibold/ 34 KB
35 KB 54ms
53ms Font
application/font-woff2 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hubfs/May%202022/Fonts/Graphik-Semibold/GraphikSemiboldWeb.woff2

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a28d627f3677c456980de2b9026548c69a9f542993b2b5b6d8608882fe1e878

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
Origin: https://www.hunters.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-74689240845,FD-74689122096,P-5765386,FLS-ALL
age: 211177
x-amz-request-id: RSW1SYMDPXZ1T004
x-amz-server-side-encryption: AES256
edge-cache-tag: F-74689240845,FD-74689122096,P-5765386,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "e13cf054833eb8ba8d3ffc1e1c2cb82e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1653650498635
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 8b4e911b05f0c34bf3d36e7de31e2172.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: E4J3u.P1u8zLJOqkt22N.5.YJpbVcz61
x-amz-cf-pop: TXL50-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-74689240845,FD-74689122096,P-5765386,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 34772
x-amz-id-2: 7QJXhHJ9r5MvT3iVbnB9Q/RtWs6xzihoOi0cm/tmi+GOLGyarhIXCAIKS7bsRnJVp8dBkXk6XjywiW5NwGBRIw==
last-modified: Fri, 27 May 2022 11:21:39 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhsQ0GdnYeDkLHfhPs2NjGLK0E9mMhQowKG2d9uptQNAau%2BEH78fOa0PZg1qV6%2Bazz%2B%2B%2BvTbvrv5CP4%2FZ5PZ0MTrE3b%2FA%2FPb1A4ibzuD%2FE4NQxC3vREb7uggscGpDzCajW4Dwu3KA6BykfJ65rrfkbZG"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 82d758c6bdc96a76-TXL
x-amz-cf-id: 8t6xurkeNyLpWI5PPQoyh608uBhqihVClpl6h9C4hjgY7nuhdeatJg==

GET
H3 200 GraphikRegularWeb.woff2
www.hunters.security/hubfs/May%202022/Fonts/Graphik-Regular/ 30 KB
31 KB 41ms
41ms Font
application/font-woff2 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hubfs/May%202022/Fonts/Graphik-Regular/GraphikRegularWeb.woff2

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5ef33de34661d7ae6bce5bc0b514687f2813f7ade07b4e2511611c62c7494ac

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
Origin: https://www.hunters.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-74688893267,FD-74688893086,P-5765386,FLS-ALL
age: 211177
x-amz-request-id: 1FH4QPTDP6N4XBHW
x-amz-server-side-encryption: AES256
edge-cache-tag: F-74688893267,FD-74688893086,P-5765386,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "e2d3e1bd2dba862a1c76e2cc88ac1776"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1653650056855
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 9bSL54EBoxaoAARqnLg2bUn5vMLmIfW0
x-amz-cf-pop: FRA56-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-74688893267,FD-74688893086,P-5765386,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 30480
x-amz-id-2: rdNDfwWL+73rlozAXww2FU5fVu1jrnRMghSU8HLZanOr4CEv+4z4p+x+WOsReJIV/8ALchgbODSIjdWK7wXi7ViPvXsPSuBenFraFGKdem4=
last-modified: Fri, 27 May 2022 11:14:17 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZOoUWxjtrlDUAHo%2FztJ3ozzKBZ5fdZy9fY4NC%2Bux3BfKg6rYjKyOYUrF5SjW8n7UnQu7VQXhkFOyP41ATBBJC7XfAwsqC%2FFSMv6kxEzu0stWdy3OE5zr0sKZsxfyyo1Z5DhHByVUM3AGI%2Btbfc%2BKpAX"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 82d758c6bdca6a76-TXL
x-amz-cf-id: KdnrQzsfDeoVzn4ZrsuvFOiJcnCn0Q1OLjATsKN-Jj7AxU75Pyg0Gw==

GET
H3 200 GraphikBoldWeb.woff2
www.hunters.security/hubfs/May%202022/Fonts/Graphik-Bold/ 36 KB
37 KB 48ms
48ms Font
application/font-woff2 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hunters.security/hubfs/May%202022/Fonts/Graphik-Bold/GraphikBoldWeb.woff2

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

424560f6d441470e553c5c2d0e31a7df189ddb73ea43d909714d57b16f024624

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
Origin: https://www.hunters.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
x-amz-meta-cache-tag: F-74687526932,FD-74689491725,P-5765386,FLS-ALL
age: 211106
x-amz-request-id: Y8AFJDTXNCNQJBRW
x-amz-server-side-encryption: AES256
edge-cache-tag: F-74687526932,FD-74689491725,P-5765386,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "0fb4b480278277d351d7afefe46bf6e8"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1653650613120
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: aqs.ab3Smnu9FGL_UhGDqku4oUVVMHEq
x-amz-cf-pop: FRA56-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-74687526932,FD-74689491725,P-5765386,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
content-length: 37044
x-amz-id-2: qTpHfO4mLExQotcufg+Cp0k/K5+AiTrfaXYfQkjXAPDG0CN61o2Ka9v31p8g7mVCCa4EEazWDjE=
last-modified: Fri, 27 May 2022 11:23:34 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iP0zZUhAjDsC08ILWqc7DyW2wUFy%2BYZmxX1X0Rt00OPKj8dwCLGlABgiv7q9SmAwYZeRvzjeLf8nETo%2Bb3w2iKDqSGIj2FhnprJadyWGs4rdlKr%2FgzTwyqvY7gi7wFr2QbXNy3nLvrj7ki%2F%2F8PMrf5MW"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 82d758c6bdcb6a76-TXL
x-amz-cf-id: Mowvun7yisi_1_MD_uOLTLShoOq-AVkEl8UfQZE8ALiq1L9iAtpU4A==

GET
H3 200 image13-2.png
www.hunters.security/hs-fs/hubfs/ 29 KB
30 KB 42ms
42ms Image
image/webp 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hunters.security/hs-fs/hubfs/image13-2.png?width=1408&height=588&name=image13-2.png

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d910589e4444e8383a838461e869f888ccf2d965d388225e48e7dbbcdb2a9d3e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 261dbbb56805d787e4e94407d9511a46.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-146552596822,P-5765386,FLS-ALL
x-hs-https-only: worker
alt-svc: h3=":443"; ma=86400
content-length: 29828
cf-resized: internal=ok/h q=0 n=17+120 c=0+0 v=2023.9.8 l=29828
last-modified: Wed, 22 Nov 2023 02:56:20 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfQ9zukhEzW7T0iN-IBDPnjmQQGkWiWcShZdI1CRPJDQ:1cab7f9e0e627f927a71c7d4bee3815b"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MK0WcXKxJoovVWf%2F5IfTEoFyMPJO%2FoB4%2B8ojKKfiTgF11HZYR6Vxl%2BCYa5itjxZON3qHcXhzf6BhzbfMgnWI3WgDaq4PKdmMUlRd7PC%2FihDXqVqvxRO%2F9kaMn41%2F9rzzvb%2B8vAz3tRcCyMU66MWf6583"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 82d758c6dde86a76-TXL

