Submitted URL: https://www.synack.com/banner_link_2
Effective URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Submission: On September 06 via api from US — Scanned from IT

Summary

This website contacted 34 IPs in 3 countries across 28 domains to perform 117 HTTP transactions. The main IP is 141.193.213.21, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.synack.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 14th 2024. Valid for: a year.
This is the only time www.synack.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 26 141.193.213.21 209242 (CLOUDFLAR...)
8 142.250.186.168 15169 (GOOGLE)
13 104.18.87.42 13335 (CLOUDFLAR...)
1 216.58.212.138 15169 (GOOGLE)
1 104.18.141.119 13335 (CLOUDFLAR...)
1 104.18.16.5 13335 (CLOUDFLAR...)
1 172.217.18.3 15169 (GOOGLE)
1 172.64.155.119 13335 (CLOUDFLAR...)
4 216.58.212.142 15169 (GOOGLE)
15 2.17.100.184 20940 (AKAMAI-ASN1)
2 184.24.77.20 20940 (AKAMAI-ASN1)
1 104.16.141.209 13335 (CLOUDFLAR...)
5 172.67.70.243 13335 (CLOUDFLAR...)
3 142.250.185.206 15169 (GOOGLE)
1 64.233.167.157 15169 (GOOGLE)
4 142.250.184.194 15169 (GOOGLE)
1 37.252.171.149 29990 (ASN-APPNEX)
1 3 142.250.185.66 15169 (GOOGLE)
1 142.250.186.162 15169 (GOOGLE)
2 13.248.142.121 16509 (AMAZON-02)
3 13.107.42.14 8068 (MICROSOFT...)
1 35.170.94.36 14618 (AMAZON-AES)
1 104.16.160.168 13335 (CLOUDFLAR...)
1 104.17.223.152 13335 (CLOUDFLAR...)
1 172.64.147.16 13335 (CLOUDFLAR...)
3 104.16.117.116 13335 (CLOUDFLAR...)
2 104.16.111.254 13335 (CLOUDFLAR...)
3 172.217.16.196 15169 (GOOGLE)
1 104.18.244.108 13335 (CLOUDFLAR...)
1 104.18.80.204 13335 (CLOUDFLAR...)
1 104.19.175.188 13335 (CLOUDFLAR...)
3 172.64.150.44 13335 (CLOUDFLAR...)
2 104.16.117.43 13335 (CLOUDFLAR...)
117 34
Apex Domain
Subdomains
Transfer
26 synack.com
www.synack.com
776 KB
15 6sc.co
j.6sc.co — Cisco Umbrella Rank: 12402
c.6sc.co — Cisco Umbrella Rank: 16017
ipv6.6sc.co — Cisco Umbrella Rank: 12823
b.6sc.co — Cisco Umbrella Rank: 6896
24 KB
13 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 554
148 KB
8 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
td.doubleclick.net — Cisco Umbrella Rank: 481
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
7 KB
8 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
766 KB
6 google.com
analytics.google.com — Cisco Umbrella Rank: 238
www.google.com — Cisco Umbrella Rank: 10
671 B
5 marker.io
edge.marker.io — Cisco Umbrella Rank: 64188
api.marker.io — Cisco Umbrella Rank: 61956
139 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
3 zi-scripts.com
js.zi-scripts.com — Cisco Umbrella Rank: 15834
4 KB
3 hubspot.com
js.hubspot.com — Cisco Umbrella Rank: 8139
cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 8074
track.hubspot.com — Cisco Umbrella Rank: 5359
27 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 669
2 KB
2 zoominfo.com
ws.zoominfo.com — Cisco Umbrella Rank: 10891
2 KB
2 hsforms.com
perf-na1.hsforms.com — Cisco Umbrella Rank: 8524
forms.hsforms.com — Cisco Umbrella Rank: 9382
3 KB
2 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 9601
forms.hscollectedforms.net — Cisco Umbrella Rank: 9837
25 KB
2 6sense.com
epsilon.6sense.com — Cisco Umbrella Rank: 18992
713 B
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1884
14 KB
2 qualified.com
js.qualified.com — Cisco Umbrella Rank: 50475
app.qualified.com — Cisco Umbrella Rank: 52147
234 KB
1 hubapi.com
api.hubapi.com — Cisco Umbrella Rank: 7580
1 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 5067
26 KB
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 7189
4 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 5135
25 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 176
3 KB
1 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 764
699 B
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 5414
1 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 1019
308 B
1 gstatic.com
fonts.gstatic.com
37 KB
1 hsforms.net
js.hsforms.net — Cisco Umbrella Rank: 14516
157 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
849 B
117 28
Domain Requested by
26 www.synack.com 1 redirects www.synack.com
13 cdn.cookielaw.org www.synack.com
cdn.cookielaw.org
9 b.6sc.co www.synack.com
8 www.googletagmanager.com www.synack.com
www.googletagmanager.com
js.hsadspixel.net
4 td.doubleclick.net www.googletagmanager.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 js.zi-scripts.com www.synack.com
js.zi-scripts.com
3 www.google.com www.synack.com
3 px.ads.linkedin.com snap.licdn.com
www.synack.com
3 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
3 analytics.google.com www.googletagmanager.com
3 edge.marker.io www.synack.com
edge.marker.io
2 ws.zoominfo.com js.zi-scripts.com
2 api.marker.io edge.marker.io
2 epsilon.6sense.com j.6sc.co
2 ipv6.6sc.co j.6sc.co
2 c.6sc.co j.6sc.co
2 snap.licdn.com www.googletagmanager.com
js.hsadspixel.net
2 j.6sc.co www.googletagmanager.com
www.synack.com
1 track.hubspot.com
1 forms.hsforms.com www.synack.com
1 perf-na1.hsforms.com www.synack.com
1 api.hubapi.com js.hsadspixel.net
1 forms.hscollectedforms.net js.hscollectedforms.net
1 cta-service-cms2.hubspot.com js.hubspot.com
1 js.hscollectedforms.net js.hs-scripts.com
1 js.hubspot.com js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hsadspixel.net js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 app.qualified.com js.qualified.com
1 www.googleadservices.com www.googletagmanager.com
1 secure.adnxs.com j.6sc.co
1 stats.g.doubleclick.net www.googletagmanager.com
1 js.hs-scripts.com www.googletagmanager.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 fonts.gstatic.com fonts.googleapis.com
1 js.qualified.com www.synack.com
1 js.hsforms.net www.synack.com
1 fonts.googleapis.com www.synack.com
117 40
Subject Issuer Validity Valid
www.synack.com
Go Daddy Secure Certificate Authority - G2
2024-08-14 -
2025-08-14
a year crt.sh
*.google-analytics.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
cookielaw.org
WE1
2024-08-13 -
2024-11-11
3 months crt.sh
upload.video.google.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
hsforms.net
WE1
2024-08-11 -
2024-11-09
3 months crt.sh
qualified.com
WE1
2024-09-04 -
2024-12-03
3 months crt.sh
*.gstatic.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
geolocation.onetrust.com
WE1
2024-08-13 -
2024-11-11
3 months crt.sh
6sc.co
R11
2024-07-03 -
2024-10-01
3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2023-12-13 -
2024-12-12
a year crt.sh
hs-scripts.com
WE1
2024-07-29 -
2024-10-27
3 months crt.sh
marker.io
WE1
2024-08-12 -
2024-11-10
3 months crt.sh
*.google.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.g.doubleclick.net
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.doubleclick.net
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2024-02-14 -
2025-03-16
a year crt.sh
www.googleadservices.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
*.6sense.com
Amazon RSA 2048 M03
2024-03-31 -
2025-04-29
a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2024-08-27 -
2025-02-27
6 months crt.sh
app.qualified.com
R11
2024-07-21 -
2024-10-19
3 months crt.sh
hs-analytics.net
WE1
2024-08-09 -
2024-11-07
3 months crt.sh
hsadspixel.net
WE1
2024-08-12 -
2024-11-10
3 months crt.sh
hs-banner.com
WE1
2024-07-27 -
2024-10-25
3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3
2024-01-06 -
2024-12-31
a year crt.sh
hscollectedforms.net
WE1
2024-07-25 -
2024-10-23
3 months crt.sh
www.google.com
WR2
2024-08-12 -
2024-11-04
3 months crt.sh
hubapi.com
E6
2024-08-30 -
2024-11-28
3 months crt.sh
hsforms.com
WE1
2024-08-12 -
2024-11-10
3 months crt.sh
zi-scripts.com
WE1
2024-07-25 -
2024-10-23
3 months crt.sh
zoominfo.com
E5
2024-08-14 -
2024-11-12
3 months crt.sh

This page contains 6 frames:

Primary Page: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Frame ID: C636F8A632AAFFD7ACF6CD8742C32503
Requests: 107 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-XVS579G3KG&gacid=1936826387.1725616605&gtm=45je4940v870611089za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=17824095
Frame ID: 566E3D2DB8EF5242C52710B51B5AF804
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/AW-952412761?random=1725616605242&cv=11&fst=1725616605242&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4940z876206402za201zb76206402&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&hn=www.googleadservices.com&frm=0&tiba=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&npa=0&pscdl=noapi&auid=1680191689.1725616605&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 782B3ED091BDF19CAC1244F57F4EC188
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/952412761?random=1725616605280&cv=11&fst=1725616605280&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4940v888931320z876206402za201zb76206402&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&label=-EdECKePxfkBENnUksYD&hn=www.googleadservices.com&frm=0&tiba=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=1680191689.1725616605&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&ct_cookie_present=0
Frame ID: E067EB360E856B1321DAC79B3DDC7105
Requests: 1 HTTP requests in this frame

Frame: https://app.qualified.com/w/1/wMSIsrvzp9xgEeyW/messenger?uuid=8e0554c9-6471-4bee-a091-3a1237c34509
Frame ID: 328338C64296186130ACCF8C7DFCA89F
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/952412761?random=1725616607036&cv=11&fst=1725616607036&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4940v888931320za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&hn=www.googleadservices.com&frm=0&tiba=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1680191689.1725616605&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: B65B8BAB8C78C791D0212FEDB88A946A
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Mind the Gap: Attack Surface Discovery and PTaaS | Blog | Synack

Page URL History Show full URLs

  1. https://www.synack.com/banner_link_2 HTTP 301
    https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

117
Requests

97 %
HTTPS

0 %
IPv6

28
Domains

40
Subdomains

34
IPs

3
Countries

2447 kB
Transfer

7510 kB
Size

32
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.synack.com/banner_link_2 HTTP 301
    https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/952412761/?random=1525034900&cv=11&fst=1725616605280&bg=ffffff&guid=ON&async=1&gtm=45be4940v888931320z876206402za201zb76206402&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&label=-EdECKePxfkBENnUksYD&hn=www.googleadservices.com&frm=0&tiba=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&value=0&npa=0&pscdl=noapi&auid=1680191689.1725616605&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgijxbECCJvHsQJKFXRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&eitems=ChAI8NDqtgYQu4_-0ffrtI9HEh0AMO5CNKjplRGgJOlE3vIOz1as2Nuq4Y12m84pAA&pscrd=IhMIqsis5oauiAMVwZb9Bx2s2gIjMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhdodHRwczovL3d3dy5zeW5hY2suY29tLw HTTP 302
  • https://www.google.com/pagead/1p-conversion/952412761/?random=1525034900&cv=11&fst=1725616605280&bg=ffffff&guid=ON&async=1&gtm=45be4940v888931320z876206402za201zb76206402&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&label=-EdECKePxfkBENnUksYD&hn=www.googleadservices.com&frm=0&tiba=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&value=0&npa=0&pscdl=noapi&auid=1680191689.1725616605&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgijxbECCJvHsQJKFXRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIqsis5oauiAMVwZb9Bx2s2gIjMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhdodHRwczovL3d3dy5zeW5hY2suY29tLw&is_vtc=1&cid=CAQSGwDpaXnfGBuAsE3H6wZQDHKpa8KT3Ya6t_flpA&eitems=ChAI8NDqtgYQu4_-0ffrtI9HEh0AMO5CNN4rZeVlKLgbP5oS7PnonMMoi7COS-F43g&random=1363277075

