For whitelisting ATTACK Simulator in the Google Workspace platform, please follow the instructions in the video below:

Update – Google Workspace: Image URL Proxy Allowlist

Google Workspace has recently introduced a new setting in the Admin Console called Image URL Proxy Allowlist. This change affects how external images are loaded in emails (including the tracking pixel used by Attack Simulator). To ensure simulations and tests work correctly, all domains used by the platform must be added to this allowlist.

1. Configuration in Google Admin Console

Navigate to:

Admin Console → Apps → Google Workspace → Gmail → End User Access → Image URL proxy allowlist

Add all domains used for sending emails and loading images from simulations.

2. Complete Domain List

The full and always up‑to‑date list of required domains can be found here:

? https://app.attacksimulator.com/whiteslist/test  (see the Email domains section)

This list is automatically maintained and reflects all active domains used by the platform.

3. Propagation Time

After saving the changes, Google indicates that full propagation may take up to 24 hours.