GET
H3 200 twitter-icon.svg
www.hunters.security/hubfs/March2022/ 927 B
2 KB 49ms
49ms Image
image/svg+xml 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hunters.security/hubfs/March2022/twitter-icon.svg

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d5f628bd87bce595cf9c4a7bf72985cbea5bffab1a535a266f70acc04fd2590

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-69885227289,FD-69047889517,P-5765386,FLS-ALL
age: 39419
x-amz-request-id: 6N7H0D984375W1TS
x-amz-server-side-encryption: AES256
edge-cache-tag: F-69885227289,FD-69047889517,P-5765386,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"59c767f187bf12c75ce744733bfa4597"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1648708913852
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: OzvZViA9VWh6aRDHSIlYEgB3BdAss8oJ
x-amz-cf-pop: FRA56-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-69885227289,FD-69047889517,P-5765386,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 97k+SAWaURVXe7v2PjRViaiZUPNGQH89eNRUco2zAt8Phon9sjTvmfy+HRJhOi8CVPThe3l+eZg=
last-modified: Thu, 31 Mar 2022 06:41:54 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lYFccrJmL%2Fk2IK3ChcXCAlrp1OYaHn9iiGQTTclP51%2FguxH6OdmC76PrzYbFlQFRwyl30ABAXuRlzgUoutKFBa975tpbxJiWmcxlJtCce3tCR6dnTjEaD2V1NxHJUEFAfzAngL%2F%2BJqwdVfry3z%2By5cKY"}],"group":"cf-nel","max_age":604800}
cf-ray: 82d758c6edf86a76-TXL
x-amz-cf-id: j73sV_SwD1HXxIy4QVdsX6ThJkTKtM3JPfu_oJC8t3MkDhdRawtrPg==

GET
H3 200 facebook-icon.svg
www.hunters.security/hubfs/March2022/ 439 B
2 KB 54ms
53ms Image
image/svg+xml 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hunters.security/hubfs/March2022/facebook-icon.svg

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7aa93bbcb9e59933de17dc87bea4276bb73207c62e21b0ddee91dc405cf886af

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-69884547584,FD-69047889517,P-5765386,FLS-ALL
age: 211106
x-amz-request-id: C58RH3WCEF1EDGHB
x-amz-server-side-encryption: AES256
edge-cache-tag: F-69884547584,FD-69047889517,P-5765386,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"5aa3b6d8a63a93d3702a7d475c3a14ef"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1648708913837
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 0c978a13e60975108c0dd1f18364108e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 8LRUO0PLtx3MYutsB6l1mhfL32NUfmGi
x-amz-cf-pop: MXP64-C2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-69884547584,FD-69047889517,P-5765386,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
x-amz-id-2: +IIxsuQZOZKRiiY3XPYKfTWEYFHTINVUTlUkGghjAzjEQhMvt4vp3MemMTqRNImiUowvdobfWpM=
last-modified: Thu, 31 Mar 2022 06:41:54 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gOH%2B6nHwrPziY8KkfA4MnuK1i4zyHRVQOqQd%2B31VkbmLqbgU39lq0SlCG7jtzLztD40hYd%2BKK7LQ6wWDON9zwZ2ZwYE6j%2BjobAInDBI%2FRpI%2BAIWSesoMaAGWJEUzX8W10UKzUzlf4R4drgUe55OkDDvm"}],"group":"cf-nel","max_age":604800}
cf-ray: 82d758c6edf96a76-TXL
x-amz-cf-id: uIeTvHtXcyblc3Z_nr0Qc_Y3p20UYfvUOIoQxCPTT9AhHFiyluVcLQ==

GET
H3 200 instagram-icon.svg
www.hunters.security/hubfs/March2022/ 2 KB
2 KB 44ms
44ms Image
image/svg+xml 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hunters.security/hubfs/March2022/instagram-icon.svg

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ec0979e7bb7143c393e8a431924cbe84a42fa6ad659f0b83530c88b5a349a04

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-69883107502,FD-69047889517,P-5765386,FLS-ALL
age: 403293
x-amz-request-id: 6R9N1G0GTP1TVDPR
x-amz-server-side-encryption: AES256
edge-cache-tag: F-69883107502,FD-69047889517,P-5765386,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"6d9f00570997ce78863203323d206105"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1648708913835
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 52e36d36d4be47cb53b8d42c679428e6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: ohnkeFx5GZM_tWLIt9ZBHORho_g_4kmz
x-amz-cf-pop: TXL50-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-69883107502,FD-69047889517,P-5765386,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
x-amz-id-2: /B647shouBUjfflj7SmVz2XZA+CLMW+EFlxwfe2rzLolsCxduf/fWoEU+xroZYBwtosWt/6NrKY=
last-modified: Thu, 31 Mar 2022 06:41:54 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ynuiYdC7broSI9FEerRsEmyrhuQSiA2zkcGIKvjuhSGSTlH7GmffpdiAWn427CngO7qfiFWsJsMpwB6b2Rs9xSA20CC%2Fa6y8a%2BwEXTLDEmYjqEu5etNOM5XNjrMqx%2BqIJJw%2Fwh7dnYdS6WVzML0%2BgA6g"}],"group":"cf-nel","max_age":604800}
cf-ray: 82d758c6edfb6a76-TXL
x-amz-cf-id: wS6EWZxuW7tmZ5HcL3IlsOJhTYOveNMzMly4F51A0EKqRru0CATMrg==

GET
H3 200 linkedin-icon.svg
www.hunters.security/hubfs/March2022/ 643 B
2 KB 55ms
55ms Image
image/svg+xml 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hunters.security/hubfs/March2022/linkedin-icon.svg

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7802c74a8e2285615d0ee35e104175b11653884c111470744907827543cbb29

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-69884653457,FD-69047889517,P-5765386,FLS-ALL
age: 211106
x-amz-request-id: CBHBT8X98Z3SFXQD
x-amz-server-side-encryption: AES256
edge-cache-tag: F-69884653457,FD-69047889517,P-5765386,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"e0c606f3ed38d3b0e235a9d79e2d50d5"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1648708913834
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: RGaoSmCKiksnnaxFoSo.9rmpZKMbOr0i
x-amz-cf-pop: ZRH50-C1
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-69884653457,FD-69047889517,P-5765386,FLS-ALL
x-amz-meta-index-tag: all
alt-svc: h3=":443"; ma=86400
x-amz-id-2: gPYuOnh55x8NccEI+SfXwhW/vcb+L5owsNuZYvYTZjENi5vB5d7yrblkD8ceeRH7s07UpJt8EHo=
last-modified: Thu, 31 Mar 2022 06:41:54 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fh06gPWhf8qIkxEhw%2FVhE2hCYilXuu7H191pE2Xb4qK5QoFYQDBB3XCz8TeJoGl9Oa6RRtCm6bL%2Bw3PaoZ%2BMF0RdtarWyUetvdYPvrlUSqG1ONPLTJ3Qu%2F%2B6PsUcde%2FMf2jOT15owyZb%2BC2bmQ9dk0jg"}],"group":"cf-nel","max_age":604800}
cf-ray: 82d758c6edfd6a76-TXL
x-amz-cf-id: 9mFLIdZGJprmtweVPXNeqkG5MhdGsUcBRi_AFaYyoxr2I_3TQDp2wA==