117 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Redirect Chain
  • https://www.synack.com/banner_link_2
  • https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
219 KB
24 KB
Document
General
Full URL
https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
ff66dd8c4052928d0aef689ba10b94d8cef0b91e918a11fae297d453e062a8f2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8bed97391b940e2a-MXP
content-encoding
br
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
content-type
text/html; charset=UTF-8
date
Fri, 06 Sep 2024 09:56:43 GMT
link
<https://www.synack.com/?p=21660>; rel=shortlink
permissions-policy
feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
referrer-policy
origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=63072000
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 4
x-cache-group
normal
x-cacheable
YES:600.000
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
WP Engine
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8bed973728fb0e2a-MXP
content-type
text/html; charset=UTF-8
date
Fri, 06 Sep 2024 09:56:43 GMT
expires
Fri, 06 Sep 2024 10:47:37 GMT
location
https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
server
cloudflare
strict-transport-security
max-age=63072000
x-cache
HIT: 2
x-cache-group
normal
x-cacheable
non200
x-powered-by
WP Engine
x-redirect-by
redirection
18f1ad48-3d9a-4035-921f-c419423ee0f3
https://www.synack.com/ Frame
0
0

simple-banner.css
www.synack.com/wp-content/plugins/simple-banner/
892 B
354 B
Stylesheet
General
Full URL
https://www.synack.com/wp-content/plugins/simple-banner/simple-banner.css?ver=3.0.3
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
22e999690564c5c0dfa82424c1253fb6062f8cf1d9487eda9aebab07e01144b9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:43 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status
HIT
age
12452
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Fri, 06 Sep 2024 04:31:42 GMT
server
cloudflare
etag
W/"66da85ae-37c"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
cf-ray
8bed973b5ece0e2a-MXP
style.css
www.synack.com/wp-content/themes/synack/
5 KB
1 KB
Stylesheet
General
Full URL
https://www.synack.com/wp-content/themes/synack/style.css
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
77ae82e50807147cbbe51b2516821c6ad183d0a8751f8a16f4d1a973b24682ed
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:43 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status
HIT
age
16268
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 05 Sep 2024 15:16:57 GMT
server
cloudflare
etag
W/"66d9cb69-1400"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
cf-ray
8bed973b5ed00e2a-MXP
style.css
www.synack.com/wp-content/plugins/bol-resource-library/assets/css/
10 KB
3 KB
Stylesheet
General
Full URL
https://www.synack.com/wp-content/plugins/bol-resource-library/assets/css/style.css?ver=2
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b840ccb15d3d1e2aba4b223ea4b89b7ea234376d5968508083177671f23ecd0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:43 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status
HIT
age
8212
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 16 May 2024 17:03:15 GMT
server
cloudflare
etag
W/"66463c53-284d"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
cf-ray
8bed973b5ed20e2a-MXP
jquery.min.js
www.synack.com/wp-includes/js/jquery/
86 KB
31 KB
Script
General
Full URL
https://www.synack.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:43 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status
HIT
age
8211
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Mon, 28 Aug 2023 17:14:23 GMT
server
cloudflare
etag
W/"64ecd5ef-15601"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
cf-ray
8bed973b5ed40e2a-MXP
jquery-migrate.min.js
www.synack.com/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://www.synack.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:43 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status
HIT
age
8211
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
server
cloudflare
etag
W/"6482bd64-3509"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
cf-ray
8bed973b7ef80e2a-MXP
simple-banner.js
www.synack.com/wp-content/plugins/simple-banner/
7 KB
2 KB
Script
General
Full URL
https://www.synack.com/wp-content/plugins/simple-banner/simple-banner.js?ver=3.0.3
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
aee3a1ac4a8a058037f6a49fe3f1c8592c797f7872958e57526011de14ab9436
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:43 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status
HIT
age
12452
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Fri, 06 Sep 2024 04:31:42 GMT
server
cloudflare
etag
W/"66da85ae-1db6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
cf-ray
8bed973b7efc0e2a-MXP
js
www.googletagmanager.com/gtag/
201 KB
73 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-38714717-1
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f24fcf0b9f703388dc47b2fbefa7cca040802fda7de87a4244c8e1d230450578
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
74276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 06 Sep 2024 09:56:44 GMT
OtAutoBlock.js
cdn.cookielaw.org/consent/6f5eb47e-d844-48ff-8a69-bdd05b58172b/
16 KB
3 KB
Script
General
Full URL
https://cdn.cookielaw.org/consent/6f5eb47e-d844-48ff-8a69-bdd05b58172b/OtAutoBlock.js
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23ba89ab90e39bad03d966a8080e150db8c75187d5accccb304b2e116609cb7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Sep 2024 09:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
34268
content-md5
jdUdoFdP4TT1O8dqeZ1+iQ==
content-length
3203
x-ms-lease-status
unlocked
last-modified
Wed, 08 Mar 2023 23:17:39 GMT
server
cloudflare
etag
0x8DB202B4FD453A1
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
87247bed-a01e-006b-6229-15be77000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8bed973df8620e93-MXP
expires
Sat, 07 Sep 2024 09:56:43 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
21 KB
7 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50377d1d3e7dcb2c8298feb8d2505099df1957e3700a358b993b4cf443fd36e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Sep 2024 09:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
p+39a+/XEcZfNKybQjgXjA==
age
55352
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6882
x-ms-lease-status
unlocked
last-modified
Tue, 03 Sep 2024 16:39:46 GMT
server
cloudflare
etag
0x8DCCC37056A183D
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
225937f4-d01e-0086-0131-fec758000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8bed973df8630e93-MXP
expires
Fri, 06 Sep 2024 18:34:11 GMT
style-main.css
www.synack.com/wp-content/themes/synack/webroot/css/
346 KB
48 KB
Stylesheet
General
Full URL
https://www.synack.com/wp-content/themes/synack/webroot/css/style-main.css?v=20231013
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5141aa2cbb1361e5852ed97c43c449fb6824bbacc196d828b33a2b4130200b2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:43 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status
HIT
age
16689
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 05 Sep 2024 15:16:57 GMT
server
cloudflare
etag
W/"66d9cb69-56886"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
cf-ray
8bed973b7eff0e2a-MXP
css2
fonts.googleapis.com/
2 KB
849 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&display=swap
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f10.1e100.net
Software
ESF /
Resource Hash
492d00e4a4110b712efd91a46f205045b2f207df8bc960be6f46b0964107f7cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 06 Sep 2024 09:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 06 Sep 2024 09:46:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 06 Sep 2024 09:56:43 GMT
v2.js
js.hsforms.net/forms/
483 KB
157 KB
Script
General
Full URL
https://js.hsforms.net/forms/v2.js
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.141.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69f9f19bd433b1317c2e2adf4b0d99a7655e6d878b35a970a5311227c6ad0a04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
x-evy-trace-route-service-name
envoyset-translator
age
360
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5999/bundles/project-v2.js&cfRay=8bd6883a4ddc711f-OTP
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"6baa082bb753a0d6d6e8a595ed1a8003"
vary
accept-encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
forms-embed/static-1.5999/bundles/project-v2.js
date
Fri, 06 Sep 2024 09:56:43 GMT
via
1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-version-id
AFaf8mWb39Qooe1K5qzICbDOfESNQB7s
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
e1c621b9-1fb9-4c4a-91a2-28505768ef80
x-cache
Hit from cloudfront
cache-tag
staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
e1c621b9-1fb9-4c4a-91a2-28505768ef80
last-modified
Tue, 03 Sep 2024 14:36:36 UTC
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2bUQp22n8tPaoA9%2F%2B7rJrPwxvdQIzGXLTO9o0acNHBMdgAfab9I644JZfRI2AGKbZLtNSf3e1wR2d68S5xCPWMkOJOVoXobgE3rjJsgGuASnrfgx8skQTUNKpouzHRJu"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-5f4dcb8bc8-tw7fj
cf-ray
8bed973e4b71bb23-MXP
x-amz-cf-id
vHgvi08avWFLrhsp9XYzv2rQcWRkP-Vv0sSR08WirlM1C4fE2CnXEA==
blazy.png
www.synack.com/wp-content/themes/synack/webroot/images/
72 B
257 B
Image
General
Full URL
https://www.synack.com/wp-content/themes/synack/webroot/images/blazy.png
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
662909c49c1ce344adeac34addace8b0824701d47cf5fb3fe1fcc7cd1fdb4fb5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:43 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status
MISS
alt-svc
h3=":443"; ma=86400
content-length
72
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Sun, 19 Nov 2023 10:31:29 GMT
server
cloudflare
etag
"6559e401-48"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000, private
permissions-policy
feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
accept-ranges
bytes
cf-ray
8bed973b7f020e2a-MXP
expires
Sat, 06 Sep 2025 09:56:43 GMT
ASD-mgmt-status-quo-graphic.png
www.synack.com/wp-content/uploads/2024/02/
9 KB
9 KB
Image
General
Full URL
https://www.synack.com/wp-content/uploads/2024/02/ASD-mgmt-status-quo-graphic.png
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d0984ab99052526b5012f34d8784261f737548ca3b3f976d8678f7f103d00c1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:43 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status
MISS
alt-svc
h3=":443"; ma=86400
content-length
9564
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 29 Feb 2024 04:09:02 GMT
server
cloudflare
etag
"65e0035e-255c"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000, private
permissions-policy
feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
accept-ranges
bytes
cf-ray
8bed973b7f030e2a-MXP
expires
Sat, 06 Sep 2025 09:56:43 GMT
image5-edited.png
www.synack.com/wp-content/uploads/2024/02/
31 KB
31 KB
Image
General
Full URL
https://www.synack.com/wp-content/uploads/2024/02/image5-edited.png
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d23492bdf2468bd59c6e3437e4b2f3eac9b3e49a362f5b692a7e8d520d0b06e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:43 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status
MISS
alt-svc
h3=":443"; ma=86400
content-length
32082
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 29 Feb 2024 04:18:38 GMT
server
cloudflare
etag
"65e0059e-7d52"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000, private
permissions-policy
feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
accept-ranges
bytes
cf-ray
8bed973b7f040e2a-MXP
expires
Sat, 06 Sep 2025 09:56:43 GMT
image4-1024x769.png
www.synack.com/wp-content/uploads/2024/02/
38 KB
39 KB
Image
General
Full URL
https://www.synack.com/wp-content/uploads/2024/02/image4-1024x769.png
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b285d921093f27e5ab892c052f60d465383c6072300faf20ac3028628f889f61
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:43 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status
MISS
alt-svc
h3=":443"; ma=86400
content-length
39362
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 29 Feb 2024 04:14:22 GMT
server
cloudflare
etag
"65e0049e-99c2"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000, private
permissions-policy
feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
accept-ranges
bytes
cf-ray
8bed973ce8ee0e2a-MXP
expires
Sat, 06 Sep 2025 09:56:43 GMT
image3-1024x728.png
www.synack.com/wp-content/uploads/2024/02/
47 KB
47 KB
Image
General
Full URL
https://www.synack.com/wp-content/uploads/2024/02/image3-1024x728.png
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
53c7184a496de140179411b078803cf05e88b506583947870a6d050f723b85e1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:44 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status
MISS
alt-svc
h3=":443"; ma=86400
content-length
48458
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 29 Feb 2024 04:15:51 GMT
server
cloudflare
etag
"65e004f7-bd4a"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000, private
permissions-policy
feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
accept-ranges
bytes
cf-ray
8bed973d89bc0e2a-MXP
expires
Sat, 06 Sep 2025 09:56:43 GMT
logo.svg
www.synack.com/wp-content/themes/synack/webroot/images/footer/
4 KB
2 KB
Image
General
Full URL
https://www.synack.com/wp-content/themes/synack/webroot/images/footer/logo.svg
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b1ea6cd586a8e44d9387d438c1bf23a83200feea1da2f21ee8097c14e64bb33
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:44 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status
HIT
age
12453
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 05 Sep 2024 15:16:57 GMT
server
cloudflare
etag
W/"66d9cb69-114d"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
cf-ray
8bed973fbcc30e2a-MXP
my-privacy-choices-check.webp
www.synack.com/wp-content/themes/synack/webroot/images/footer/
738 B
832 B
Image
General
Full URL
https://www.synack.com/wp-content/themes/synack/webroot/images/footer/my-privacy-choices-check.webp
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b317df5e031bd027cf564feae4589bdccf44929cea1ee7bbeb7cdd3b80ff95ed
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:44 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status
MISS
alt-svc
h3=":443"; ma=86400
content-length
738
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 05 Sep 2024 15:16:57 GMT
server
cloudflare
etag
"66d9cb69-2e2"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000, private
permissions-policy
feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
accept-ranges
bytes
cf-ray
8bed973fbcc50e2a-MXP
expires
Sat, 06 Sep 2025 09:56:44 GMT
additional-polyfills.js
www.synack.com/wp-content/themes/synack/webroot/js/
5 KB
2 KB
Script
General
Full URL
https://www.synack.com/wp-content/themes/synack/webroot/js/additional-polyfills.js?v=20231016
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e478aa5a84ca62d2450fbe0cedf13085f987dc1c3c4b30e8683701f20a4aadd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:44 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status
HIT
age
8211
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 05 Sep 2024 15:16:57 GMT
server
cloudflare
etag
W/"66d9cb69-12f1"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
cf-ray
8bed973edba20e2a-MXP
manifest.js
www.synack.com/wp-content/themes/synack/webroot/js/
3 KB
2 KB
Script
General
Full URL
https://www.synack.com/wp-content/themes/synack/webroot/js/manifest.js?v=20231016
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2257ecae3d22c703a36089996962128138034931396b59d6ce0e302c485cd62
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:44 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status
HIT
age
16690
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 05 Sep 2024 15:16:57 GMT
server
cloudflare
etag
W/"66d9cb69-bf7"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
cf-ray
8bed973f4c380e2a-MXP
vendor.js
www.synack.com/wp-content/themes/synack/webroot/js/
512 KB
170 KB
Script
General
Full URL
https://www.synack.com/wp-content/themes/synack/webroot/js/vendor.js?v=20231016
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffa26c1e29a1439ff072c1fe246f6cb68cbdf255da969f705c7d7b91ad75d785
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:44 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status
HIT
age
8211
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 05 Sep 2024 15:16:57 GMT
server
cloudflare
etag
W/"66d9cb69-7feb8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
cf-ray
8bed973fbcc10e2a-MXP
app.js
www.synack.com/wp-content/themes/synack/webroot/js/
38 KB
7 KB
Script
General
Full URL
https://www.synack.com/wp-content/themes/synack/webroot/js/app.js?v=20231016
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b8487412015c87df70a04ab7dd4a2b816897d483512a0cb1eab01045232385a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:44 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status
HIT
age
16689
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 05 Sep 2024 15:16:57 GMT
server
cloudflare
etag
W/"66d9cb69-98d7"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
cf-ray
8bed973fbcc20e2a-MXP
qualified.js
js.qualified.com/
1002 KB
234 KB
Script
General
Full URL
https://js.qualified.com/qualified.js?token=wMSIsrvzp9xgEeyW
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.16.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3afd5cb1c9a449869bcb73939fcbace93f9dfc1aecd15c5ae86edcd6c8fdfb3c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:44 GMT
content-encoding
gzip
via
1.1 spaces-router (baa76bb17a64)
strict-transport-security
max-age=63072000; includeSubDomains
cf-cache-status
HIT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
1624
x-xss-protection
1; mode=block
x-request-id
d845db56-da26-48b5-48b5-2cd33025d822
x-runtime
0.015561
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"ea48df6d1ac82584bfa2dd9e93e81439"
x-download-options
noopen
vary
Accept,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
8bed9740fe5f4bef-MXP
expires
Fri, 06 Sep 2024 13:56:44 GMT
gtm.js
www.googletagmanager.com/
350 KB
116 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W82WNBG
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
9ef61d1693b6a3aa88605f051f2acc6522cfea5f53937eca31ead29cdfb5b557
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
118869
x-xss-protection
0
last-modified
Fri, 06 Sep 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 06 Sep 2024 09:56:44 GMT
6f5eb47e-d844-48ff-8a69-bdd05b58172b.json
cdn.cookielaw.org/consent/6f5eb47e-d844-48ff-8a69-bdd05b58172b/
4 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/6f5eb47e-d844-48ff-8a69-bdd05b58172b/6f5eb47e-d844-48ff-8a69-bdd05b58172b.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b8595b688ffd0297d0c6a51090ba03399a8f750fee8f46e1f83919f5e0a469
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Sep 2024 09:56:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
63171
content-md5
Qh5a6/rX/4xSWyxlwxnPRA==
content-length
1674
x-ms-lease-status
unlocked
last-modified
Wed, 08 Mar 2023 23:17:41 GMT
server
cloudflare
etag
0x8DB202B50D2D8D3
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
fe9608e2-e01e-006a-5390-22e1ab000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8bed974148fc4c4e-MXP
expires
Sat, 07 Sep 2024 09:56:44 GMT
blazy.png
www.synack.com/wp-content/themes/synack/webroot/images/
72 B
0
Image
General
Full URL
https://www.synack.com/wp-content/themes/synack/webroot/images/blazy.png
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
662909c49c1ce344adeac34addace8b0824701d47cf5fb3fe1fcc7cd1fdb4fb5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:43 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options
nosniff
cf-cache-status
MISS
alt-svc
h3=":443"; ma=86400
content-length
72
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Sun, 19 Nov 2023 10:31:29 GMT
server
cloudflare
etag
"6559e401-48"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000, private
permissions-policy
feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
accept-ranges
bytes
cf-ray
8bed973b7f020e2a-MXP
expires
Sat, 06 Sep 2025 09:56:43 GMT
rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2
fonts.gstatic.com/s/dmsans/v15/
36 KB
37 KB
Font
General
Full URL
https://fonts.gstatic.com/s/dmsans/v15/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=DM+Sans:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f3.1e100.net
Software
sffe /
Resource Hash
258f9f1b553bb57419619f41d3b1445226c7bc63d2a3409efef4a68426709e94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.synack.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 08:35:27 GMT
x-content-type-options
nosniff
age
523277
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36848
x-xss-protection
0
last-modified
Thu, 21 Mar 2024 23:58:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 31 Aug 2025 08:35:27 GMT
footer-shape.jpg
www.synack.com/wp-content/themes/synack/webroot/images/footer/
5 KB
5 KB
Image
General
Full URL
https://www.synack.com/wp-content/themes/synack/webroot/images/footer/footer-shape.jpg
Requested by
Host: www.synack.com
URL: https://www.synack.com/wp-content/themes/synack/webroot/css/style-main.css?v=20231013
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d2bcb574a8847ce3950feafa475c5de4d780c2321d5ec7894880f348008d0c9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:44 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status
MISS
alt-svc
h3=":443"; ma=86400
content-length
4852
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Sun, 19 Nov 2023 10:31:29 GMT
server
cloudflare
etag
"6559e401-12f4"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000, private
permissions-policy
feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
accept-ranges
bytes
cf-ray
8bed973fed020e2a-MXP
expires
Sat, 06 Sep 2025 09:56:44 GMT
synack-ASD-blog.jpg
www.synack.com/wp-content/uploads/2024/02/
338 KB
338 KB
Image
General
Full URL
https://www.synack.com/wp-content/uploads/2024/02/synack-ASD-blog.jpg
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2078776d6f374fb6a40f82c3b53d2258841f86e76f1323e3a45955c9f75b58ee
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:44 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status
MISS
alt-svc
h3=":443"; ma=86400
content-length
345616
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 29 Feb 2024 04:06:49 GMT
server
cloudflare
etag
"65e002d9-54610"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000, private
permissions-policy
feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
accept-ranges
bytes
cf-ray
8bed9740ee750e2a-MXP
expires
Sat, 06 Sep 2025 09:56:44 GMT
wp-emoji-release.min.js
www.synack.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://www.synack.com/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:44 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status
HIT
age
8208
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 27 Jun 2024 13:51:43 GMT
server
cloudflare
etag
W/"667d6e6f-4926"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
permissions-policy
feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
cf-ray
8bed9740fe780e2a-MXP
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
69 B
308 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.155.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6964d03a8ab5896300c3dd5cb3fc6fa302ef3d1b5453d2021282038af12e5679
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
8bed97449c6ebaff-MXP
access-control-allow-headers
Content-Type
js
www.googletagmanager.com/gtag/
312 KB
104 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XVS579G3KG&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38714717-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
0592b259f7c8f5cbc1b2045cba88d8fd68613256b4a537960ac5f3423cda69c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106327
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 06 Sep 2024 09:56:44 GMT
js
www.googletagmanager.com/gtag/
318 KB
105 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9891KWEZPK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38714717-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
662df1769f7c2697922fefa3ae69b72cded6313ac635685f1d5371ec72d58a12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
107233
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 06 Sep 2024 09:56:44 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38714717-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 06 Sep 2024 09:20:02 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2203
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 06 Sep 2024 11:20:02 GMT
synack-ASD-blog.jpg
www.synack.com/wp-content/uploads/2024/02/
338 KB
0
Image
General
Full URL
https://www.synack.com/wp-content/uploads/2024/02/synack-ASD-blog.jpg
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2078776d6f374fb6a40f82c3b53d2258841f86e76f1323e3a45955c9f75b58ee
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:44 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options
nosniff
cf-cache-status
MISS
alt-svc
h3=":443"; ma=86400
content-length
345616
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 29 Feb 2024 04:06:49 GMT
server
cloudflare
etag
"65e002d9-54610"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000, private
permissions-policy
feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
accept-ranges
bytes
cf-ray
8bed9740ee750e2a-MXP
expires
Sat, 06 Sep 2025 09:56:44 GMT
e625e662-1b3e-4698-be5e-6fba78fa4914.js
j.6sc.co/j/
5 KB
2 KB
Script
General
Full URL
https://j.6sc.co/j/e625e662-1b3e-4698-be5e-6fba78fa4914.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W82WNBG
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1b16993de3c2b48ce2e592a524fc27cda65b89808d62c5927c7b62b1a4dc409c