GET
H3 200 youtube-icon.svg
www.hunters.security/hubfs/july2022/ 1 KB
2 KB 49ms
49ms Image
image/svg+xml 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hunters.security/hubfs/july2022/youtube-icon.svg

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ca76596a4a51aff45954e24a6dd4e1f148f7f0b16c578e1c919f5e1106a04df

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-80602868852,FD-79786790955,P-5765386,FLS-ALL
age: 211106
x-amz-request-id: E87EREGSBRFTVBAJ
x-amz-server-side-encryption: AES256
edge-cache-tag: F-80602868852,FD-79786790955,P-5765386,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-https-only: worker
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"485d3d8fd140c1a3d379056d6f87c309"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1659162611609
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000
via: 1.1 2ef9ad1c8e8d306617a72c1e978a7716.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: 7SVwuijW7.9ZxDGZl7_ajMufvWc9s565
x-amz-cf-pop: AMS1-P3
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-80602868852,FD-79786790955,P-5765386,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: NQJf3U/TIINAFtqhQuEI5RKlpkMwOMYco2gFlWbamtOmUWc2Oafx5VeQSfMqHOtwDjPk03KhB2o=
last-modified: Sat, 30 Jul 2022 06:30:12 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q9qtGBHShlhh4jcyQIlEw%2FaKzwde7ziF%2Fn8Z1IsJRGnFcxkE31JGg99tQsdR%2FfVKiVw9f3a33CRaU8fyXGVOEuX2y%2BLUsgJsiHxFSM3lzLoj%2B1s3%2B0I7WOAMUdwTYItExsHEu83fh068OxD108Bm9Ncu"}],"group":"cf-nel","max_age":604800}
cf-ray: 82d758c6edfe6a76-TXL
x-amz-cf-id: Ll73fzG0Ogo23_yG_6CtiLFV-dLOoZq64pEoOPHIDft_RV7RCNOvWQ==

GET
H2 200 VqKHtlHBiv3Lc8dabqWd Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 297ms
243ms Script
text/javascript 2606:4700::6810:880f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/VqKHtlHBiv3Lc8dabqWd

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:880f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

943527f5589a02ee70131535e0dd5a600d88ec6cc435a91bfb678cac8cfb0955

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 02:16:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 82d758c79c07450a-TXL
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc: h3=":443"; ma=86400

GET
H2 200 all.js Show response
connect.facebook.net/en_GB/ 3 KB
2 KB 89ms
32ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3492dcee6cb6f749a3c5a92f5e805a4b7822cd4a3ce11ca8fc0ebfc3e924ae69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 29 Nov 2023 02:16:07 GMT
content-md5: 3xp2XaG8sDZSn0ZM+5IkWw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1684
reporting-endpoints
x-fb-debug: 2JLECt5D0V+m5A2iXcCRYah00m2JlGBE3YDXdW3YIrV5LHHU78WYdIAOSzKfzFMb4U1JSVnpcwmqV3VLakIb4Q==
x-fb-content-md5: 9bef4d685d592726b74c9d6eb5869a4b
cross-origin-opener-policy: same-origin-allow-popups
etag: "2c1306b1ea596529d3121e31ddb8a95e"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 29 Nov 2023 02:24:20 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 113ms
28ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BC) /
Resource Hash: 9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 02:16:07 GMT
Content-Encoding: gzip
Age: 1162
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27598
Last-Modified: Mon, 09 Oct 2023 20:29:49 GMT
Server: ECS (frb/67BC)
Etag: "391b7fdf0c468036f27102529636f0ca+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 204 has-permission Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
1 KB 212ms
174ms Script
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=5765386&callback=jsonpHandler

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/hs/hsstatic/HubspotToolsMenu/static-1.191/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 02:16:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: no-sniff
cf-cache-status: DYNAMIC
x-hs-worker-debug-mode: false
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: bc7ab6ec-6685-4685-81a8-c7f2ea899210
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=82d758c78b06451c&resource=unknown"
x-evy-trace-listener: listener_https
x-request-id: bc7ab6ec-6685-4685-81a8-c7f2ea899210
server: cloudflare
x-trace: 2BDBB8064FCBA3E84D01B3A33FE9C1BE9ED3B85922000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7b7f9459cc-xdbnc
x-evy-trace-virtual-host: all
cache-control: max-age=0
access-control-allow-credentials: true
cf-ray: 82d758c78b06451c-TXL

GET
H2 200 slider-arrow-svg.svg
5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/Theme%20-%202022/Images/ 167 B
611 B 101ms
64ms Image
image/svg+xml 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/Theme%20-%202022/Images/slider-arrow-svg.svg
Requested by: Host: www.hunters.security
URL: https://www.hunters.security/hs-fs/hub/5765386/hub_generated/template_assets/133487975192/1693974557567/Hunters_Theme_May_2023/css/blog.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae83cab298fa07ba817359c389252d7333d46894358eafa3ab6183084f6620ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 02:16:07 GMT
via: 1.1 77aa8087323921dee0b130bc0589bda8.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-meta-cache-tag: F-69508665731,FD-67529050204,P-5765386,FLS-ALL
x-amz-version-id: bL.jHGbyNSCIRNfrCyGqYcUzyUsUcKl.
age: 35026
x-amz-cf-pop: MUC50-P1
x-amz-server-side-encryption: AES256
x-amz-request-id: H4Y90WB1HGFHYM6B
x-hs-alternate-content-type: text/plain
edge-cache-tag: F-69508665731,FD-67529050204,P-5765386,FLS-ALL
cache-tag: F-69508665731,FD-67529050204,P-5765386,FLS-ALL
x-amz-meta-index-tag: all
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-id-2: zXZx+d6M1K7xSUwkqoMELLyVKZPQLH//ptrv3UyGXqEucIVkFZ5gHiVOh4Dz2C2tiPQ7xJRlUKE=
last-modified: Sat, 26 Mar 2022 05:09:58 GMT
server: cloudflare
etag: W/"fee26a843c7fdd1c9f17c6adfc9f0450"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1648271397518
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 82d758c798564541-TXL
x-robots-tag: all
x-amz-cf-id: lvciD33lECVaQl3Brie4msa1YdIj4S9UfeJ2cgtPubwd8aIo4JXl6Q==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H2 200 ajax-loader.gif
5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/Theme%20-%202022/Coded_file/ 3 KB
3 KB 97ms
61ms Image
image/gif 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/Theme%20-%202022/Coded_file/ajax-loader.gif
Requested by: Host: www.hunters.security
URL: https://www.hunters.security/hubfs/Theme%20-%202022/Coded_file/slick-theme.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 568d7b83659993469a2d729ad98daba3a7de2568f74d670d18ae618f118fe353

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-meta-cache-tag: F-70405709719,FD-69248485214,P-5765386,FLS-ALL
age: 35026
x-amz-request-id: B8HMFNYCNYKEP9JY
x-amz-server-side-encryption: AES256
edge-cache-tag: F-70405709719,FD-69248485214,P-5765386,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
cf-bgj: imgq:85,h2pri
etag: "c5cd7f5300576ab4c88202b42f6ded62"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1649247868407
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Wed, 29 Nov 2023 02:16:07 GMT
via: 1.1 d3c8e64039dcd16cd7cc4074aaecf75c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: MAvWa1A2j0obAl2z4.DuLXjNnKAy1Xp5
x-amz-cf-pop: CDG53-C1
x-hs-alternate-content-type: text/plain
cf-polished: origSize=4178
x-cache: Miss from cloudfront
cache-tag: F-70405709719,FD-69248485214,P-5765386,FLS-ALL
x-amz-meta-index-tag: all
content-length: 2592
x-amz-id-2: HQJq7dtgnfKwpc6ioEE38FfnzzvM2Thlw5eIbDf4NuD3IfR2ULb3AjdU5hLi63y2UQ6jGweDrRmUWtm744m5HA==
last-modified: Wed, 06 Apr 2022 12:24:29 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 82d758c7985a4541-TXL
x-amz-cf-id: rOVJmE5OOE6nSiYkP6HKIx-MgR5HhI0Gjtbe0ElHbl-bWw-hVGij-g==

GET
H2 200 right-arrow.svg
5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/March2022/ 272 B
753 B 92ms
62ms Image
image/svg+xml 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5765386.fs1.hubspotusercontent-na1.net/hubfs/5765386/March2022/right-arrow.svg
Requested by: Host: www.hunters.security
URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2856b09b8551910e6cb03f10c7c59245716b78864f205ee433fb3109f15fcbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 02:16:07 GMT
via: 1.1 84ca4da5a7ceb4bccfe9632e4992597c.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
x-amz-meta-cache-tag: F-69047833408,FD-69047889517,P-5765386,FLS-ALL
x-amz-version-id: BCXBoPsgYqnM0oNdz5UfoKeTAiJIuz9.
age: 498991
x-amz-cf-pop: MRS52-P2
x-amz-server-side-encryption: AES256
x-amz-request-id: KC5Z6QNZXZG36FQ8
x-hs-alternate-content-type: text/plain
edge-cache-tag: F-69047833408,FD-69047889517,P-5765386,FLS-ALL
cache-tag: F-69047833408,FD-69047889517,P-5765386,FLS-ALL
x-amz-meta-index-tag: all
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-id-2: YcVGsBra8iOxqvSJdvOlXXUkN8pS+j68kn46F0NE80/0JfGY+RZ3+chi8uy8mFpGGYtYd0yh77uGsoJ5L9De/WURfNW7JNJPDAL17K3yAZs=
last-modified: Mon, 21 Mar 2022 05:24:26 GMT
server: cloudflare
etag: W/"fe17677dc5e5a558797d8f08f625efaf"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1647840265758
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
cf-ray: 82d758c7985b4541-TXL
x-robots-tag: all
x-amz-cf-id: uozEflmjTtuwg9vh_mP_H_a0XS9r5__Mz5neQuD5qpGyyV9B9cyugA==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 all.js Show response
connect.facebook.net/en_GB/ 304 KB
86 KB 64ms
34ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/all.js?hash=9fcc4cec5a1ee19dcd51db4b1d7864e2

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

241c8f83c0c3736e03653600e286b784f87a3fd8c533e1a4038610f963b55d1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
Origin: https://www.hunters.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 29 Nov 2023 02:16:07 GMT
content-md5: glixg3FZNIAnUZ45pU3Vdg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87812
reporting-endpoints
x-fb-debug: IfgITyEf6GfBGeDhxaOnkDMClBHo+9DLoQtNQ92xM+rftrRV94MdHZ/0ZQF/0P419qOm5mf0/O/tBldgcKzRyw==
x-fb-content-md5: dd82bc52c943a7d8167dcec290b0a54f
cross-origin-opener-policy: same-origin-allow-popups
etag: "e73aa0c31c8ad78c51dd2b5dafb2b6e9"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 28 Nov 2024 01:04:01 GMT

GET
H/1.1 200
OK widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html Show response
platform.twitter.com/widgets/ Frame 3F00 319 KB
104 KB 28ms
28ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fwww.hunters.security
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 4340611
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Wed, 29 Nov 2023 02:16:07 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 09 Oct 2023 20:29:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6796)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 3F00 869 B
659 B 194ms
131ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=cf55d20b85310ca49324450448b653fa0dc953e0

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.d37472b4a6622d0b1fff46ad904f6896.html?origin=https%3A%2F%2Fwww.hunters.security

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-response-time: 103
date: Wed, 29 Nov 2023 02:16:07 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Wed, 29 Nov 2023 02:16:07 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 1e7de1dba95545ef
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 9f8573ef8adbb02e6099cfb59956b198800b29d11048a5253eabc67827ff65cd
content-length: 337

GET
H2 200 5765386.js Show response
js-na1.hs-scripts.com/ 2 KB
1 KB 430ms
392ms Script
application/javascript 2606:4700::6810:bc59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-na1.hs-scripts.com/5765386.js?_=1701224167366

Requested by

Host: www.hunters.security
URL: https://www.hunters.security/hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bc59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a561cb83c80db72379c07065119080a23717c7db351f177969587255cb5d2a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 02:16:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: cd7fae45-2205-4503-9c35-e6ed0223eabd
x-envoy-upstream-service-time: 14
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: cd7fae45-2205-4503-9c35-e6ed0223eabd
last-modified: Wed, 29 Nov 2023 02:16:10 GMT
server: cloudflare
x-trace: 2B8465E00143F2151471C20ED087914195AF12DC13000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.hunters.security
x-evy-trace-virtual-host: all
cache-control: public, max-age=30
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-66c9b4c4f4-sgqll
cf-ray: 82d758d5ed7544f2-TXL

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/5765386/ 66 KB
20 KB 573ms
536ms Script
text/javascript 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/5765386/banner.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/5765386.js?_=1701224167366
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92ff09e713322e219b810251ccb43b45c513d4373e50f7ea9f26cf12bb6320d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 02:16:10 GMT
x-amz-version-id: z8xO4UkrOmHGFEm5eOOdkzdcmvnAioEY
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: YP81YDZ31KW85BTQ
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: d18b0bbf-297f-490b-a7bc-8423cf668ecd
x-envoy-upstream-service-time: 79
x-amz-id-2: upUC+FkdrbJ0fe0vkHZCR4p6kMfwQdEeWvv8gCjZrX0wS+IItj8dFzxioTLVcy4rZuwt8lEZCTy/dM2UkhdZEtnmZ+XTYIEv
x-evy-trace-listener: listener_https
x-request-id: d18b0bbf-297f-490b-a7bc-8423cf668ecd
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 18 Oct 2023 16:34:51 GMT
server: cloudflare
etag: W/"948cffab939031c6b15b435c301f363d"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.hunters.security
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-576b4d6667-lh5rv
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 82d758d89a0e452e-TXL
expires: Wed, 29 Nov 2023 02:21:10 GMT