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
o.MsbIYXKRuERzaGmciAk_rhOXnR2Hmn
content-encoding
gzip
date
Fri, 06 Sep 2024 09:56:45 GMT
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
x-amz-meta-content-type
application/json
content-length
1511
last-modified
Wed, 24 Jul 2024 16:44:58 GMT
server
AmazonS3
etag
"4c8eef02ac110905ad8d3b4dedc95875"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=1800
accept-ranges
bytes
x-amz-cf-id
am4SBUOAV6ngv0h32Uh1lF52Sq62Wc6l59ums-0R5fIF1DsWkT75lQ==
expires
Fri, 06 Sep 2024 10:26:45 GMT
6si.min.js
j.6sc.co/
68 KB
19 KB
Script
General
Full URL
https://j.6sc.co/6si.min.js
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
aea136527ca962a15eea8eb338c7667b5a44d98bff65dc09a36f5493ddbacb99
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 05 Sep 2024 16:37:55 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"66d9de63-10fec"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, proxy-revalidate, max-age=10800
accept-ranges
bytes
content-length
18709
expires
Fri, 06 Sep 2024 12:56:45 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/
40 KB
14 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W82WNBG
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 22 Aug 2024 10:43:55 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=18228
accept-ranges
bytes
content-length
14628
destination
www.googletagmanager.com/gtag/
231 KB
83 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-AW-952412761&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W82WNBG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
eef746cbe8cff099ec359a005011e2e39ec4b64b838ed428f2a66632ce568dee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85152
x-xss-protection
0
last-modified
Fri, 06 Sep 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 06 Sep 2024 09:56:44 GMT
destination
www.googletagmanager.com/gtag/
282 KB
95 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-952412761&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W82WNBG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f4c1ede221e5a8c35e065eeb52baba4564aa19a3f441b0e3e56535714155dc85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97111
x-xss-protection
0
last-modified
Fri, 06 Sep 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 06 Sep 2024 09:56:44 GMT
22524429.js
js.hs-scripts.com/
2 KB
1 KB
Script
General
Full URL
https://js.hs-scripts.com/22524429.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W82WNBG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.141.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2482c747cff537e03428864e3fd3cf8a80d1339ebbf95ea7ecf8df4a5e5dfcc8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
a292057e-28f2-48cd-8780-dee6146dca75
cf-polished
origSize=2540
x-envoy-upstream-service-time
9
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
a292057e-28f2-48cd-8780-dee6146dca75
cf-bgj
minify
last-modified
Fri, 06 Sep 2024 09:55:51 GMT
server
cloudflare
access-control-max-age
3600
vary
origin, Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.synack.com
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-58bbf9c46c-whp7h
x-evy-trace-virtual-host
all
access-control-allow-credentials
true
cache-control
public, max-age=90
cf-ray
8bed974789420e55-MXP
expires
Fri, 06 Sep 2024 09:58:15 GMT
shim.js
edge.marker.io/latest/
37 KB
12 KB
Script
General
Full URL
https://edge.marker.io/latest/shim.js
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.70.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fb8f6d0827dcad48a533aea98c516d939dcafb91610bc351c83a2b775a53bc2
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:45 GMT
via
1.1 e4ff8e5d95961f2029ed707a2c4209ea.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=0; includeSubDomains; preload
x-amz-cf-pop
MXP53-P2
age
90
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 06 Sep 2024 09:55:00 GMT
server
cloudflare
etag
W/"edc8406f99dd4dc4ccf8351bd81e1598"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300,public
cf-ray
8bed97479bff0e0d-MXP
x-amz-cf-id
xNtoGxktClNBUs2vKJRfAviyscLjw6s7qUEpzU-LV7wtWBHqO4O1Fg==
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-XVS579G3KG&gtm=45je4940v870611089za200&_p=1725616603543&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1936826387.1725616605&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1725616605&sct=1&seg=0&dl=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&dt=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2528
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XVS579G3KG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 09:56:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.synack.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
245 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XVS579G3KG&cid=1936826387.1725616605&gtm=45je4940v870611089za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XVS579G3KG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.167.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wl-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 09:56:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.synack.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rul
td.doubleclick.net/td/ga/ Frame 566E
0
0
Document
General
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-XVS579G3KG&gacid=1936826387.1725616605&gtm=45je4940v870611089za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=17824095
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XVS579G3KG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.synack.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Sep 2024 09:56:45 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-XVS579G3KG&gtm=45je4940v870611089z876206402za200&_p=1725616603543&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1936826387.1725616605&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AAAK&_s=2&sid=1725616605&sct=1&seg=1&dl=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&dt=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&en=page_view&ep.allowLinker=true&_et=35&tfd=2572
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XVS579G3KG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 09:56:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.synack.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202211.2.0/
383 KB
92 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49582965b8ddcb8f728f5b4d33b2c73e138690f5c6815bd9918de94f62f4b80b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Sep 2024 09:56:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
uPFqyxtrxGqJsyAvB7RnSg==
age
49192
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
93482
x-ms-lease-status
unlocked
last-modified
Mon, 12 Dec 2022 17:31:45 GMT
server
cloudflare
etag
0x8DADC66BDFA5EC7
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a5ea234d-301e-0069-6d88-1700cf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8bed97465e2c0e93-MXP
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-9891KWEZPK&gtm=45je4940v892239364za200&_p=1725616603543&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1936826387.1725616605&ul=it-it&are=1&frm=0&pscdl=noapi&_eu=AAAI&_geo=1&_rdi=1&_s=1&sid=1725616605&sct=1&seg=0&dl=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&dt=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&en=page_view&_fv=1&_ss=1&tfd=2626
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9891KWEZPK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 09:56:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.synack.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getuidj
secure.adnxs.com/
11 B
699 B
XHR
General
Full URL
https://secure.adnxs.com/getuidj
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 09:56:45 GMT
an-x-request-uuid
c05f7f5a-db37-412e-911d-ac8973d85e31
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.synack.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.198.62.7; 185.198.62.7; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
c.6sc.co/
7 B
193 B
XHR
General
Full URL
https://c.6sc.co/
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:45 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/html
access-control-allow-origin
https://www.synack.com
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
7
/
ipv6.6sc.co/
4 B
281 B
XHR
General
Full URL
https://ipv6.6sc.co/
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 09:56:45 GMT
vary
Origin
content-type
text/html
access-control-allow-origin
https://www.synack.com
cache-control
max-age=0, no-cache, no-store
6si-ipv6
null
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1725616605604_34694324_200605065_41_1300_9_106_219";dur=1
content-length
4
expires
Fri, 06 Sep 2024 09:56:45 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-952412761/
5 KB
3 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-952412761/?random=1725616605242&cv=11&fst=1725616605242&bg=ffffff&guid=ON&async=1&gtm=45be4940z876206402za201zb76206402&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&hn=www.googleadservices.com&frm=0&tiba=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&npa=0&pscdl=noapi&auid=1680191689.1725616605&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-AW-952412761&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a49e96e81e017345e3e0a0c818021f6a159fc6751c55168a9b8f325e8425bc7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 09:56:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AW-952412761
td.doubleclick.net/td/rul/ Frame 782B
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/AW-952412761?random=1725616605242&cv=11&fst=1725616605242&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4940z876206402za201zb76206402&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&hn=www.googleadservices.com&frm=0&tiba=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&npa=0&pscdl=noapi&auid=1680191689.1725616605&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-AW-952412761&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.synack.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Sep 2024 09:56:45 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/conversion/952412761/
5 KB
3 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/952412761/?random=1725616605280&cv=11&fst=1725616605280&bg=ffffff&guid=ON&async=1&gtm=45be4940v888931320z876206402za201zb76206402&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&label=-EdECKePxfkBENnUksYD&hn=www.googleadservices.com&frm=0&tiba=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=1680191689.1725616605&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-952412761&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
c7ff85cb826707eb89d6960662e92719bd974084483cb7bef727ee90ed13a1d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 09:56:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2600
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
952412761
td.doubleclick.net/td/rul/ Frame E067
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/952412761?random=1725616605280&cv=11&fst=1725616605280&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4940v888931320z876206402za201zb76206402&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&label=-EdECKePxfkBENnUksYD&hn=www.googleadservices.com&frm=0&tiba=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=1680191689.1725616605&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&ct_cookie_present=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-952412761&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.synack.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Sep 2024 09:56:45 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
c.6sc.co/
7 B
193 B
XHR
General
Full URL
https://c.6sc.co/
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:45 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/html
access-control-allow-origin
https://www.synack.com
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
7
/
ipv6.6sc.co/
4 B
280 B
XHR
General
Full URL
https://ipv6.6sc.co/
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 09:56:45 GMT
vary
Origin
content-type
text/html
access-control-allow-origin
https://www.synack.com
cache-control
max-age=0, no-cache, no-store
6si-ipv6
null
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1725616605781_34694324_200605167_352_1329_9_0_219";dur=1
content-length
4
expires
Fri, 06 Sep 2024 09:56:45 GMT
en.json
cdn.cookielaw.org/consent/6f5eb47e-d844-48ff-8a69-bdd05b58172b/8ee75b19-1eba-4407-9a2a-891f6c01dc29/
71 KB
15 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/6f5eb47e-d844-48ff-8a69-bdd05b58172b/8ee75b19-1eba-4407-9a2a-891f6c01dc29/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8a9fe9b6fcab17a668d6c07d6addc7c44b8083ad9e7044da40a02c638f38cdc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Sep 2024 09:56:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
12453
content-md5
7GPw+4qx6D3ZwY7rherWUw==
content-length
15462
x-ms-lease-status
unlocked
last-modified
Wed, 08 Mar 2023 23:17:50 GMT
server
cloudflare
etag
0x8DB202B563EE3F4
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
2458da9d-401e-0097-345b-236f8e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8bed97476b2c4c4e-MXP
expires
Sat, 07 Sep 2024 09:56:45 GMT
details
epsilon.6sense.com/v3/company/
738 B
713 B
XHR
General
Full URL
https://epsilon.6sense.com/v3/company/details
Requested by
Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.142.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software
nginx /
Resource Hash
4629e7eed4a660b76c09839a21d6a4a9268b7364ea38d17abf8960d606ab83bc

Request headers

Referer
https://www.synack.com/
Authorization
Token af1fb71ccf83a5ac1f8f73c6ef78851386603b65
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
X-6s-CustomID
WebTag e625e662-1b3e-4698-be5e-6fba78fa4914

Response headers

x-trace-id
5150719851163676588
date
Fri, 06 Sep 2024 09:56:45 GMT
content-encoding
gzip
server
nginx
vary
Origin, Accept-Encoding
content-type
application/json
x-6si-region
eu-central-1a
access-control-allow-origin
https://www.synack.com
access-control-expose-headers
X-6si-Region
access-control-allow-credentials
true
timing-allow-origin
https://6sense.com, https://www.ssga.com
content-length
393
details
epsilon.6sense.com/v3/company/ Frame
0
0
Preflight
General
Full URL
https://epsilon.6sense.com/v3/company/details
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.142.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ac3ff6aafb2cddae2.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-6s-customid
Access-Control-Request-Method
GET
Origin
https://www.synack.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,x-6s-customid
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
https://www.synack.com
access-control-expose-headers
X-6si-Region
access-control-max-age
1800
date
Fri, 06 Sep 2024 09:56:45 GMT
server
nginx
timing-allow-origin
https://6sense.com, https://www.ssga.com
x-6si-region
eu-central-1a
x-trace-id
3517526094887836026
img.gif
b.6sc.co/v1/beacon/
43 B
257 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=5ae522a995af66cfd213a9411fe4ce6a&svisitor=null&visitor=df39ff55-576c-48ac-831d-7e403894430f&session=e1213231-a50f-4fc4-8bd5-517f7f1a6cf7&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Synack%E2%80%99s%20Attack%20Surface%20Discovery%20provides%20insight%20into%20unknown%20and%20often%20untested%20assets%20that%20belong%20to%20your%20organization%20to%20close%20security%20gaps.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%5Ct%5CtMind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack%5Ct%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&pageViewId=dbf6b0cc-ccf4-40c9-86c6-5fea3eec79db&an_uid=0&webTagId=e625e662-1b3e-4698-be5e-6fba78fa4914&v=1.1.24
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 09:56:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 05 Oct 2021 22:17:52 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"615ccf10-2b"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 06 Sep 2024 09:56:45 GMT
img.gif
b.6sc.co/v1/beacon/
43 B
257 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=5ae522a995af66cfd213a9411fe4ce6a&svisitor=null&visitor=df39ff55-576c-48ac-831d-7e403894430f&session=e1213231-a50f-4fc4-8bd5-517f7f1a6cf7&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%225ae522a995af66cfd213a9411fe4ce6a%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%223156112d8b24b403404bd4c79d487f3a73029c0a%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%225ae522a995af66cfd213a9411fe4ce6a%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22disableCookies%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%22af1fb71ccf83a5ac1f8f73c6ef78851386603b65%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIPv6Ping%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIgnorePageUrlHash%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setWhiteListFields%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%22e625e662-1b3e-4698-be5e-6fba78fa4914%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCompanyDetailsExpiration%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableMapCookieCapture%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Synack%E2%80%99s%20Attack%20Surface%20Discovery%20provides%20insight%20into%20unknown%20and%20often%20untested%20assets%20that%20belong%20to%20your%20organization%20to%20close%20security%20gaps.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%5Ct%5CtMind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack%5Ct%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&pageViewId=dbf6b0cc-ccf4-40c9-86c6-5fea3eec79db&an_uid=0&webTagId=e625e662-1b3e-4698-be5e-6fba78fa4914&v=1.1.24
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 09:56:45 GMT
x-content-type-options
nosniff
last-modified
Fri, 21 Feb 2020 18:57:20 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e502810-2b"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 06 Sep 2024 09:56:45 GMT
attribution_trigger
px.ads.linkedin.com/
2 B
815 B
XHR
General
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=947010&time=1725616605431&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
*
Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:46 GMT
content-encoding
gzip
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: AB0CBD7F31514BD4AA7B2B9D7615F8A4 Ref B: MRS20EDGE0213 Ref C: 2024-09-06T09:56:46Z
access-control-allow-methods
GET, OPTIONS
x-li-fabric
prod-lor1
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
content-type
application/json
x-li-proto
http/2
x-restli-protocol-version
1.0.0
access-control-allow-headers
*
x-li-uuid
AAYhcGzTwSAFi2sozs0RJA==
x-fs-uuid
000621706cd3c120058b6b28cecd1124
collect
px.ads.linkedin.com/
0
885 B
Image
General
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=947010&time=1725616605431&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:45 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: EE1F06DA27054282AB4D6EC0F0119BD0 Ref B: MRS20EDGE0114 Ref C: 2024-09-06T09:56:46Z
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type
application/javascript
x-li-fabric
prod-ltx1
x-cache
CONFIG_NOCACHE
x-li-proto
http/2
content-length
0
x-li-uuid
AAYhcGzTZ24lMnZdYnChYg==
otFlat.json
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/
13 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Sep 2024 09:56:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
vO8A/abKpoPacUrvSk9OSw==
age
56380
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3020
x-ms-lease-status
unlocked
last-modified
Mon, 12 Dec 2022 17:31:35 GMT
server
cloudflare
etag
0x8DADC66B7AF38D0
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
76462bbe-c01e-0020-1873-794224000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8bed97482c494c4e-MXP
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/v2/
61 KB
12 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40c8084ce459211c73bf91eaa18b6152cc5fc9e29245dcec381da35ee51334b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Sep 2024 09:56:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
mBGnk7IXt0USbYmXZQhmOw==
age
56380
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12540
x-ms-lease-status
unlocked
last-modified
Mon, 12 Dec 2022 17:31:37 GMT
server
cloudflare
etag
0x8DADC66B90C98A8
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
61944521-701e-009c-54be-0b94e5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8bed97482c4d4c4e-MXP
otCookieSettingsButton.json
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/
5 KB
2 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otCookieSettingsButton.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Sep 2024 09:56:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
c4ZDUEm/Y1hew9zmVZ7hPg==
age
56380
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1767
x-ms-lease-status
unlocked
last-modified
Mon, 12 Dec 2022 17:31:37 GMT
server
cloudflare
etag
0x8DADC66B8C428D7
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
bdf44f04-c01e-0042-3873-798003000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8bed97482c504c4e-MXP
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/
21 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Sep 2024 09:56:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
XcxlleAcPGO2n5kTZrHH2Q==
age
56380
x-ms-lease-status
unlocked
last-modified
Mon, 12 Dec 2022 17:31:50 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
053244a3-d01e-00e0-2a16-d37502000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8bed97482c564c4e-MXP
messenger
app.qualified.com/w/1/wMSIsrvzp9xgEeyW/ Frame 3283
0
0
Document
General
Full URL
https://app.qualified.com/w/1/wMSIsrvzp9xgEeyW/messenger?uuid=8e0554c9-6471-4bee-a091-3a1237c34509
Requested by
Host: js.qualified.com
URL: https://js.qualified.com/qualified.js?token=wMSIsrvzp9xgEeyW
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.170.94.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-170-94-36.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.synack.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=0, private, must-revalidate
Content-Encoding
gzip
Content-Length
1887
Content-Security-Policy
Content-Type
text/html; charset=utf-8
Date
Fri, 06 Sep 2024 09:56:45 GMT
Etag
W/"0bd3e0c3d4550c5430f0afb49e8b8cbe"
Link
<https://assets.qualified.com/packs/css/vendors~widget/sandboxed/messenger-94e6eccc.chunk.css>; rel=preload; as=style; nopush,<https://assets.qualified.com/packs/css/widget/sandboxed/messenger-ea37ea0f.chunk.css>; rel=preload; as=style; nopush
Referrer-Policy
strict-origin-when-cross-origin
Strict-Transport-Security
max-age=63072000; includeSubDomains
Vary
Accept-Encoding
Via
1.1 spaces-router (baa76bb17a64)
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
40c149a0-f25c-6bcf-bc7c-4b58e4b4a9eb
X-Runtime
0.015254
X-Xss-Protection
1; mode=block
collect
www.google-analytics.com/j/
1 B
91 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=233158382&t=pageview&_s=1&dl=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&ul=it-it&de=UTF-8&dt=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=149027677&gjid=304871470&cid=1936826387.1725616605&tid=UA-38714717-1&_gid=655344221.1725616605&_r=1&gtm=457e4940za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&jsscut=1&z=2076031773
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 09:56:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.synack.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
22524429.js
js.hs-analytics.net/analytics/1725616500000/
70 KB
25 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1725616500000/22524429.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22524429.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.160.168 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c245353d95438f833c87f58ad0a8f82f3d110bd5219e7476c6494df671b80e18

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:46 GMT
x-amz-version-id
null
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
6PQMTQ2DKX0QCF51
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
37aeb956-cc32-403d-9639-97da11e3bb7a
x-envoy-upstream-service-time
27
x-amz-id-2
Sp2JPZOxP+Dv3jc0NAldn7HQK0EIMFxaTCc+JiGMtlUlqvP0l5czKK/IL4dPP1xCW9RmzYaBX2c=
x-evy-trace-listener
listener_https
x-request-id
37aeb956-cc32-403d-9639-97da11e3bb7a
x-evy-trace-route-configuration
listener_https/all
last-modified
Fri, 23 Aug 2024 14:03:16 GMT
server
cloudflare
etag
W/"39948f8c8ff1ef56d5d7cf86fed7fe06"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-xk7b5
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
8bed974bcddebab7-MXP
expires
Fri, 06 Sep 2024 10:00:52 GMT
fb.js
js.hsadspixel.net/
6 KB
4 KB
Script
General
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22524429.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.223.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeecc1c14b175e0226295f130c6121ddf605878b3489fd61181911c17c9b2a74
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:46 GMT
content-encoding
gzip
via
1.1 6b29c936420d116b13807604a0e67044.cloudfront.net (CloudFront)
x-amz-version-id
CKdUucj42qReK_MB.X3dwG61CXEt1Id2
cf-cache-status
HIT
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P3
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
4c86ba50-6841-496d-9e08-e9bec86d4c41
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.595/bundles/pixels-release.js&cfRay=8be6fc73bfbc0d80-FRA
x-cache
Hit from cloudfront
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
age
140
x-envoy-upstream-service-time
1
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
4c86ba50-6841-496d-9e08-e9bec86d4c41
last-modified
Thu, 05 Sep 2024 14:32:20 UTC
server
cloudflare
etag
W/"ba2542491f85a69ea1e0553167ab5227"
vary
accept-encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-5f4dcb8bc8-4g5hc
cf-ray
8bed974bccb80e49-MXP
x-amz-cf-id
_uEMLB7sl9n1oY1dxbeAHkMwWEgSXof6AWvBexJZle-QcDpp2BXKPA==
x-hs-target-asset
adsscriptloaderstatic/static-1.595/bundles/pixels-release.js
banner.js
js.hs-banner.com/v2/22524429/
71 KB
26 KB
Script
General
Full URL
https://js.hs-banner.com/v2/22524429/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22524429.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.147.16 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b6a00ee6dc92a5540d44fe4c46dc4a7ef801c8cb2fcc0bde20cc0ff82296977