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 78 KB
23 KB 215ms
170ms Script
application/javascript 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/5765386.js?_=1701224167366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

130b1d902b2442cbc2a6fbc8cdafeb19ade23945d87bb34b06154e189c888232

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
Origin: https://www.hunters.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.703/bundles/project.js&cfRay=82d758d8aa0d6a73-WAW
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"eeae9414a4b495d32eaa1651e1ed4b53"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.703/bundles/project.js
date: Wed, 29 Nov 2023 02:16:10 GMT
x-amz-version-id: BcevIKeGUB7rPxZQCBNjePrQh0zhFC_B
via: 1.1 66b6cd04ec22251498906e833eb08668.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 00c12f6b-8713-4565-908c-6e4987ffdbb5
x-cache: RefreshHit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 23
x-evy-trace-route-configuration: listener_https/all
x-request-id: 00c12f6b-8713-4565-908c-6e4987ffdbb5
last-modified: Mon, 27 Nov 2023 15:37:51 UTC
server: cloudflare
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QYboSlreqc%2BggANIgY9NbqZunsvTlZrkL7RS1as15xjfVg8nPPOyDW75syxZ6aqcuf%2Bj%2Bd3aKjSoOaluqvcvkR1iEO7oBfR9FkUhaKvEnWkJtH%2FgyKvqL6DSHULq4Vbit%2BjD0tOeo6w6qoor"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7b7f9459cc-m5ddd
cf-ray: 82d758d8aa0d6a73-TXL
x-amz-cf-id: 9Am9kriy5HPhwESSu-wkQIGHEvOstVdyuvjXJ8rkumYCsB21H6xNkA==

GET
H2 200 5765386.js Show response
js.hs-analytics.net/analytics/1701224100000/ 66 KB
21 KB 214ms
177ms Script
text/javascript 2606:4700::6810:4eba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1701224100000/5765386.js
Requested by: Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/5765386.js?_=1701224167366
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4eba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4602e4a6690b61e97c11fa052c66de20a52b112a766a46cb91c213dbd8ed8779

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 02:16:10 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: JCBB693MKXWJHY5E
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 986285ed-5e32-485c-805c-4b3989546956
x-envoy-upstream-service-time: 29
x-amz-id-2: 7BlM1bxZnXQ9NNETK24blysoN0d2l35ZA1X/GvgYXE8d5XPkc9zX/9ntYMXpni5rCe/UBxV0yP7lljfq5uZRVdnvKkUnMohn
x-evy-trace-listener: listener_https
x-request-id: 986285ed-5e32-485c-805c-4b3989546956
x-evy-trace-route-configuration: listener_https/all
last-modified: Fri, 17 Nov 2023 09:47:30 GMT
server: cloudflare
etag: W/"fd78bb9d63b9de1c04e83737e3913aec"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6849bc8697-vvl5l
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 82d758d89dce58f0-TXL
expires: Wed, 29 Nov 2023 02:21:10 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 551 KB
88 KB 81ms
44ms Script
application/javascript 2606:4700::6812:7d0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsleadflows.net/leadflows.js

Requested by

Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/5765386.js?_=1701224167366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7d0c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee041148b4d2b4bfb2a9dbff837265a3484bb6ef80a18174ee45309237654c74

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
Origin: https://www.hunters.security
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-encoding: br
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1275/bundle/main/lead-flows-release.js&cfRay=82d1cc7f7bdf3558-WAW
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"df7c200fc1e8a1a0c9d50df4fbec7e86"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=86400, max-age=0
x-hs-target-asset: lead-flows-js/static-1.1275/bundle/main/lead-flows-release.js
date: Wed, 29 Nov 2023 02:16:10 GMT
x-amz-version-id: RTyeMetKvg_dT1r75rKZucXAeC83sdPJ
via: 1.1 b77313059f3d50280ced20238b151620.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
x-hubspot-correlation-id: 1057a9b6-73c5-4e79-b2a3-3f3419c51037
x-cache: Hit from cloudfront
cache-tag: staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 6
x-evy-trace-route-configuration: listener_https/all
x-request-id: 1057a9b6-73c5-4e79-b2a3-3f3419c51037
last-modified: Wed, 25 Oct 2023 14:35:17 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7b7f9459cc-sd8kc
cf-ray: 82d758d89d7f58e4-TXL
x-amz-cf-id: HfTmu_mHlgFHcXDfFexxi8lJxZawTxNGL85tFkX-N5Y3bys4vScKYQ==

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 63ms
26ms Script
application/javascript 2606:4700::6811:e3a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js-na1.hs-scripts.com
URL: https://js-na1.hs-scripts.com/5765386.js?_=1701224167366

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:e3a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

292aac228fd921c59b11573558f8ad1da44862b501163de439b1ab8545a55333

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 02:16:10 GMT
x-amz-version-id: B.1f45RIrvID.KSLs0Jc6og4iuNlYAT7
via: 1.1 736ad67f05a9a5a8fd5ed8cba30196f4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 5d2b8703-9211-47f0-b7d4-9a97bcf3a490
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.496/bundles/pixels-release.js&cfRay=829edac62ae0503c-WAW
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
age: 436
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 5d2b8703-9211-47f0-b7d4-9a97bcf3a490
last-modified: Mon, 20 Nov 2023 15:18:51 UTC
server: cloudflare
etag: W/"93572e979933531db5d4b291b5532eb8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7b7f9459cc-sd8kc
cf-ray: 82d758d89f58aca4-TXL
x-amz-cf-id: gxrBfAGden0MNSp6mMSYMy__-vIhD3OuayAOUfoPbTHGuiZJKycnBg==
x-hs-target-asset: adsscriptloaderstatic/static-1.496/bundles/pixels-release.js

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
616 B 153ms
153ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4100969504&v=1.1&a=5765386&pi=145529814339&ct=blog-post&ccu=https%3A%2F%2Fwww.hunters.security%2Fen%2Fblog%2Fdelefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover&cpi=145529814339&cgi=24463927651&lpi=145529814339&lvi=145529814339&lvc=en&pu=https%3A%2F%2Fwww.hunters.security%2Fen%2Fblog%2Fdelefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover&t=DeleFriend%3A+Severe+design+flaw+in+Domain+Wide+Delegation+could+leave+Google+Workspace+vulnerable+for+takeover&cts=1701224170522&vi=ea63b6e642363a2c8402c12a229d3890&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 02:16:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: c7b2cb3b-f215-47b3-9fad-f42d016b6559
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 19
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: c7b2cb3b-f215-47b3-9fad-f42d016b6559
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aEqMHEcVfRBxu6yvF5wQYaI510kdCXWbCpvpc6tHyFb4C3UU%2FZsxCi8EuSvwW3J1I7AIKLO2yaXMb%2F12AxUnRKLEHYiA2mDL%2B6CLl5t34k5db60nlbvHJ1Oiv%2FLM3bCxAGn%2BbJZ%2Bou55HeaAW1yV"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-7d79fcfc45-q5wn5
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 82d758d9cd67451c-TXL
x-robots-tag: none