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:46 GMT
x-amz-version-id
fu3.cjU8H_LoJEbUT6It9ecHPKpaN6Mz
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
VP87TAB9793Q83ZX
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
69bf3962-f5c5-4bbe-8ad8-ee7dc7882b18
x-envoy-upstream-service-time
58
x-amz-id-2
4GHPyI9XAtZSFJp19wmYaFty0bNKHqyYrz5WAbEXIu3PDA15IhFbAbokFanwypJLi2xUo8oKGNc=
x-evy-trace-listener
listener_https
x-request-id
69bf3962-f5c5-4bbe-8ad8-ee7dc7882b18
x-evy-trace-route-configuration
listener_https/all
last-modified
Tue, 20 Aug 2024 17:57:59 GMT
server
cloudflare
etag
W/"69b4d7edc51cd925b6fbca0afa4ed941"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.synack.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-gfff7
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
8bed974bb850baa5-MXP
expires
Fri, 06 Sep 2024 10:00:52 GMT
web-interactives-embed.js
js.hubspot.com/
83 KB
24 KB
Script
General
Full URL
https://js.hubspot.com/web-interactives-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22524429.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
059b77025c02623999e7524b737287072bd2dbb42c1652f70a4020338b1e5f21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
Origin
https://www.synack.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1426/bundles/project.js&cfRay=8be57c3c4c050e55-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"edf91c1320ba2916398ed791b63187bc"
vary
accept-encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-hs-target-asset
web-interactives-embed/static-2.1426/bundles/project.js
date
Fri, 06 Sep 2024 09:56:46 GMT
via
1.1 6b29c936420d116b13807604a0e67044.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-version-id
7DwgQA9YoOwDB6Raj9_RIwKNzf1Sd5R0
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
IAD12-P3
x-hubspot-correlation-id
20434b6b-7b6f-446d-9faf-2bf45254daff
x-cache
Hit from cloudfront
cache-tag
staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
1
x-evy-trace-route-configuration
listener_https/all
x-request-id
20434b6b-7b6f-446d-9faf-2bf45254daff
last-modified
Wed, 28 Aug 2024 20:01:26 UTC
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tu9Qvd0675rJXlEaIU7pnIyfrojfMXqbyzm2k81w8LMtyw%2F%2B9KZFa1aiVEoyVvRWc%2Bvw4mKgUsBKehMEsU0JS2JKxJ%2F7QoWlelv7ocwscPoktTobb0K5vRtcKccRozkP"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-5f4dcb8bc8-ppgfq
cf-ray
8bed974bbaa70e0d-MXP
x-amz-cf-id
bu_KGLNsYOX5La3bjwHsFJ2p9x7PCHx8Ho7ogFaiNfFcAROWJoKWNQ==
collectedforms.js
js.hscollectedforms.net/
69 KB
25 KB
Script
General
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/22524429.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.111.254 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c78fab07d4ee469def66170220968c4e790992e5adc971a34edc7eabc695e79f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
Origin
https://www.synack.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:46 GMT
content-encoding
gzip
via
1.1 3d4bfc42e9575ee1f9559241c9e3f464.cloudfront.net (CloudFront)
x-amz-version-id
FCxgV_B3nWescR00el0uV0Hdj2lazDBZ
cf-cache-status
HIT
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P3
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
97f175e1-e215-4fac-9ee8-80ee7ae61969
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.586/bundles/project.js&cfRay=8b2185277a4d5a07-MXP
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
3
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
97f175e1-e215-4fac-9ee8-80ee7ae61969
last-modified
Tue, 23 Jul 2024 12:55:20 UTC
server
cloudflare
etag
W/"ac41634810840adc02ea51748cb19c2f"
vary
accept-encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
x-hs-cache-status
HIT
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-5f4dcb8bc8-tmvlw
cf-ray
8bed974bcf000e4d-MXP
x-amz-cf-id
Hk-tk9YdkTIZ-qJd6paCpsthL-F86oGLd9PCUY9dzLV6gEJtBJoXKg==
x-hs-target-asset
collected-forms-embed-js/static-1.586/bundles/project.js
ot_close.svg
cdn.cookielaw.org/logos/static/
651 B
600 B
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_close.svg
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Sep 2024 09:56:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
pcXWFGpuVeSg/jVnYCseRg==
age
49829
x-ms-lease-status
unlocked
last-modified
Thu, 05 Sep 2024 06:33:14 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
edb13b1b-901e-00a8-0598-ff479f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8bed9748a97a0e93-MXP
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/
497 B
510 B
Fetch
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Sep 2024 09:56:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
56378
x-ms-lease-status
unlocked
last-modified
Thu, 05 Sep 2024 06:33:13 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
39f736f5-301e-00a5-2d64-ffa893000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8bed9748cd6e4c4e-MXP
ot_company_logo.png
cdn.cookielaw.org/logos/static/
4 KB
4 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_company_logo.png
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Sep 2024 09:56:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
E8+sk/ECzKgTUVtDLikiIA==
age
70590
content-length
4036
x-ms-lease-status
unlocked
last-modified
Tue, 03 Sep 2024 16:39:48 GMT
server
cloudflare
etag
0x8DCCC3706A5C9A6
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
21e3dede-501e-0097-4b37-fef043000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8bed9748e9c20e93-MXP
powered_by_logo.svg
cdn.cookielaw.org/logos/static/
5 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.87.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 Sep 2024 09:56:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
45034
x-ms-lease-status
unlocked
last-modified
Thu, 05 Sep 2024 06:33:14 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
f2de5db3-801e-001d-04ce-ff4a60000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8bed9748e9c70e93-MXP
2.v2.15.0.f2fdbd0e05d6efcac7d3.js
edge.marker.io/latest/
213 KB
67 KB
Script
General
Full URL
https://edge.marker.io/latest/2.v2.15.0.f2fdbd0e05d6efcac7d3.js
Requested by
Host: edge.marker.io
URL: https://edge.marker.io/latest/shim.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.70.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bab9c40c898baff0cfd990efd38181005fddaed94402732b0e92708b05d2726
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:45 GMT
content-encoding
br
via
1.1 73dc4163c5d709eb7fc618a6b2f07c24.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
x-amz-cf-pop
MXP53-P2
age
90
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 06 Sep 2024 09:54:58 GMT
server
cloudflare
etag
W/"68266a97b0d10f0891433d9389a4956a"
vary
Accept-Encoding
content-type
text/javascript
cf-ray
8bed97492e810e0d-MXP
x-amz-cf-id
GnkRKHSTOttiDq_TroYymMtJJ6VzPzFuqptRQfSawEoGeZ5g8_L3GA==
3.v2.15.0.d94e68f6b8a22e3b32c2.js
edge.marker.io/latest/
255 KB
59 KB
Script
General
Full URL
https://edge.marker.io/latest/3.v2.15.0.d94e68f6b8a22e3b32c2.js
Requested by
Host: edge.marker.io
URL: https://edge.marker.io/latest/shim.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.70.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d6b395e1fc4e9ec3dc878c3d6c4141c2ef632bb53fe87143988977c746ff30d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:45 GMT
content-encoding
br
via
1.1 3618e3d44154049697057e88849a4360.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
x-amz-cf-pop
MXP53-P2
age
90
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 06 Sep 2024 09:54:58 GMT
server
cloudflare
etag
W/"1ebb3521f43cdba388dd6012e48b5f73"
vary
Accept-Encoding
content-type
text/javascript
cf-ray
8bed97492e830e0d-MXP
x-amz-cf-id
5S8JnDA7YtLwiBRjeHLJj0BMmkjxN0Stf0sOo7AN58kFvkg22LaOHQ==
/
www.google.com/pagead/1p-conversion/952412761/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/952412761/?random=1525034900&cv=11&fst=1725616605280&bg=ffffff&guid=ON&async=1&gtm=45be4940v888931320z876206402za201zb76206402&gcd=1...
  • https://www.google.com/pagead/1p-conversion/952412761/?random=1525034900&cv=11&fst=1725616605280&bg=ffffff&guid=ON&async=1&gtm=45be4940v888931320z876206402za201zb76206402&gcd=13l3l3l3l1l1&dma=0&tag...
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-conversion/952412761/?random=1525034900&cv=11&fst=1725616605280&bg=ffffff&guid=ON&async=1&gtm=45be4940v888931320z876206402za201zb76206402&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&label=-EdECKePxfkBENnUksYD&hn=www.googleadservices.com&frm=0&tiba=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&value=0&npa=0&pscdl=noapi&auid=1680191689.1725616605&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgijxbECCJvHsQJKFXRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIqsis5oauiAMVwZb9Bx2s2gIjMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhdodHRwczovL3d3dy5zeW5hY2suY29tLw&is_vtc=1&cid=CAQSGwDpaXnfGBuAsE3H6wZQDHKpa8KT3Ya6t_flpA&eitems=ChAI8NDqtgYQu4_-0ffrtI9HEh0AMO5CNN4rZeVlKLgbP5oS7PnonMMoi7COS-F43g&random=1363277075
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Server
172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 09:56:46 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 06 Sep 2024 09:56:45 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://www.google.com/pagead/1p-conversion/952412761/?random=1525034900&cv=11&fst=1725616605280&bg=ffffff&guid=ON&async=1&gtm=45be4940v888931320z876206402za201zb76206402&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&label=-EdECKePxfkBENnUksYD&hn=www.googleadservices.com&frm=0&tiba=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&value=0&npa=0&pscdl=noapi&auid=1680191689.1725616605&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgijxbECCJvHsQJKFXRyaWdnZXIsIGV2ZW50LXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMIqsis5oauiAMVwZb9Bx2s2gIjMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhdodHRwczovL3d3dy5zeW5hY2suY29tLw&is_vtc=1&cid=CAQSGwDpaXnfGBuAsE3H6wZQDHKpa8KT3Ya6t_flpA&eitems=ChAI8NDqtgYQu4_-0ffrtI9HEh0AMO5CNN4rZeVlKLgbP5oS7PnonMMoi7COS-F43g&random=1363277075
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/AW-952412761/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/AW-952412761/?random=1725616605242&cv=11&fst=1725613200000&bg=ffffff&guid=ON&async=1&gtm=45be4940z876206402za201zb76206402&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&hn=www.googleadservices.com&frm=0&tiba=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&npa=0&pscdl=noapi&auid=1680191689.1725616605&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfStK95ZW_vIM2-T-eydYbVN_Q0WJTKg&random=506908093&rmt_tld=0&ipr=y
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 09:56:46 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
api.marker.io/widget/ Frame
0
0
Preflight
General
Full URL
https://api.marker.io/widget/ping
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.70.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.synack.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Authorization, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version, _c, Request-Context, x-xsrf-token
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.synack.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8bed974d6d96bb14-MXP
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Fri, 06 Sep 2024 09:56:46 GMT
origin-agent-cluster
?1
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
vary
Origin
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
ping
api.marker.io/widget/
3 KB
2 KB
Fetch
General
Full URL
https://api.marker.io/widget/ping
Requested by
Host: edge.marker.io
URL: https://edge.marker.io/latest/3.v2.15.0.d94e68f6b8a22e3b32c2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.70.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6aa239d420942e368db4ad395183c982821dc171f45592312eb05717f0a48e0d
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 06 Sep 2024 09:56:46 GMT
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=0; includeSubDomains; preload
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
referrer-policy
no-referrer
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"c41-jFA4YaeLt5EJvRByeAJAjpESzno"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Origin, X-HTTP-Method-Override, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.synack.com
origin-agent-cluster
?1
access-control-allow-credentials
true
cf-ray
8bed974e0e440e0d-MXP
combinedConfigs
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/
95 B
1 KB
Fetch
General
Full URL
https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=22524429&currentUrl=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F
Requested by
Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f212e942ac33fd93669f03a55e2c0192224cdb6870b376fac8d3c5255cd01225
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
0ea9aece-fc71-488e-910b-2c8e6a89ff02
content-encoding
br
x-envoy-upstream-service-time
10
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
0ea9aece-fc71-488e-910b-2c8e6a89ff02
server
cloudflare
vary
origin
access-control-allow-methods
OPTIONS, GET
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.synack.com
x-evy-trace-virtual-host
all
access-control-max-age
180
access-control-allow-credentials
true
cache-control
max-age=0, no-cache, no-store
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fqiykKPsOctHcZeeBy9jx%2Fo1ceP1CsFC939%2FqokhCVFHgo64s97MGrzBRS45KeHYg6Qb5gti1GXa3urjFHrm5l6NiAiECfMz5hd2vSCqSGT%2BBdVdQx9rhuBmLNor7eJ9%2Ff0m18VHp18QCZfSjqc%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag
noindex, follow
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray
8bed974c8bc70e0d-MXP
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-tptvl
json
forms.hscollectedforms.net/collected-forms/v1/config/
135 B
466 B
XHR
General
Full URL
https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=22524429&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.111.254 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b83b1acd67f31a30aa8cc887f269ede90e26aab6c57eb86327d12b495d7517a4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
652831fa-cba8-4186-8413-4a21e58fad13
x-envoy-upstream-service-time
2
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
652831fa-cba8-4186-8413-4a21e58fad13
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.synack.com
x-evy-trace-virtual-host
all
cache-control
max-age=0
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-5f4dcb8bc8-4vkbb
access-control-max-age
180
x-robots-tag
none
access-control-allow-headers
*
cf-ray
8bed974cc8cf0e4d-MXP
json
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/
778 B
1 KB
XHR
General
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=22524429
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.244.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03b35fa68723bee214d6d22f10bb307f2e9b829031ff7a9b1e3fccd818097dcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
2a8c506b-1e2b-458e-90a2-a1143b006d8d
x-envoy-upstream-service-time
3
content-length
374
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
2a8c506b-1e2b-458e-90a2-a1143b006d8d
server
cloudflare
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.synack.com
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-58bbf9c46c-zvd6n
access-control-max-age
180
access-control-allow-credentials
false
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PXlCfMjr%2B6AcA8bXYSwTxJvdIZLOMG5MmAipZfwDZStMDmVsJg0TFCAPV6%2ByUQ8OgFQpRmdaigxxVMnybnzjh9RegbEComNvU1baH0sXk67IELdAHCF5e01JyOQ%2Bg%2FBP"}],"group":"cf-nel","max_age":604800}
cf-ray
8bed974ff9e90e12-MXP
access-control-allow-headers
*
/
px.ads.linkedin.com/wa/
0
196 B
XHR
General
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 06 Sep 2024 09:56:46 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 7C6AB31D63C8442B94E5A270741437A5 Ref B: MRS20EDGE0114 Ref C: 2024-09-06T09:56:46Z
linkedin-action
1
vary
Origin
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
access-control-allow-origin
https://www.synack.com
x-li-proto
http/2
access-control-allow-credentials
true
x-li-uuid
AAYhcGzWZ9BrVHZuylLAfg==
img.gif
b.6sc.co/v1/beacon/
43 B
257 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=5ae522a995af66cfd213a9411fe4ce6a&svisitor=null&visitor=df39ff55-576c-48ac-831d-7e403894430f&session=e1213231-a50f-4fc4-8bd5-517f7f1a6cf7&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2006%20Sep%202024%2009%3A56%3A46%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2006%20Sep%202024%2009%3A56%3A45%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%221002%22%7D&isIframe=false&m=%7B%22description%22%3A%22Synack%E2%80%99s%20Attack%20Surface%20Discovery%20provides%20insight%20into%20unknown%20and%20often%20untested%20assets%20that%20belong%20to%20your%20organization%20to%20close%20security%20gaps.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%5Ct%5CtMind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack%5Ct%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&pageViewId=dbf6b0cc-ccf4-40c9-86c6-5fea3eec79db&an_uid=0&webTagId=e625e662-1b3e-4698-be5e-6fba78fa4914&v=1.1.24
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 09:56:46 GMT
x-content-type-options
nosniff
last-modified
Fri, 21 Feb 2020 18:57:20 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e502810-2b"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 06 Sep 2024 09:56:46 GMT
counters.gif
perf-na1.hsforms.com/embed/v3/
35 B
1 KB
Image
General
Full URL
https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 06 Sep 2024 09:56:46 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
CF-Cache-Status
MISS
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
ce945a34-d55e-499c-9e30-37b8caea13c6
x-envoy-upstream-service-time
3
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
ce945a34-d55e-499c-9e30-37b8caea13c6
Last-Modified
Fri, 06 Sep 2024 09:56:46 GMT
Server
cloudflare
vary
origin, Accept-Encoding
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-99dcv
access-control-expose-headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
Accept-Ranges
bytes
x-robots-tag
none
CF-RAY
8bed97501d694c3d-MXP
counters.gif
forms.hsforms.com/embed/v3/
35 B
1 KB
Image
General
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Fri, 06 Sep 2024 09:56:46 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
b9c1e6d2-c3cc-4ba9-901c-aa981d14fd93
x-envoy-upstream-service-time
1
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
b9c1e6d2-c3cc-4ba9-901c-aa981d14fd93
Server
cloudflare
vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-ffbf7bf5c-hcsh5
access-control-expose-headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
CF-RAY
8bed975069445262-MXP
js
www.googletagmanager.com/gtag/
282 KB
95 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-952412761
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
3641dd2578254a4c6b528f9e060dd2bb2812134c4bfe7db41744a14e9284f0fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97081
x-xss-protection
0
last-modified
Fri, 06 Sep 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 06 Sep 2024 09:56:46 GMT
js
www.googletagmanager.com/gtag/
282 KB
95 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-952412761&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-38714717-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
70c187c27c25d4f67346e9d8efb6915f28204baf6e26b84bba6ccdc5bb470712
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97049
x-xss-protection
0
last-modified
Fri, 06 Sep 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 06 Sep 2024 09:56:46 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/
40 KB
0
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-24-77-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 22 Aug 2024 10:43:55 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
max-age=18228
accept-ranges
bytes
content-length
14628
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/952412761/
5 KB
3 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/952412761/?random=1725616607036&cv=11&fst=1725616607036&bg=ffffff&guid=ON&async=1&gtm=45be4940v888931320za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&hn=www.googleadservices.com&frm=0&tiba=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1680191689.1725616605&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-952412761&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
4f9a33e1d985d652eec5b794d5520a7eb4527f45b13883f398892780f201e06e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 09:56:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2390
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
952412761
td.doubleclick.net/td/rul/ Frame B65B
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/952412761?random=1725616607036&cv=11&fst=1725616607036&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4940v888931320za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&hn=www.googleadservices.com&frm=0&tiba=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1680191689.1725616605&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-952412761&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.synack.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 06 Sep 2024 09:56:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/952412761/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/952412761/?random=1725616607036&cv=11&fst=1725613200000&bg=ffffff&guid=ON&async=1&gtm=45be4940v888931320za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&hn=www.googleadservices.com&frm=0&tiba=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&pscdl=noapi&auid=1680191689.1725616605&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfeRtLUVG3JmDGvdSVa1R-oEPiELfVwDDZiX4tYh9ZQNGUmVHj&random=502363453&rmt_tld=0&ipr=y
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 09:56:47 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zi-tag.js
js.zi-scripts.com/
9 KB
3 KB
Script
General
Full URL
https://js.zi-scripts.com/zi-tag.js
Requested by
Host: www.synack.com
URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e779904e434d50e426e79dfac680cdb8a04564e67121c257974278a02979e407