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 369 B
1 KB 145ms
145ms Fetch
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=5765386&currentUrl=https%3A%2F%2Fwww.hunters.security%2Fen%2Fblog%2Fdelefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover&utk=ea63b6e642363a2c8402c12a229d3890&__hstc=27445923.ea63b6e642363a2c8402c12a229d3890.1701224170520.1701224170520.1701224170520.1&__hssc=27445923.1.1701224170521&contentId=145529814339

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14103b64df9857f9f7ad1f02efaafba97ce4772e8d8b448857de69c3537c338d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 02:16:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 2f28c8c5-2807-402f-a495-52a306205edd
content-encoding: br
x-envoy-upstream-service-time: 18
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 2f28c8c5-2807-402f-a495-52a306205edd
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.hunters.security
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i68txr6RvX3os2YnInPcZKGZ2rOBW7%2BZ7%2B28AQEi%2B8vaGcIiib7xYywaU0d6OgE6exSE9q38KwxRDIcPsXnR%2FxPqBoDP80yLhMHKCE4tVQzod2ORc%2FcfTJ%2FgKKIXRx4qmXfTScJDISoEH5K9oKxfUznJgiRBYikjyqQ%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 82d758d9dac56a73-TXL
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-56dcc87b5c-2jf6w

GET
H/1.1 200
OK counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
1 KB 185ms
147ms Image
image/gif 2606:4700::6811:cff9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cff9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 02:16:10 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: MISS
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 08157b0f-c226-47d8-978f-8ddc077b40a5
x-envoy-upstream-service-time: 1
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 08157b0f-c226-47d8-978f-8ddc077b40a5
Last-Modified: Wed, 29 Nov 2023 02:16:10 GMT
Server: cloudflare
X-Trace: 2BF52C0CDD94E1FE3D9813F26B20AF71125FEF4856000000000000000000
Vary: origin, Accept-Encoding
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-56dcc87b5c-bm6nn
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
X-Robots-Tag: none
CF-RAY: 82d758db0bb24541-TXL

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 180 B
1 KB 173ms
135ms XHR
application/json 2606:4700::6811:cbcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=5765386

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cbcc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5398d974b05c83fecc308ce8af06d5ca69ecfe557e9d7f45a6999d07c5bcd82b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 02:16:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 194072de-17b2-4be9-998a-b9e313e4fc94
content-encoding: br
x-envoy-upstream-service-time: 4
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 194072de-17b2-4be9-998a-b9e313e4fc94
server: cloudflare
x-trace: 2BEBD20EE9564CCD5C48F4BABE272CBB7928B4604F000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.hunters.security
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-66c9b4c4f4-278fn
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=759RpzK9AGQApeB6AYVGnWPoqcAeX9F%2FiSEyhukyiiwlREqWwHj2g9F8riknsQZT%2B8u2PEjYEmozClNdsIWMVRQoFHrGjIoFWznNcHMWCNUpUFiNEPi4Pq3JngG6JwAHgTZluLwubhqsqMOd"}],"group":"cf-nel","max_age":604800}
cf-ray: 82d758dc483b58ea-TXL
access-control-allow-headers: *

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 178 B
1 KB 203ms
202ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=5765386&utk=ea63b6e642363a2c8402c12a229d3890&__hstc=27445923.ea63b6e642363a2c8402c12a229d3890.1701224170520.1701224170520.1701224170520.1&__hssc=27445923.1.1701224170521&contentId=145529814339&currentUrl=https%3A%2F%2Fwww.hunters.security%2Fen%2Fblog%2Fdelefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9412e690ec47fdeb84380a5b3694c2ee093ad156e9475ddd5f32fdab028927e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 02:16:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: d0a50dd3-265b-4453-8bc6-d3991fb5906b
content-encoding: br
x-envoy-upstream-service-time: 57
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d0a50dd3-265b-4453-8bc6-d3991fb5906b
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.hunters.security
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uttqWh1I8fn6LyK8SCQ1cmDpWCsioiNDquZKU%2FCWRgnELVpJdafbx%2FDrprcZEYseY7mQbIlcYTBPPFi7VNo6QkK0PK%2F9u6nhBjuF0m6uE9gyzUxQAEWKPei6pC7%2BxPdBsAEodtSqFF%2F2mNkC0qhq"}],"group":"cf-nel","max_age":604800}
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 82d758dc4c596a73-TXL
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-56dcc87b5c-sns29

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
73 KB 251ms
93ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-650970809

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

43a39622e38f6175ee167d939f78b9db5bf2f8128033f6f6ac1108710d69cdc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 02:16:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74242
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 00:02:08 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Nov 2023 02:16:11 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 112ms
32ms Script
application/javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3a7ff26e3fea300cdd6456f976a6b7ac113ebc0e88891359313d02f448213ffe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 02:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 28 Nov 2023 10:31:24 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=29728
accept-ranges: bytes
content-length: 3840

GET
H2 200 insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 42 KB
16 KB 32ms
32ms Script
application/javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.beta.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

357f14f0abddc3ed61b762973944e3b89e20b215e6565eaeea072740b44ae4c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 02:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 28 Nov 2023 10:31:24 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=29788
accept-ranges: bytes
content-length: 15714

GET

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2064881&time=1701224171205&url=https%3A%2F%2Fwww.hunters.security%2Fen%2Fblog%2Fdelefriend-a-newly-discovered-design-flaw-in-domain-wide-delegatio...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2064881&time=1701224171205&url=https%3A%2F%2Fwww.hunters.security%2Fen%2Fblog%2Fdelefriend-a-newly-discovered-design-flaw-in-domain-wide-delegatio...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2064881%26time%3D1701224171205%26url%3Dhttps%253A%252F%252Fwww.hunters.security%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2064881&time=1701224171205&url=https%3A%2F%2Fwww.hunters.security%2Fen%2Fblog%2Fdelefriend-a-newly-discovered-design-flaw-in-domain-wide-delegatio...

0
0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/650970809/ 3 KB
2 KB 235ms
84ms Script
text/javascript 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/650970809/?random=1701224171468&cv=11&fst=1701224171468&bg=ffffff&guid=ON&async=1&gtm=45be3b81v885121730&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hunters.security%2Fen%2Fblog%2Fdelefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover&hn=www.googleadservices.com&frm=0&tiba=DeleFriend%3A%20Severe%20design%20flaw%20in%20Domain%20Wide%20Delegation%20could%20leave%20Google%20Workspace%20vulnerable%20for%20takeover&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=1888414971.1701224171&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-650970809

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

27612e21dd4f123a80555b57da3d011a98b094ed677328828198f74e851eb73d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Nov 2023 02:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1377
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
www.google.com/pagead/1p-user-list/650970809/ 0
0

GET /
www.google.de/pagead/1p-user-list/650970809/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: kit.fontawesome.com
URL: https://kit.fontawesome.com/a076d05399.js

Domain: px.ads.linkedin.com
URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2064881&time=1701224171205&url=https%3A%2F%2Fwww.hunters.security%2Fen%2Fblog%2Fdelefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover&cookiesTest=true&liSync=true

Domain: www.google.com
URL: https://www.google.com/pagead/1p-user-list/650970809/?random=1701224171468&cv=11&fst=1701223200000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v885121730&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hunters.security%2Fen%2Fblog%2Fdelefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover&frm=0&tiba=DeleFriend%3A%20Severe%20design%20flaw%20in%20Domain%20Wide%20Delegation%20could%20leave%20Google%20Workspace%20vulnerable%20for%20takeover&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNOVL9TEHRcmgSBqlJNaid-7I1Kewfqw&random=4088890260&rmt_tld=0&ipr=y

Domain: www.google.de
URL: https://www.google.de/pagead/1p-user-list/650970809/?random=1701224171468&cv=11&fst=1701223200000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v885121730&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.hunters.security%2Fen%2Fblog%2Fdelefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover&frm=0&tiba=DeleFriend%3A%20Severe%20design%20flaw%20in%20Domain%20Wide%20Delegation%20could%20leave%20Google%20Workspace%20vulnerable%20for%20takeover&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNOVL9TEHRcmgSBqlJNaid-7I1Kewfqw&random=4088890260&rmt_tld=1&ipr=y

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.hunters.security/	1970-01-20 16:33:45	Name: __cf_bm Value: qUsod_W8oxNpAjWUjMi3_yMTQSRMad7gt8uPI2NYFlw-1701224167-0-AaiiGHYQGld3tOpik0KuQxqmTM4k4D4Glpsow9kGQ+ieUoUZh4iG3N6sfo/CzKMAtXbjqmOiMSSKxTZYODgWzqA=
.www.hunters.security/	1969-12-31 23:59:59	Name: __cfruid Value: 6f73fe1ec09c6f21744836c7dfbf4e5b3069848e-1701224167
.hubspot.com/	1970-01-20 16:33:45	Name: __cf_bm Value: 5R8LezOdSTm7vesolableYlS542EZyYdkFU8zlkXZQE-1701224167-0-AUddxPxrOZM4QE0LBn87X6FJbM0Y/VAw3B1QpVPQPPgdxUqGzUaSTtQH+linzC55lkzly+lb04asd300VCdKJqQ=
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 1ja065V5Gw9UoP66_x4IaOSOBvnAMGk415qShajnQIA-1701224167761-0-604800000
.ws.zoominfo.com/	1970-01-21 01:19:20	Name: visitorId Value: 0c7ef90b10fb8b7c3f6e60e74475f47fd57a25455a6dc7a16c3931cedacbc177
.zoominfo.com/	1970-01-20 16:33:45	Name: __cf_bm Value: n2Wo3V9joMjT.uW9FEqJStnPTlOL2Ox4VYIJEAQ55HU-1701224167-0-AatlCycgBgDx1mZeg3fbwzRU7A1kgQpxrP0B7pBORHBUpUOBfO+c4UUvPUWgGFPJWbyRAdP5fBPZLDJFlXz5w2U=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: RqT0YfpDWVwJKo1Mifuw0_FINf1_yBeF6YFPT4iehN0-1701224167844-0-604800000
.hunters.security/	1970-01-20 20:52:56	Name: __hstc Value: 27445923.ea63b6e642363a2c8402c12a229d3890.1701224170520.1701224170520.1701224170520.1
.hunters.security/	1970-01-20 20:52:56	Name: hubspotutk Value: ea63b6e642363a2c8402c12a229d3890
.hunters.security/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.hunters.security/	1970-01-20 16:33:45	Name: __hssc Value: 27445923.1.1701224170521