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:47 GMT
x-amz-version-id
PTl7rnF_EEhUwyN5J882FhdYw1E0brGf
content-encoding
gzip
cf-cache-status
DYNAMIC
via
1.1 488566c6c2cd3108c8176e63cecbf9e0.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P4
age
9298
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 18 Jul 2024 08:13:46 GMT
server
cloudflare
etag
W/"b2877da906a3216c4f3fc4030b205e54"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
8bed9753f940523d-MXP
x-amz-cf-id
lAsurQoPq7XBAvIiBTIpUksQ_7teEgh3eNExurVFZpIKb3xKy6nq5A==
__ptq.gif
track.hubspot.com/
45 B
1 KB
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=it-it&bfp=430326251&v=1.1&a=22524429&rcu=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&pu=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&t=Mind+the+Gap%3A+Attack+Surface+Discovery+and+PTaaS+%7C+Blog+%7C+Synack&cts=1725616607197&vi=b8ff4b806f5ab2c4dfe532bc3d10ad4b&nc=true&u=224438085.b8ff4b806f5ab2c4dfe532bc3d10ad4b.1725616607194.1725616607194.1725616607194.1&b=224438085.1.1725616607194&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.117.116 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
a3099c88-8098-47a6-b8b1-9970151455f2
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
7
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
a3099c88-8098-47a6-b8b1-9970151455f2
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=leACsRMyeHz7mMYlVa%2BSqUx68%2B7qi6BwVwn4PNNJsPdlLKsxXNDAW0FOv2%2F0SgYyAqwXGLpV5OUDSZqGJctvpeckLiLPX%2F8zc6a2tW1q1eKzF8VuxfO%2B7gDpcgIorhu4Aj%2Fm"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-7bf556f6f-pc7qw
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
8bed9755eaaa4c6e-MXP
x-robots-tag
none
img.gif
b.6sc.co/v1/beacon/
43 B
257 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=5ae522a995af66cfd213a9411fe4ce6a&svisitor=null&visitor=df39ff55-576c-48ac-831d-7e403894430f&session=e1213231-a50f-4fc4-8bd5-517f7f1a6cf7&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2006%20Sep%202024%2009%3A56%3A47%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2006%20Sep%202024%2009%3A56%3A46%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222003%22%7D&isIframe=false&m=%7B%22description%22%3A%22Synack%E2%80%99s%20Attack%20Surface%20Discovery%20provides%20insight%20into%20unknown%20and%20often%20untested%20assets%20that%20belong%20to%20your%20organization%20to%20close%20security%20gaps.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%5Ct%5CtMind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack%5Ct%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&pageViewId=dbf6b0cc-ccf4-40c9-86c6-5fea3eec79db&an_uid=0&webTagId=e625e662-1b3e-4698-be5e-6fba78fa4914&v=1.1.24
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 09:56:47 GMT
x-content-type-options
nosniff
last-modified
Sat, 18 Feb 2023 00:49:36 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f020a0-2b"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 06 Sep 2024 09:56:47 GMT
img.gif
b.6sc.co/v1/beacon/
43 B
257 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=5ae522a995af66cfd213a9411fe4ce6a&svisitor=null&visitor=df39ff55-576c-48ac-831d-7e403894430f&session=e1213231-a50f-4fc4-8bd5-517f7f1a6cf7&event=ni%3AmapCookie&q=%7B%22thirdPartyValues%22%3A%22%5B%7B%5C%22map%5C%22%3A%5C%22Hubspot%5C%22%2C%5C%22cookieName%5C%22%3A%5C%22hubspotutk%5C%22%2C%5C%22cookieValue%5C%22%3A%5C%22b8ff4b806f5ab2c4dfe532bc3d10ad4b%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Synack%E2%80%99s%20Attack%20Surface%20Discovery%20provides%20insight%20into%20unknown%20and%20often%20untested%20assets%20that%20belong%20to%20your%20organization%20to%20close%20security%20gaps.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%5Ct%5CtMind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack%5Ct%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&pageViewId=dbf6b0cc-ccf4-40c9-86c6-5fea3eec79db&an_uid=0&webTagId=e625e662-1b3e-4698-be5e-6fba78fa4914&v=1.1.24
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 09:56:47 GMT
x-content-type-options
nosniff
last-modified
Fri, 21 Feb 2020 18:57:20 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e502810-2b"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 06 Sep 2024 09:56:47 GMT
favicon-150x150.webp
www.synack.com/wp-content/uploads/2023/07/
3 KB
3 KB
Other
General
Full URL
https://www.synack.com/wp-content/uploads/2023/07/favicon-150x150.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.21 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b923702c6d24624ee9cf74c73488d1c4ba68649d9cce6a63b91e5bccd29a16
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 09:56:47 GMT
content-security-policy
upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=63072000
cf-cache-status
MISS
alt-svc
h3=":443"; ma=86400
content-length
3182
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Sun, 19 Nov 2023 10:31:31 GMT
server
cloudflare
etag
"6559e403-c6e"
vary
Accept, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
max-age=31536000, private
permissions-policy
feature-policy: autoplay 'self'; camera 'none'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'none'; microphone 'none'; midi 'none'; payment 'none'; xr-spatial-tracking 'none';
accept-ranges
bytes
cf-ray
8bed975379490e2a-MXP
expires
Sat, 06 Sep 2025 09:56:47 GMT
getSubscriptions
js.zi-scripts.com/unified/v1/master/
146 B
402 B
Fetch
General
Full URL
https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by
Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
35c2419e3070f78947f1bbe39fe1e42380876957985da94f9905cfa6bfe1128e

Request headers

Content-Type
application/json
Referer
https://www.synack.com/
Authorization
Bearer ed770e33d81681794781
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
visited_url
https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/

Response headers

date
Fri, 06 Sep 2024 09:56:48 GMT
via
1.1 7aebe5536aa81207909dbe4ca368b9be.cloudfront.net (CloudFront)
content-encoding
gzip
cf-cache-status
DYNAMIC
x-amz-cf-pop
MXP63-P4
x-powered-by
Express
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
apigw-requestid
drW7Egm_PHcEMsQ=
server
cloudflare
etag
W/"92-O14ePuH5PaKBRzKpI+XL4irPD04"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.synack.com
cf-ray
8bed97587ef54bdc-MXP
x-amz-cf-id
DoAviXcu2Jef-S5Bxrr-CVW6t0oUUEX8J1h8mNQu1sqnXuIpwHAobw==
getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame
0
0
Preflight
General
Full URL
https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,visited_url
Access-Control-Request-Method
GET
Origin
https://www.synack.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,X-Amp-Device-Id,X-Amp-Session-Id,visited_url,_zitok,forwarded,x-ziaccesstoken
access-control-allow-methods
POST, GET, OPTIONS, PATCH, DELETE, PUT
access-control-allow-origin
https://www.synack.com
alt-svc
h3=":443"; ma=86400
apigw-requestid
drW6_hVaPHcEMhQ=
cf-cache-status
DYNAMIC
cf-ray
8bed975519254bdc-MXP
date
Fri, 06 Sep 2024 09:56:47 GMT
server
cloudflare
vary
Origin
via
1.1 7403235773a9b23f307196c589d62dac.cloudfront.net (CloudFront)
x-amz-cf-id
XrWBPkp0dqRL2OLDBZ3iwkI_XoXB79i3y9iM2C6VjCvdyL160YSirg==
x-amz-cf-pop
MXP63-P4
x-cache
Miss from cloudfront
x-powered-by
Express
img.gif
b.6sc.co/v1/beacon/
43 B
257 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=5ae522a995af66cfd213a9411fe4ce6a&svisitor=null&visitor=df39ff55-576c-48ac-831d-7e403894430f&session=e1213231-a50f-4fc4-8bd5-517f7f1a6cf7&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2006%20Sep%202024%2009%3A56%3A48%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2006%20Sep%202024%2009%3A56%3A47%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%223003%22%7D&isIframe=false&m=%7B%22description%22%3A%22Synack%E2%80%99s%20Attack%20Surface%20Discovery%20provides%20insight%20into%20unknown%20and%20often%20untested%20assets%20that%20belong%20to%20your%20organization%20to%20close%20security%20gaps.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%5Ct%5CtMind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack%5Ct%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&pageViewId=dbf6b0cc-ccf4-40c9-86c6-5fea3eec79db&an_uid=0&webTagId=e625e662-1b3e-4698-be5e-6fba78fa4914&v=1.1.24
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 09:56:48 GMT
x-content-type-options
nosniff
last-modified
Fri, 21 Feb 2020 18:57:20 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5e502810-2b"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 06 Sep 2024 09:56:48 GMT
/
ws.zoominfo.com/pixel/61f864af351dc6001aaaca1a/
3 KB
2 KB
Fetch
General
Full URL
https://ws.zoominfo.com/pixel/61f864af351dc6001aaaca1a/?iszitag=true
Requested by
Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6d32ffc818e7296c00cb04e2efc4c3fbcc3ad6dcf7e386e9a03fd84b535da520
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

visited-url
https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Referer
https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
_vtok
MTg1LjE5OC42Mi43
_zitok
b44fa5c092db4ae1db951725616608
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/javascript

Response headers

date
Fri, 06 Sep 2024 09:56:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
https://www.synack.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc
h3=":443"; ma=86400
cf-ray
8bed97616c5d0e5f-MXP
/
ws.zoominfo.com/pixel/61f864af351dc6001aaaca1a/ Frame
0
0
Preflight
General
Full URL
https://ws.zoominfo.com/pixel/61f864af351dc6001aaaca1a/?iszitag=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
_vtok,_zitok,content-type,visited-url
Access-Control-Request-Method
GET
Origin
https://www.synack.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
access-control-allow-origin
https://www.synack.com
allow
GET,HEAD
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8bed975d3f520e27-MXP
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 06 Sep 2024 09:56:49 GMT
server
cloudflare
via
1.1 google
x-content-type-options
nosniff
x-powered-by
Express
x-robots-tag
noindex, nofollow
img.gif
b.6sc.co/v1/beacon/
43 B
257 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=5ae522a995af66cfd213a9411fe4ce6a&svisitor=null&visitor=df39ff55-576c-48ac-831d-7e403894430f&session=e1213231-a50f-4fc4-8bd5-517f7f1a6cf7&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2006%20Sep%202024%2009%3A56%3A49%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2006%20Sep%202024%2009%3A56%3A48%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224004%22%7D&isIframe=false&m=%7B%22description%22%3A%22Synack%E2%80%99s%20Attack%20Surface%20Discovery%20provides%20insight%20into%20unknown%20and%20often%20untested%20assets%20that%20belong%20to%20your%20organization%20to%20close%20security%20gaps.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%5Ct%5CtMind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack%5Ct%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&pageViewId=dbf6b0cc-ccf4-40c9-86c6-5fea3eec79db&an_uid=0&webTagId=e625e662-1b3e-4698-be5e-6fba78fa4914&v=1.1.24
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 09:56:49 GMT
x-content-type-options
nosniff
last-modified
Sat, 18 Feb 2023 00:49:36 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f020a0-2b"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 06 Sep 2024 09:56:49 GMT
86cd83fb-5390-4897-800e-df69580599c8
https://www.synack.com/
3 KB
0
Script
General
Full URL
blob:https://www.synack.com/86cd83fb-5390-4897-800e-df69580599c8
Requested by
Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6d32ffc818e7296c00cb04e2efc4c3fbcc3ad6dcf7e386e9a03fd84b535da520

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length
3033
Content-Type
text/javascript
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-XVS579G3KG&gtm=45je4940v870611089z876206402za200&_p=1725616603543&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1936826387.1725616605&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AAAI&_s=3&sid=1725616605&sct=1&seg=1&dl=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&dt=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&en=Javascript_error&ep.allowLinker=true&ep.Page_URL=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&ep.Referrer=&_et=2&tfd=7573
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XVS579G3KG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 09:56:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.synack.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img.gif
b.6sc.co/v1/beacon/
43 B
258 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=5ae522a995af66cfd213a9411fe4ce6a&svisitor=null&visitor=df39ff55-576c-48ac-831d-7e403894430f&session=e1213231-a50f-4fc4-8bd5-517f7f1a6cf7&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2006%20Sep%202024%2009%3A56%3A50%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2006%20Sep%202024%2009%3A56%3A49%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%225004%22%7D&isIframe=false&m=%7B%22description%22%3A%22Synack%E2%80%99s%20Attack%20Surface%20Discovery%20provides%20insight%20into%20unknown%20and%20often%20untested%20assets%20that%20belong%20to%20your%20organization%20to%20close%20security%20gaps.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%5Ct%5CtMind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack%5Ct%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&pageViewId=dbf6b0cc-ccf4-40c9-86c6-5fea3eec79db&an_uid=0&webTagId=e625e662-1b3e-4698-be5e-6fba78fa4914&v=1.1.24
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 09:56:50 GMT
x-content-type-options
nosniff
last-modified
Sat, 05 Jun 2021 07:56:05 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"60bb2e15-2b"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 06 Sep 2024 09:56:50 GMT
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-9891KWEZPK&gtm=45je4940v892239364z876206402za200&_p=1725616603543&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1936826387.1725616605&ul=it-it&are=1&frm=0&pscdl=noapi&_eu=AAAI&_geo=1&_rdi=1&_s=2&sid=1725616605&sct=1&seg=0&dl=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&dt=Mind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack&en=6sense&_et=635&up.annual_revenue=&up.country=Italy&up.domain=&up.employee_count=&up.employee_range=&up.industry=&up.is_blacklisted=false&up.naics=&up.company_name=&up.revenue_range=&up.zip=&tfd=8265
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9891KWEZPK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 09:56:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.synack.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
img.gif
b.6sc.co/v1/beacon/
43 B
257 B
Image
General
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=5ae522a995af66cfd213a9411fe4ce6a&svisitor=null&visitor=df39ff55-576c-48ac-831d-7e403894430f&session=e1213231-a50f-4fc4-8bd5-517f7f1a6cf7&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2006%20Sep%202024%2009%3A56%3A51%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2006%20Sep%202024%2009%3A56%3A50%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%226005%22%7D&isIframe=false&m=%7B%22description%22%3A%22Synack%E2%80%99s%20Attack%20Surface%20Discovery%20provides%20insight%20into%20unknown%20and%20often%20untested%20assets%20that%20belong%20to%20your%20organization%20to%20close%20security%20gaps.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22%5Cn%5Ct%5CtMind%20the%20Gap%3A%20Attack%20Surface%20Discovery%20and%20PTaaS%20%7C%20Blog%20%7C%20Synack%5Ct%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&pageViewId=dbf6b0cc-ccf4-40c9-86c6-5fea3eec79db&an_uid=0&webTagId=e625e662-1b3e-4698-be5e-6fba78fa4914&v=1.1.24
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.synack.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 06 Sep 2024 09:56:51 GMT
x-content-type-options
nosniff
last-modified
Sat, 18 Feb 2023 00:49:36 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f020a0-2b"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 06 Sep 2024 09:56:51 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.synack.com
URL
blob:https://www.synack.com/18f1ad48-3d9a-4035-921f-c419423ee0f3

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| _wpemojiSettings function| jQuery function| gtag object| dataLayer function| OptanonWrapper string| _root object| hubspot object| HubSpotForms object| hbspt object| hsFormsOnReady object| webpackChunksynack function| clearImmediate function| setImmediate object| regeneratorRuntime object| gsapVersions object| _gsap function| _scrollTop function| _scrollLeft object| twemoji object| wp string| QualifiedObject function| qualified boolean| _q_widgetInitialized string| _q_lastClientActivityAt object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| postscribe object| google_tag_manager_external function| processEpsilonData string| epsilonName boolean| enabled function| callback number| version object| _6si string| _linkedin_data_partner_id function| setCookie function| getCookie object| truth object| utms object| views number| seconds number| el function| incrementSeconds number| cancel object| pages object| yt function| checkCookieText object| markerConfig object| __Marker object| Marker object| zi string| ZIProjectKey function| onYouTubeIframeAPIReady object| gaGlobal string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| GooglebQhCsO boolean| _storagePopulated function| lintrk boolean| _already_called_lintrk object| Optanon object| OneTrust object| importMarkerV3ChunkJSONP object| gaplugins object| gaData object| _hsp object| platform boolean| PIXELS_RAN object| enabledEventSettings object| _hsq object| hsCtasOnReady object| __PRIVATE__HubspotCtaClient object| hsCallsToActionsReady object| __hsWebInteractiveInstance object| hsConversationsOnReady object| HubSpotCallsToActions boolean| hubspot_web_interactives_running function| sanitizeKey boolean| _hstc_loaded object| __hsCollectedFormsDebug object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran object| ORIBILI object| _linkedin_data_partner_ids boolean| _hstc_ran string| __hsUserToken number| expireDateTime object| zitag object| ZILogs function| loadZILogs function| errorHandler object| ziws

32 Cookies

Domain/Path Name / Value
.hsforms.net/ Name: __cf_bm
Value: z7COW3khHSckVhLcDvVtuVBs_FL7yRza0vIni19.7aw-1725616603-1.0.1.1-jyo.IURbk41Ne3u2_wOzMksptBILscMKIEfsrzx3Qrljs1tNfbyC1NgLSLTszwAMRugHo533mtf8JQbR4jDL6Q
.synack.com/ Name: _gcl_au
Value: 1.1.1680191689.1725616605
.synack.com/ Name: pageView
Value: 1
.synack.com/ Name: visited
Value: true
.synack.com/ Name: syn
Value: {"firsttouch":{"LeadSource":"none","LeadMedium":"none","LeadType":"none","LeadName":"none","LeadCampaign":"none","Referrer":"Direct","LandingPage":"https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/"},"Journey":{"PageviewCount":"1"}}
.synack.com/ Name: _ga_XVS579G3KG
Value: GS1.1.1725616605.1.1.1725616605.60.0.0
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
www.synack.com/ Name: _an_uid
Value: 0
www.synack.com/ Name: _gd_visitor
Value: df39ff55-576c-48ac-831d-7e403894430f
www.synack.com/ Name: _gd_session
Value: e1213231-a50f-4fc4-8bd5-517f7f1a6cf7
.synack.com/ Name: _ga
Value: GA1.2.1936826387.1725616605
.synack.com/ Name: _gid
Value: GA1.2.655344221.1725616605
.synack.com/ Name: _gat_gtag_UA_38714717_1
Value: 1
.synack.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Fri+Sep+06+2024+11%3A56%3A45+GMT%2B0200+(Ora+legale+dell%E2%80%99Europa+centrale)&version=202211.2.0&isIABGlobal=false&hosts=&consentId=80c70747-c9b5-4a53-8d0c-76d32ac190b9&interactionCount=0&landingPath=https%3A%2F%2Fwww.synack.com%2Fblog%2Fmind-the-gap-attack-surface-discovery-and-ptaas%2F&groups=C0002%3A0%2CC0003%3A0%2CC0005%3A0%2CC0004%3A0%2CC0001%3A1
.synack.com/ Name: _ga_9891KWEZPK
Value: GS1.1.1725616605.1.0.1725616605.0.0.0
.linkedin.com/ Name: bcookie
Value: "v=2&1f398111-4f9c-4bd1-8917-6765117fd57d"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MjU2MTY2MDY7MjswMjE9pE0vOUEPLQ5OHV2vKydvpPupyLyuDCOLd4/Q8+MlWg==
.linkedin.com/ Name: lidc
Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2875:u=1:x=1:i=1725616606:t=1725703006:v=2:sig=AQElxkF2-9Mqn92FJdMwBD7Fy0mAmfgS"
www.synack.com/ Name: marker_id_658b4fb8b7e171793487157e
Value: 2ebd3c1b-d851-48ad-a6d3-728d785915ec
.hsforms.com/ Name: __cf_bm
Value: 6hjdRyDZ6ZpxlmwKNHUoFf38R8AW4bQTjsViN.yIUTQ-1725616606-1.0.1.1-93.N3GLMlH0sYk8jbwOnAANuIBWLBNojk2KUjc53VColljHknwKrsO0FiAoXYf7_1onCB8Fxx.64E2fUyCAwZw
.hsforms.com/ Name: _cfuvid
Value: EmpFW1s2Qpbq6VmYHMPduWMwAdlDOXnZgdyQRe__ceY-1725616606912-0.0.1.1-604800000
.doubleclick.net/ Name: IDE
Value: AHWqTUkFESBEFgGK77JjllDoQiRpchff_tuSKAuMWgfzoAJaI6rf-pG8UrT-gmFn
.synack.com/ Name: __hstc
Value: 224438085.b8ff4b806f5ab2c4dfe532bc3d10ad4b.1725616607194.1725616607194.1725616607194.1
.synack.com/ Name: hubspotutk
Value: b8ff4b806f5ab2c4dfe532bc3d10ad4b
.synack.com/ Name: __hssrc
Value: 1
.synack.com/ Name: __hssc
Value: 224438085.1.1725616607194
.synack.com/ Name: __q_state_wMSIsrvzp9xgEeyW
Value: eyJ1dWlkIjoiOGUwNTU0YzktNjQ3MS00YmVlLWEwOTEtM2ExMjM3YzM0NTA5IiwiY29va2llRG9tYWluIjoic3luYWNrLmNvbSIsImFjdGl2ZVNlc3Npb25JZCI6bnVsbCwic2NyaXB0SWQiOiIxMzgwNzc2NTMxMTU0NjY1NjY1IiwibWVzc2VuZ2VyRXhwYW5kZWQiOmZhbHNlLCJwcm9tcHREaXNtaXNzZWQiOmZhbHNlLCJzdGF0ZUJ5U2NyaXB0SWQiOnsiMTM4MDc3NjUzMTE1NDY2NTY2NSI6eyJkaXNtaXNzZWQiOmZhbHNlLCJzZXNzaW9uSWQiOm51bGx9fSwiY29udmVyc2F0aW9uSWQiOiIxNDc3NDQ4NTUyODc3NzAzNDE1In0=
.hubspot.com/ Name: __cf_bm
Value: .deggAOlbbu9k0AbpEbtPLdSx.Ck.wgf6XEneRtHn5s-1725616607-1.0.1.1-0r3lOBus3LxlGVZqvM4J0wRw7Mpx1ZGk1LaIJZhL1cgFPJikFukgs9T9MJx80Sah6UHs7QaFuehepTBIRydDGw
.hubspot.com/ Name: _cfuvid
Value: hqJx7DDVhenO1UDSdBM2orNv_3531.2KausvXdgEC6g-1725616607799-0.0.1.1-604800000
.www.synack.com/ Name: _zitok
Value: b44fa5c092db4ae1db951725616608
.zoominfo.com/ Name: __cf_bm
Value: h7Vkinrum1MefavVWrULGIhhY6T2HnZfhrhP7Xfi0M8-1725616609-1.0.1.1-B2z6mhJT5tuTVXSVzIlbgjdS6bFniIyoPFg9ZzXd.x0UZtg3pmjOe1iHAsMoOkNrwWUS094QTeqE2hUecIkBwQ
.zoominfo.com/ Name: _cfuvid
Value: Ir4mposkL.N_zKb6buL0NL1jDxMaBbl_HcW6B5HZb2s-1725616609706-0.0.1.1-604800000