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover(Line 9) Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover(Line 12) Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover(Line 13) Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover(Line 15) Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover(Line 18) Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover(Line 19) Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover(Line 21) Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover(Line 24) Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover(Line 25) Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover(Line 27) Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover(Line 30) Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover(Line 31) Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover(Line 33) Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover(Line 36) Message: <link rel=preload> has an unsupported `type` value
other	warning	URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover(Line 37) Message: <link rel=preload> has an unsupported `type` value
javascript	error	URL: https://www.hunters.security/en/blog/delefriend-a-newly-discovered-design-flaw-in-domain-wide-delegation-could-leave-google-workspace-vulnerable-for-takeover(Line 1185) Message: Access to script at 'https://kit.fontawesome.com/a076d05399.js' from origin 'https://www.hunters.security' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://kit.fontawesome.com/a076d05399.js Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5765386.fs1.hubspotusercontent-na1.net
api.hubapi.com
app.hubspot.com
cdnjs.cloudflare.com
connect.facebook.net
cta-service-cms2.hubspot.com
fonts.googleapis.com
forms.hubspot.com
googleads.g.doubleclick.net
js-na1.hs-scripts.com
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hsleadflows.net
js.hubspot.com
kit.fontawesome.com
perf-na1.hsforms.com
platform.linkedin.com
platform.twitter.com
px.ads.linkedin.com
snap.licdn.com
static.hsappstatic.net
syndication.twitter.com
track.hubspot.com
ws.zoominfo.com
www.google.com
www.google.de
www.googletagmanager.com
www.hunters.security
www.unpkg.com
kit.fontawesome.com
px.ads.linkedin.com
www.google.com
www.google.de
104.244.42.8
2606:2800:233:66b5:799a:7cd3:f74d:7071
2606:2800:234:59:254c:406:2366:268c
2606:2c40::c73c:671d
2606:4700:4400::6812:297c
2606:4700:4400::ac40:991b
2606:4700::6810:4eba
2606:4700::6810:7caf
2606:4700::6810:880f
2606:4700::6810:bc59
2606:4700::6811:180e
2606:4700::6811:cbcc
2606:4700::6811:cff9
2606:4700::6811:e3a3
2606:4700::6812:7d0c
2606:4700::6812:b05d
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2008
2a00:1450:4001:82a::200a
2a02:26f0:3500:16::215:149b
2a03:2880:f084:d:face:b00c:0:3
0c29e718b023d06a8824bd6cc3d2856124f2c41af363a256936e7c7a79a4b8af
0c401405a7e3650dbf6db13ec242dd3ce0656f4356838e6e030c7099b96ae152
0d5f628bd87bce595cf9c4a7bf72985cbea5bffab1a535a266f70acc04fd2590
10dc028779c21e5b3f1bc41e19eaccdca81a38e53e7712439d271ceb6174f534
114684b8fee4cea8c797eb72e7a55cc761ed8f5907bce24454d3f23c2df270f1
130b1d902b2442cbc2a6fbc8cdafeb19ade23945d87bb34b06154e189c888232
14103b64df9857f9f7ad1f02efaafba97ce4772e8d8b448857de69c3537c338d
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
238b1cf831e99615cf4d403ccdecbc5a3a615f2f0f8e92179cc69f9ec7d60b0a
23a2777cbbd78b114125c9276a3b42d568e17909104309e46e94dd2d93b3abd3
241c8f83c0c3736e03653600e286b784f87a3fd8c533e1a4038610f963b55d1c
27612e21dd4f123a80555b57da3d011a98b094ed677328828198f74e851eb73d
27bebe78e3b6a4b1664dd4fa83a8cd0187f051631a06248fefa3ef3991a5a92a
292aac228fd921c59b11573558f8ad1da44862b501163de439b1ab8545a55333
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
3492dcee6cb6f749a3c5a92f5e805a4b7822cd4a3ce11ca8fc0ebfc3e924ae69
34942d531ecf961a2a6777526aef0c7d17f28a4ce9afcac868eb132c700bfe5a
357f14f0abddc3ed61b762973944e3b89e20b215e6565eaeea072740b44ae4c1
368406900c890220c314afd610820f1e635e69e4d3e0275ec060057865f563c0
39dfef8659a1ca6b7b72796a29b2a9a3fde995d66d1a2eb8dd4b62d0f5e37a03
3a7ff26e3fea300cdd6456f976a6b7ac113ebc0e88891359313d02f448213ffe
3d92e113ac3031b838001ddddf965d045f470ff748ff2e116b30378910eeaecb
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
424560f6d441470e553c5c2d0e31a7df189ddb73ea43d909714d57b16f024624
43a39622e38f6175ee167d939f78b9db5bf2f8128033f6f6ac1108710d69cdc6
4602e4a6690b61e97c11fa052c66de20a52b112a766a46cb91c213dbd8ed8779
4aeece6fda59aeaf7ea1271ac3ecbe1189bd88726b444d8813de296f0ad41ad8
4fa2622bbcafa420ce5be37bca0ff1e87dacede5fba4f42641d000313b4a1d49
5398d974b05c83fecc308ce8af06d5ca69ecfe557e9d7f45a6999d07c5bcd82b
568d7b83659993469a2d729ad98daba3a7de2568f74d670d18ae618f118fe353
5b2ccfa8e6a3381d936fcb339a2254dfff4ea71f5114197724a4e2c1eb1c8115
5c15402dcdd0b03490883b62681c0d676af10894c7ce55218650d0f3827c6f0f
5ee453db69de2afe22f2abc664d11aa3b8720f3b24a8d82d2a1d2306be008e93
631550304df547eb64d2d7af3e6bc30bf346fdd47640adefcbe22263b36d65b4
6a28d627f3677c456980de2b9026548c69a9f542993b2b5b6d8608882fe1e878
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b1d913f0ef5cc8fd8d0c483772f5d511071ccc1d441f64292fb7659616f5b79
6ca76596a4a51aff45954e24a6dd4e1f148f7f0b16c578e1c919f5e1106a04df
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
762a5cce3355f95306400b6113dd70cbb8bcf2ce3601fa27297d1899d007ec54
7a561cb83c80db72379c07065119080a23717c7db351f177969587255cb5d2a1
7aa93bbcb9e59933de17dc87bea4276bb73207c62e21b0ddee91dc405cf886af
7e31677db4782bc8c9162fa1b42005aad15d67853f7a496e9fbb493fe2309759
858e1cac76fe710471dd8ce21a84aaee4264ae16ec6df497e37880a6e5d2f86b
87c3ae1ebf322a010fb2191df1679d6e6b7efa7c1bd8e0f8a90f79d43581954b
8bc29c5599015bf466152eafa6da3eaee72241e110589ee6dd2de350569ebfea
8ca9ec4f49125ea152ded022ed0a178beb354a30a8823573a1e5393cd5a79414
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
8ec0979e7bb7143c393e8a431924cbe84a42fa6ad659f0b83530c88b5a349a04
90eefa1db290de170e8127aa6f3ad079f38762aa27b4c885670cf5d757c0f2fa
91f0116d893ce32487b8b683a408b135c15809c7e1b3d8d26bdb5889126f2077
92ff09e713322e219b810251ccb43b45c513d4373e50f7ea9f26cf12bb6320d0
9412e690ec47fdeb84380a5b3694c2ee093ad156e9475ddd5f32fdab028927e4
943527f5589a02ee70131535e0dd5a600d88ec6cc435a91bfb678cac8cfb0955
9521629b75431599b69d208c8de1e08c4fc023401b118973cbb4abbc8189b182
9973a75239c936fe392a8984622fb34a5f05056607db2a06c62580986a0c7caf
a5ef33de34661d7ae6bce5bc0b514687f2813f7ade07b4e2511611c62c7494ac
ae83cab298fa07ba817359c389252d7333d46894358eafa3ab6183084f6620ae
b83025c6af427c862bf1f6599330a1dff8ea8effa9bd200614b5e7a6fed36c64
bc95b09fc339140c69c5136e815b78be4ef324669185635fc3aef462e8d7df83
bd8bc8d28b864110fbeaf0dcbcff8768d830df251a84862928a84a35b83da3af
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
d5ac74ae7bad75e342eeb77f0c16005fcb01eaf5473b584030feb2f9f07e23df
d7802c74a8e2285615d0ee35e104175b11653884c111470744907827543cbb29
d910589e4444e8383a838461e869f888ccf2d965d388225e48e7dbbcdb2a9d3e
da9dad45994fa30a773ffd383f0daba950926e1c95fc807b644554825ac34bf7
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc507001be80bda64a1378c7f6edce7a6fe445dd6712c4eeaed70db462a7e934
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e2856b09b8551910e6cb03f10c7c59245716b78864f205ee433fb3109f15fcbd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9393b6db2f748aa64f0c5dc27a53a7ff16c27ba58513ba2ac47c7af606efcf0
ea9a85e8c7b1ba0c225aec7ced73372fd08fba0bb37faa515a47008aceb550a1
ee041148b4d2b4bfb2a9dbff837265a3484bb6ef80a18174ee45309237654c74
ef4bfee18eaf9bb02c3d3c93ce39551cff6effb9b29678a118c808b0b92489a0
fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5
fd5e0c3a0682f03217f201588e51e77bf778d5506224074918f505423f0e25a2

www.hunters.security Open in urlscan Pro 2606:2c40::c73c:671d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

90 Requests

96 %HTTPS

96 %IPv6

24 Domains

30 Subdomains

24 IPs

2 Countries

2460 kBTransfer

4726 kBSize

11 Cookies

26 Outgoing links

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.hunters.security Open in urlscan Pro
2606:2c40::c73c:671d Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

96 %
HTTPS

96 %
IPv6

24
Domains

30
Subdomains

24
IPs

2
Countries

2460 kB
Transfer

4726 kB
Size

11
Cookies

90 HTTP transactions
0 data transactions