28 Console Messages

Source Level URL
Text
security error
Message:
Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.
security error URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
worker error URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
worker error URL: https://www.synack.com/blog/mind-the-gap-attack-surface-discovery-and-ptaas/
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security error URL: https://www.googletagmanager.com/gtag/js?id=G-XVS579G3KG&l=dataLayer&cx=c(Line 216)
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security error URL: https://www.googletagmanager.com/gtag/destination?id=AW-AW-952412761&l=dataLayer&cx=c(Line 88)
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security error URL: https://www.googletagmanager.com/gtag/destination?id=AW-952412761&l=dataLayer&cx=c(Line 156)
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security error URL: https://js.qualified.com/qualified.js?token=wMSIsrvzp9xgEeyW(Line 2)
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security error URL: https://js.qualified.com/qualified.js?token=wMSIsrvzp9xgEeyW(Line 2)
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security error URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js(Line 6)
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security error URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js(Line 6)
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security error URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js(Line 6)
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security error URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js(Line 6)
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security error URL: https://edge.marker.io/latest/3.v2.15.0.d94e68f6b8a22e3b32c2.js
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security error URL: https://edge.marker.io/latest/3.v2.15.0.d94e68f6b8a22e3b32c2.js
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security error URL: https://edge.marker.io/latest/2.v2.15.0.f2fdbd0e05d6efcac7d3.js(Line 12)
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security error URL: https://edge.marker.io/latest/2.v2.15.0.f2fdbd0e05d6efcac7d3.js(Line 12)
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security error URL: https://edge.marker.io/latest/2.v2.15.0.f2fdbd0e05d6efcac7d3.js(Line 12)
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security error URL: https://edge.marker.io/latest/2.v2.15.0.f2fdbd0e05d6efcac7d3.js(Line 12)
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security error URL: https://edge.marker.io/latest/2.v2.15.0.f2fdbd0e05d6efcac7d3.js(Line 12)
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security error URL: https://edge.marker.io/latest/2.v2.15.0.f2fdbd0e05d6efcac7d3.js(Line 12)
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security error URL: https://js.hscollectedforms.net/collectedforms.js
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security error URL: https://js.hscollectedforms.net/collectedforms.js
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security error URL: https://edge.marker.io/latest/2.v2.15.0.f2fdbd0e05d6efcac7d3.js(Line 12)
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security error URL: https://edge.marker.io/latest/2.v2.15.0.f2fdbd0e05d6efcac7d3.js(Line 12)
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security error URL: https://edge.marker.io/latest/2.v2.15.0.f2fdbd0e05d6efcac7d3.js(Line 12)
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security error URL: https://edge.marker.io/latest/2.v2.15.0.f2fdbd0e05d6efcac7d3.js(Line 12)
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'
security error URL: https://www.googletagmanager.com/gtag/js?id=AW-952412761&l=dataLayer&cx=c(Line 156)
Message:
The Content-Security-Policy directive 'frame-ancestors' does not support the source expression '.saleshood.com'

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; frame-ancestors 'self' .saleshood.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.hubapi.com
api.marker.io
app.qualified.com
b.6sc.co
c.6sc.co
cdn.cookielaw.org
cta-service-cms2.hubspot.com
edge.marker.io
epsilon.6sense.com
fonts.googleapis.com
fonts.gstatic.com
forms.hscollectedforms.net
forms.hsforms.com
geolocation.onetrust.com
googleads.g.doubleclick.net
ipv6.6sc.co
j.6sc.co
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsforms.net
js.hubspot.com
js.qualified.com
js.zi-scripts.com
perf-na1.hsforms.com
px.ads.linkedin.com
secure.adnxs.com
snap.licdn.com
stats.g.doubleclick.net
td.doubleclick.net
track.hubspot.com
ws.zoominfo.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.synack.com
www.synack.com
104.16.111.254
104.16.117.116
104.16.117.43
104.16.141.209
104.16.160.168
104.17.223.152
104.18.141.119
104.18.16.5
104.18.244.108
104.18.80.204
104.18.87.42
104.19.175.188
13.107.42.14
13.248.142.121
141.193.213.21
142.250.184.194
142.250.185.206
142.250.185.66
142.250.186.162
142.250.186.168
172.217.16.196
172.217.18.3
172.64.147.16
172.64.150.44
172.64.155.119
172.67.70.243
184.24.77.20
2.17.100.184
216.58.212.138
216.58.212.142
35.170.94.36
37.252.171.149
64.233.167.157
03b35fa68723bee214d6d22f10bb307f2e9b829031ff7a9b1e3fccd818097dcf
0592b259f7c8f5cbc1b2045cba88d8fd68613256b4a537960ac5f3423cda69c1
059b77025c02623999e7524b737287072bd2dbb42c1652f70a4020338b1e5f21
1b16993de3c2b48ce2e592a524fc27cda65b89808d62c5927c7b62b1a4dc409c
1bab9c40c898baff0cfd990efd38181005fddaed94402732b0e92708b05d2726
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
2078776d6f374fb6a40f82c3b53d2258841f86e76f1323e3a45955c9f75b58ee
22e999690564c5c0dfa82424c1253fb6062f8cf1d9487eda9aebab07e01144b9
23ba89ab90e39bad03d966a8080e150db8c75187d5accccb304b2e116609cb7b
2482c747cff537e03428864e3fd3cf8a80d1339ebbf95ea7ecf8df4a5e5dfcc8
258f9f1b553bb57419619f41d3b1445226c7bc63d2a3409efef4a68426709e94
2b840ccb15d3d1e2aba4b223ea4b89b7ea234376d5968508083177671f23ecd0
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
35c2419e3070f78947f1bbe39fe1e42380876957985da94f9905cfa6bfe1128e
3641dd2578254a4c6b528f9e060dd2bb2812134c4bfe7db41744a14e9284f0fd
3afd5cb1c9a449869bcb73939fcbace93f9dfc1aecd15c5ae86edcd6c8fdfb3c
3b1ea6cd586a8e44d9387d438c1bf23a83200feea1da2f21ee8097c14e64bb33
40c8084ce459211c73bf91eaa18b6152cc5fc9e29245dcec381da35ee51334b0
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4629e7eed4a660b76c09839a21d6a4a9268b7364ea38d17abf8960d606ab83bc
492d00e4a4110b712efd91a46f205045b2f207df8bc960be6f46b0964107f7cd
49582965b8ddcb8f728f5b4d33b2c73e138690f5c6815bd9918de94f62f4b80b
4d2bcb574a8847ce3950feafa475c5de4d780c2321d5ec7894880f348008d0c9
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
4f9a33e1d985d652eec5b794d5520a7eb4527f45b13883f398892780f201e06e
50377d1d3e7dcb2c8298feb8d2505099df1957e3700a358b993b4cf443fd36e8
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53c7184a496de140179411b078803cf05e88b506583947870a6d050f723b85e1
5e478aa5a84ca62d2450fbe0cedf13085f987dc1c3c4b30e8683701f20a4aadd
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
62b923702c6d24624ee9cf74c73488d1c4ba68649d9cce6a63b91e5bccd29a16
662909c49c1ce344adeac34addace8b0824701d47cf5fb3fe1fcc7cd1fdb4fb5
662df1769f7c2697922fefa3ae69b72cded6313ac635685f1d5371ec72d58a12
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6964d03a8ab5896300c3dd5cb3fc6fa302ef3d1b5453d2021282038af12e5679
69f9f19bd433b1317c2e2adf4b0d99a7655e6d878b35a970a5311227c6ad0a04
6aa239d420942e368db4ad395183c982821dc171f45592312eb05717f0a48e0d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d23492bdf2468bd59c6e3437e4b2f3eac9b3e49a362f5b692a7e8d520d0b06e
6d32ffc818e7296c00cb04e2efc4c3fbcc3ad6dcf7e386e9a03fd84b535da520
70c187c27c25d4f67346e9d8efb6915f28204baf6e26b84bba6ccdc5bb470712
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
77ae82e50807147cbbe51b2516821c6ad183d0a8751f8a16f4d1a973b24682ed
77b8595b688ffd0297d0c6a51090ba03399a8f750fee8f46e1f83919f5e0a469
7b8487412015c87df70a04ab7dd4a2b816897d483512a0cb1eab01045232385a
7d6b395e1fc4e9ec3dc878c3d6c4141c2ef632bb53fe87143988977c746ff30d
7fb8f6d0827dcad48a533aea98c516d939dcafb91610bc351c83a2b775a53bc2
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8d0984ab99052526b5012f34d8784261f737548ca3b3f976d8678f7f103d00c1
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
9b6a00ee6dc92a5540d44fe4c46dc4a7ef801c8cb2fcc0bde20cc0ff82296977
9ef61d1693b6a3aa88605f051f2acc6522cfea5f53937eca31ead29cdfb5b557
a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f
a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e
a49e96e81e017345e3e0a0c818021f6a159fc6751c55168a9b8f325e8425bc7a
a5141aa2cbb1361e5852ed97c43c449fb6824bbacc196d828b33a2b4130200b2
aea136527ca962a15eea8eb338c7667b5a44d98bff65dc09a36f5493ddbacb99
aee3a1ac4a8a058037f6a49fe3f1c8592c797f7872958e57526011de14ab9436
b285d921093f27e5ab892c052f60d465383c6072300faf20ac3028628f889f61
b317df5e031bd027cf564feae4589bdccf44929cea1ee7bbeb7cdd3b80ff95ed
b83b1acd67f31a30aa8cc887f269ede90e26aab6c57eb86327d12b495d7517a4
c245353d95438f833c87f58ad0a8f82f3d110bd5219e7476c6494df671b80e18
c78fab07d4ee469def66170220968c4e790992e5adc971a34edc7eabc695e79f
c7ff85cb826707eb89d6960662e92719bd974084483cb7bef727ee90ed13a1d1
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d8a9fe9b6fcab17a668d6c07d6addc7c44b8083ad9e7044da40a02c638f38cdc
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e779904e434d50e426e79dfac680cdb8a04564e67121c257974278a02979e407
eeecc1c14b175e0226295f130c6121ddf605878b3489fd61181911c17c9b2a74
eef746cbe8cff099ec359a005011e2e39ec4b64b838ed428f2a66632ce568dee
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f212e942ac33fd93669f03a55e2c0192224cdb6870b376fac8d3c5255cd01225
f2257ecae3d22c703a36089996962128138034931396b59d6ce0e302c485cd62
f24fcf0b9f703388dc47b2fbefa7cca040802fda7de87a4244c8e1d230450578
f4c1ede221e5a8c35e065eeb52baba4564aa19a3f441b0e3e56535714155dc85
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
ff66dd8c4052928d0aef689ba10b94d8cef0b91e918a11fae297d453e062a8f2
ffa26c1e29a1439ff072c1fe246f6cb68cbdf255da969f705c7d7b91ad75d785